[LINK] Re: Windows XP versus Vista

Rick Welykochy rick at praxis.com.au
Sun Jan 27 10:39:32 AEDT 2008 

Johann Kruse wrote:

>> and it would take an expert eye to avoid installing it by mistake,
>> since *system level software* can be installed on Windows XP without
>> changing your access permissions: you *are* the admin in WinXP.
>> In this case, they simply click "OK" to a dialogue warning them
>> about spyware that should be removed pronto. Suckers!
> 
> XP, yes - which is why Vista has UAC.

Look before you leap. A little research goes a long way to understanding
the reality behind Microsoft's marketing of UAC. Yet another attempt by
MS to copycat (Apple in this case), but it is already failing.

Google for "uac vista problems" turns up some 64,000 hits.

Gems such as the following:

[1] "Microsoft employee, John Howard, found that he needed to turn
     off UAC to get Microsoft’s own Money 2005 working under Vista.
     He writes…

        The workaround, it turns out, is relatively simple.
        However the symptoms above give no indication of the
        problem directly. What you need to do is turn off UAC
        (User Account Control).

     He recommends turning UAC back on after fixing the problem,
     but when users need to do this more than a couple of times
     to get a usable system, they will just leave it turned off."


[2] "How Vista recognizes installer executables? It has a compatibility
    database as well as uses several heuristics to do that, e.g. if the
    file name contains the string “setup” (Really, I’m not kidding!).
    Finally it looks at the executable’s manifest and most of the modern
    installers are expected to have such manifest embedded, which may
    indicate that the executable should be run as administrator."

Also, the UAC is implemented in the registry via the IL scheme. All an
attacker has to do is screw with the registry (sound familiar?) by
phishing.

And from the same article:

[2] "One simple scenario of the attack is that a malicious program,
    running at Low IL, can wait for the user to open elevated command
    prompt – it can e.g. poll the open window handles e.g. every second
    or so (Window enumeration is allowed even at Low IL). Once it finds
    the window, it can send commands to execute… Probably not that cool
    as the recent “Vista Speech Exploit”, but still something to play
    with ;) It’s my feeling that there are more holes in UAC, but I will
    leave finding them all as an exercise for the readers..."

[3] "Natalya Kaspersky, the company's chief executive, said that without
     UAC, Vista will be less secure than Windows XP SP2."

A quick read of the headlines produced by the google search is enough
to raise eyebrows. UAC interferes with printers, MS Office 2007 (!),
MS Money (see above), and yup, hardware evice drivers.

UAC is yet another attack vector into Windows. This time it is more
insidious since the hapless luser has a false sense of security since
she is running UAC! What could go wrong? Given Microsoft's track record,
everything can go wrong, e.g.

[4] Microsoft Endorses Product That Turns Off Vista UAC Nags - third
party products are emerging to deal with the nagging(!)  And this:

    "It is the Vista feature which Apple so successfully parodied in one
     of its "I'm a PC" ads earlier this year: the part of User Account
     Control which asks the user to "Cancel" or "Continue," so that a
     task may run under elevated privileges. Alternately, Vista can be
     set up so that the user is asked to supply an administrator
     password - instead of just clicking on "Continue" - before any
     process is run that requires highest-level privileges.

     Many users don't quite get it: Why would Vista keep asking permission
     over and over and over, even if it's just having the user click on
     a button?"

[5] And "Vista's UAC Warnings Can't Be Trusted, Symantec Says".

And so it goes.

I turned up this information in a matter of minutes, learning far more
than I wanted to (urgh). Further research will no doubt blunt enthusiasm
for this to Vista.

It appears that you have to provide a password to satisfy UAC, but that gets
tiresome. You can configure the thing to just accept an "OKAY" button click.
When that gets repetitive and boring, you can turn it off. Users will be
disabling UAC toute suite!

In Mac OSX, OTOH, the security of an install is simple: you *have to* type in
a username/password to install software. And you cannot disable it. And there
are no exceptions, variations, spoofs, etc.

cheers
rickw

references:

[1] http://beta.amanzi.co.nz/2006/11/13/microsoft-turn-off-vistas-uac-to-fix-problems/
[2] http://theinvisiblethings.blogspot.com/2007/02/running-vista-every-day.html
[3] http://www.zdnet.com.au/news/software/soa/Microsoft-partner-Vista-less-secure-than-XP/0,130061733,339274261,00.htm
[4] http://www.betanews.com/article/Microsoft_Endorses_Product_That_Turns_Off_Vista_UAC_Nags/1187970563
[5] http://www.pcworld.com/businesscenter/article/129268/vistas_uac_warnings_cant_be_trusted_symantec_says.html



-- 
_________________________________
Rick Welykochy || Praxis Services

Any sufficiently advanced technology seems like magic.
      -- Arthur C. Namesake

More information about the Link mailing list