Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: RE: Vista "complaints"
From: Pal Spam (tcvxtaconvino.cl)
Date: Wed Feb 28 2007 - 07:01:23 CST
Just to rescue a couple of points. After reading about UAC and finding
really interesting phrases like "UAC is not a security boundary" and
"Users cannot be patched", I'd like to rescue a couple of points:
- UAC... well, is just that: User Account Control. Trying to broaden
its scope is just plain silly. Trying to get it to do things it was
not designed for is another issue.
- As has been said from immemorial times, the most secure operating
system always has a flaw: invariably it's sitting in front of the
The point is: no matter how restrictive UAC gets, a user can still
"hack" himself. No "magic" needed for that. If UAC implements a
function to electrocute the user every time they install some
dangerous Tetris game, they will just learn how to hit the keyboard
with a stick, and still install it.
Maybe some thought should be given to the "install" process. All this
fuzz begins with installing Tetris in Admin mode. Yes, this has to be
done in admin mode because of shared DLLs, shared registry keys,
shared folders, shared... maybe the problem begins here. It's clear
that UAC does nothing to solve this, but that is because it was never
meant to do so. Although, it's also clear that issuing warning
messages for almost every action is hardly the way to go, IMO.
Just a little something to add to the discussion (and to keep Thor
Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak
I'm assuming this one also qualifies as a "magic hack". Your thoughts
are, as always, appreciated.