funsec mailing list archives

Re: Microsoft: Vista feature designed to 'annoy users'

From: "Larry Seltzer" <larry () larryseltzer com>
Date: Fri, 11 Apr 2008 17:08:00 -0400

Good. I don't know another way to get people out of the administrator
mode trap.

 

If you're so lazy and careless you can turn off UAC or run with it as
Administrator, in which case you just have to press a button instead of
entering credentials.

 

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blogs.pcmag.com/securitywatch/
Contributing Editor, PC Magazine
larry.seltzer () ziffdavisenterprise com

________________________________

From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
On Behalf Of Richard M. Smith
Sent: Friday, April 11, 2008 4:21 PM
To: funsec () linuxbox org
Subject: [funsec] Microsoft: Vista feature designed to 'annoy users'

 

http://www.news.com/Microsoft-Vista-feature-designed-to-annoy-users/2100
-1016_3-6237191.html?tag=nefd.top

 

SAN FRANCISCO--A Microsoft manager has said that one of the security
features in Vista was deliberately designed to "annoy users" to put
pressure on third-party software makers to make their applications more
secure. 

David Cross, a product unit manager at Microsoft, was the group program
manager in charge of designing User Account Control (UAC), which, when
activated, requires people to run Vista
<http://www.news.com/8301-13860_3-9905831-56.html>  in standard user
mode rather than having administrator privileges, and offers a prompt if
they try to install a program. 

"The reason we put UAC into the (Vista) platform was to annoy users--I'm
serious," said Cross, speaking at the RSA Conference
<http://www.news.com/RSA-2008-Blanketing-security/2009-7355_3-6236457.ht
ml>  here Thursday. "Most users had administrator privileges on previous
Windows systems and most applications needed administrator privileges to
install or run." 

Cross claimed that annoying users had been part of a Microsoft strategy
to force independent software vendors (ISVs) to make their code more
secure, as insecure code would trigger a prompt, discouraging users from
executing the code. 

...

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Microsoft: Vista feature designed to 'annoy users' Richard M. Smith (Apr 11)
- Re: Microsoft: Vista feature designed to 'annoy users' Larry Seltzer (Apr 11)
  - Re: Microsoft: Vista feature designed to 'annoy users' Blue Boar (Apr 12)
    - Re: Microsoft: Vista feature designed to 'annoy users' Rob, grandpa of Ryan, Trevor, Devon & Hannah (Apr 12)
    - Re: Microsoft: Vista feature designed to 'annoy users' Blue Boar (Apr 12)
    - Re: Microsoft: Vista feature designed to 'annoy users' Rob, grandpa of Ryan, Trevor, Devon & Hannah (Apr 12)
    - Re: Microsoft: Vista feature designed to 'annoy users' Valdis . Kletnieks (Apr 12)
    - Re: Microsoft: Vista feature designed to 'annoy users' Rob, grandpa of Ryan, Trevor, Devon & Hannah (Apr 12)