F
Frank
I no longer waste my time with Linux cause Linux is a hobby oss thatKerry said:
quickly turns into a job.
I have a job.
I don't run anything as administrator on a regular basis.
Frank
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
quickly turns into a job.
I have a job.
I don't run anything as administrator on a regular basis.
Frank
M
MICHAEL
Kerry Brown said:I was using Linux as an example. Linux is generally regarded as more secure than Windows.
Only foolish users run Linux as root. They are generally scorned by most in the Linux
community. When using almost all OSs other than Windows no one uses a root/administrator user
for every day use. It is time for Windows users to join the rest of the world. Even if you
have all the best protection, firewalls, anti-malware, turn off services, whatever, there
exists the possibility of a zero day exploit hitting you. The .wmf and .vml exploits prove
this. Running with lower privileges mitigates the problem to a very large degree. The world
is full of compromises which one must accept in the name of risk management. Do you ride a
motorcycle with no helmet, drive your car with no seat belt, or jump out of airplanes with no
parachute? Each of us has an ego. Our ego determines what risks we will accept. When the
risks that you take affects people other than yourself then other people have a right to
object. Windows users have been the scourge of the Internet and caused untold problems and
financial losses because they run with administrator privileges all the time. How many
botnets of Linux or OS X do you see? If their users ran as root they would be exploitable
just like Windows. Microsoft is as much to blame as the users because they have fostered this
culture. Vista is an attempt to fix it. With Vista you have just as much control as you ever
had with Windows. How you access and use that control is different. The easiest way to keep
the built in security and not be annoyed is to run as a standard user. When you need elevated
privileges use "Run as administrator". You will have to enter a password once then the task
will run without repeated UAC prompts, very much like other "more secure" OSs. Occasionally
you will need to do some maintenance that would be easier logged in as administrator. Reboot
into safe made with an administrator account. This is the way the rest of the computing world
works. If Windows doesn't change to this or a very similar model malware will only get worse
and eventually everyone will switch to an OS that does use this model.
One more time- I don't give a shite about Linux!
You simply don't get it, Kerry. All Microsoft would need to do is make
a few changes, add a few options. For instance- the level of security,
would determine how many prompts you get. I wouldn't mind having a
setting that monitors nothing but installs. A setting that covers certain
registry writes and install/uninstall attempts. I absolutely do not need to
be prompted about the gazillion other things that UAC has an aneurism over.
High, medium, low. Each setting containing certain aspects- 'High' being
the level where you are prompted after each fart, burp, or sneeze. Seems,
it has to be all or nothing- that's "ego", bubba.
You talk about compromise- I see none from Microsoft over this issue.
If Windows doesn't change to this or a very similar model malware will only get worse and
eventually everyone will switch to an OS that does use this model.
Bull. The day that the sun burns out and Hades freezes over- that'll
be the day scores switch over to Linux. I can tell you what will happen-
UAC will be one reason that adds to the list of why scores don't switch
over from XP to Vista. Just wait and see.
-Michael
K
Kerry Brown
MICHAEL wrote:
<snipped as it's irrelevant to this post>
Have you tried running Vista as a standard user instead of as an
administrator?
<snipped as it's irrelevant to this post>
Have you tried running Vista as a standard user instead of as an
administrator?
M
MICHAEL
Kerry Brown said:MICHAEL wrote:
<snipped as it's irrelevant to this post>
Have you tried running Vista as a standard user instead of as an administrator?
Yes, but only for testing purposes. My computers are only
used by me- there is no need for my computing experience
to constantly be limited by a Standard User account. Or, by
the overly restrictive nature of UAC protection. I want to get
things done and *not* have my computer question every action
that I take. Would I mind a little bit more protection? Sure. For
certain things. However, as of now, UAC is an all or nothing piece
of uncompromising fearware.
-Michael
K
Kerry Brown
MICHAEL said:Yes, but only for testing purposes. My computers are only
used by me- there is no need for my computing experience
to constantly be limited by a Standard User account. Or, by
the overly restrictive nature of UAC protection. I want to get
things done and *not* have my computer question every action
that I take. Would I mind a little bit more protection? Sure. For
certain things. However, as of now, UAC is an all or nothing piece
of uncompromising fearware.
-Michael
Can you give me a reason (other than "because I know what I'm doing dammit")
why you wouldn't continue to run as a standard user? What do you need to get
done several times a day that requires administrator privileges? I use my
Vista test machine several hours a day in a normal work environment using
Outlook 2007, doing web development, surfing the net researching things,
listening to music streamed from one of my other computers, using Remote
Desktop to administer several servers over the Internet, copy files to my
server for backups and archiving, word processing with Word 2007, Excel
2007, access newsgroups with Windows Mail, access some eLearning courses on
the Internet, etc. etc.. All this is done as a standard user. The only time
I need elevated privileges is on boot up for a SBS 2003 logon script. Once a
week or so I run Disk Cleanup and Defrag via Run as administrator. It's not
that much of an inconvenience.
F
Frank
I'd sure like to know what the MS marketing guys think and have to sayKerry said:Can you give me a reason (other than "because I know what I'm doing dammit")
why you wouldn't continue to run as a standard user? What do you need to get
done several times a day that requires administrator privileges? I use my
Vista test machine several hours a day in a normal work environment using
Outlook 2007, doing web development, surfing the net researching things,
listening to music streamed from one of my other computers, using Remote
Desktop to administer several servers over the Internet, copy files to my
server for backups and archiving, word processing with Word 2007, Excel
2007, access newsgroups with Windows Mail, access some eLearning courses on
the Internet, etc. etc.. All this is done as a standard user. The only time
I need elevated privileges is on boot up for a SBS 2003 logon script. Once a
week or so I run Disk Cleanup and Defrag via Run as administrator. It's not
that much of an inconvenience.
about the way UAC is currently being foisted on users.
Also I'm really curious as to how it will ultimately be integrated into
Vista.
Hopefully, if it starts to cut too deeply into the golden goose (re:
slow sales) someone with authority (and balls) will take the appropriate
action (re:bury it!).
Frank
M
MICHAEL
Kerry Brown said:Can you give me a reason (other than "because I know what I'm doing dammit") why you wouldn't
continue to run as a standard user? What do you need to get done several times a day that
requires administrator privileges? I use my Vista test machine several hours a day in a
normal work environment using Outlook 2007, doing web development, surfing the net
researching things, listening to music streamed from one of my other computers, using Remote
Desktop to administer several servers over the Internet, copy files to my server for backups
and archiving, word processing with Word 2007, Excel 2007, access newsgroups with Windows
Mail, access some eLearning courses on the Internet, etc. etc.. All this is done as a
standard user. The only time I need elevated privileges is on boot up for a SBS 2003 logon
script. Once a week or so I run Disk Cleanup and Defrag via Run as administrator. It's not
that much of an inconvenience.
Because it's my computer and that's the way I want it, dammit.
-Michael
R
Rock
MICHAEL said:"Ego"? What a load of crap. I reckon, that's an expected comment
from Microsoft lackeys.
If it was about "ego", then I'd bet most of us wouldn't run an AV, a
firewall,
use a router, make sure they keep their machines updated, or use
spyware protection. No, it couldn't possibly have anything to do with
the fact that UAC is a completely distracting, obtrusive, and extremely
annoying "feature"- as annoying as any pop-up advertising that once
plagued users. Luckily, this fearware can be turned off.
-Michael
To paraphrase someone, Michael what a load of crap.
R
Rock
Ok, just ask yourself a few simple questions:
1) has my computer/network security hardware/software firewall been
compromised over the last 15 yrs?
2) has my computer/network been infected by any virus or trojan horse over
the last 15 yrs?
In my case-no. I run hardware and software firewalls, anti-virus and
internet security software.
So why do I need to be irritated, trained and become a slave to UAC?
Simple answer-I don't.
Do you?
Frank
I am a highly trained auto driver, high speed, collision avoidance, pursuit
driving. I haven't been in a major car accident my whole life though I
have been to plenty. I still drive defensively, sure do wear a seat
belt/shoulder harness, drive a car with airbags and anti-lock disk brakes,
and love all the new safety features in cars.
Defense in depth is important. The malware authors are getting smarter, and
I am not so egotistical that I can't modify the way I work to take advantage
of the new security tools. When I need to, I disable, then I re-enable. I
use a standard user account for much of what I do, but it's certainly easy
enough to switch UAC off or go to a administrative level account when
needed.
If you don't want to use UAC fine, don't. It's your prerogative. But
don't be making statements about what all competent computer people will do
or what is useful for the average computer user. There will certainly be a
learning curve. Some will ride it out, as they did when the switch to a
graphical environment occurred, and others will disable it and come crying
because they got infected. Oh well. That's too bad. But slowly the
paradigm shift will happen.
F
Frank
Well the great thing is, I can turn the POS off!Rock said:A software firewall such as Zone Alarm is only one part of a security in
depth approach. Software firewalls can be disabled, negated, or
bypassed. Don't be putting too much faith in your Zone Alarm. It takes
a variety of steps to keep a system safe. I do get a chuckle when
people pound their chest and say how good they are at keeping their
system safe. Especially when their main support in that allegation is a
reliance on a free software firewall. A software firewall is useful but
it's not everything.
Of course if I can so can/will some hacker and some unsuspecting squid
will be at the mercy of...everyone....
Ignorance is bliss. At least I know where I am.
Frank
F
Frank
Rock wrote:
.... and others will disable it and come crying because they got infected...
-------------------snip--------------------------------------------------
Oh, all those who got infected before UAC will not get infected after UAC?
And those of us who never got infected before UAC will now get infected
if we disable UAC?
Shit, that's not even good garage logic!
Keep drinking evian and ever so often hold the bottle up to a mirror.
Frank
.... and others will disable it and come crying because they got infected...
-------------------snip--------------------------------------------------
Oh, all those who got infected before UAC will not get infected after UAC?
And those of us who never got infected before UAC will now get infected
if we disable UAC?
Shit, that's not even good garage logic!
Keep drinking evian and ever so often hold the bottle up to a mirror.
Frank
R
Rock
Frank said:Rock wrote:
... and others will disable it and come crying because they got
infected...
-------------------snip--------------------------------------------------
Oh, all those who got infected before UAC will not get infected after UAC?
And those of us who never got infected before UAC will now get infected if
we disable UAC?
Shit, that's not even good garage logic!
Keep drinking evian and ever so often hold the bottle up to a mirror.
Frank
Actually the problem is in what conclusions you drew from what I wrote.
Seems you don't comprehend very well.
R
Rock
Frank said:Well the great thing is, I can turn the POS off!
Of course if I can so can/will some hacker and some unsuspecting squid
will be at the mercy of...everyone....
Ignorance is bliss. At least I know where I am.
Frank
Blissful for sure!
F
Frank
Rock said:Actually the problem is in what conclusions you drew from what I wrote.
Seems you don't comprehend very well.
Wrong. I didn't draw any conclusions, I sighted therefore's.
Get another bottle of evian.
Frank
R
Rock
Frank said:Wrong. I didn't draw any conclusions, I sighted therefore's.
Get another bottle of evian.
Frank
I don't drink evian, not that it matters. You drew the conclusions. That
you don't comprehend is the point.
M
MICHAEL
Rock said:To paraphrase someone, Michael what a load of crap.
Will it be Microsoft's position that if a user operates
with UAC protection on, that they can disable some
other layer of the mega multi-layer defense of Vista?
Layer upon layer upon layer of "protection". It's just
too much.
Last time I read, email borne viruses accounted for
over 50% of all infections. Then because of those
infections, another large percentage of users were
infected when those critters setup shop on the infected
users' machines- scanning IPs for open ports to infect
other computers. This vector of attack is so easy to
defend against, I can't believe it is still a problem. It
seems "Don't open attachments" means nothing to folks.
With a firewall and/or a router, you won't have any ports
to penetrate. Right there, over half of all infections are
knocked out- if common sense meant anything to some
users.
A growing number of users are being infected because
they are downloading crap over P2P networks. Some
of them probably deserve to be infected. Still others go
to shady sites, usually wanting something for free, and
download a payload full of critters.
What's funny are those folks who are infected because of IE,
just by going to a site. Many are infected after clicking some
popup box that implores them to do such and such, even
dismissing warning popups by IE. This is funny because it is
basically the same formula UAC uses- popup warnings. Easily
dismissed, easily mimicked, easily accepted, easily fooled.
I believe, for many, UAC will just add to the confusion of what
to do. Some devious fuks out there will make the most out of
UAC and the prompts- a little trickery and cleverness- they'll
have users clicking right through those prompts.
Folks, be careful with your email, lockdown IE, stay away
from crap sites, run an AV and a firewall. More than likely,
you will have an infection free computer experience. I can't
guarantee it, and neither can Microsoft- even with the annoying
arse UAC on. If they could, they wouldn't be trying to get you
to buy their AV, Windows OneCare. Would they?
If you just can't help yourselves, nor trust yourselves to make
the right decisions, or the internet is just too scary- operate your
computer in a Standard User account. Or, unplug it from the internet.
-Michael
K
Kerry Brown
Frank said:Rock wrote:
... and others will disable it and come crying because they got
infected...
-------------------snip--------------------------------------------------
Oh, all those who got infected before UAC will not get infected after
UAC? And those of us who never got infected before UAC will now get
infected if we disable UAC?
Shit, that's not even good garage logic!
Keep drinking evian and ever so often hold the bottle up to a mirror.
Frank
Frank
You and some of the others complaining about UAC obviously haven't spent
much time cleaning computers infected with malware. I spend several hours a
day cleaning infected computers. With most of them the user is a local
administrator. On a few the user is a standard user, either because of
strict parents or a corporate policy. The computers where the user was not
an administrator can always be cleaned, usually the infection is trivial.
At most the user profile needs to be deleted after saving their data. On the
computers where the user is an administrator it's a different story. Around
25% need a complete format and reinstall. The time spent to clean the other
75% is considerably more than the computers not run as administrator,
costing their owners much more to clean. Many of these computers are quite
well protected with a firewall, up to date antivirus, up to date
anti-spyware, etc. Malware changes so fast that all the protection in the
world doesn't help sometimes. You have repeated many times that you have
never been infected. Good for you. Statistically the chances of any one
computer being infected are quite low. If you use reasonable precautions the
chances are even lower yet. This does not mean you are invulnerable. I
expect that malware authors will find vulnerabilities in Vista if it becomes
popular. Because of the way Vista works, including UAC, it will be harder to
exploit the vulnerablilities and easier to clean up the damage after the
fact. If you want to take the risk of running without UAC it is your
computer, go ahead. Drive your car without a seatbelt, eat pork that's not
well done, life has risks. What risks you choose to take are mostly your own
business. What risks you encourage others to take without explaining what
the risks are to them is everyone's business. Blindly stating that UAC
should be the first thing you turn off is very poor advice for most people.
F
Frank
Kerry Brown wrote:
Blindly stating that UAC
Sorry Kerry, but I've been an ET for decades. I build and maintain my
companies and my personal computers and my relatives and a few friends
computers. I've cleaned numerous computers for relatives and friends.
UAC is the first thing I disable in Vista. What others do is their
responsibility.
Frank
Blindly stating that UAC
should be the first thing you turn off is very poor advice for most people.
Sorry Kerry, but I've been an ET for decades. I build and maintain my
companies and my personal computers and my relatives and a few friends
computers. I've cleaned numerous computers for relatives and friends.
UAC is the first thing I disable in Vista. What others do is their
responsibility.
Frank
F
Frank
Rock said:That you don't comprehend is the point.
You still don't get it. So lets just forget it, ok?
Frank
R
Rock
You still don't get it. So lets just forget it, ok?
Frank
You don't get it Frank. You don't understand or comprehend.