Yup, that's why security/protection based on layers is far much better than when we trust in only one app.
Here are the layers:
1. Prevention (HIPS, sandboxes, one session virtualization software, VM)
2. Detection (AV/AM/AS, Behavior Blockers, etc)
3. Cure (image backup software and data backup plan)
Of course no one tell you that you have to use eg. second layer in realtime, you can run it as on-demand scanner as well, only when you need it.
Argghh.....UAC was never designed to keep a system clean. It's effective purpose is to notify you, the admin, when something is happening which is effectively increasing your priviledge level to administrator. In and of itself, it does nothing to prevent something bad from happening. But if I happen to be using my computer, and some random program informs me that it wants to become admin and I'm not running that app...then I click on No to escalation and investigate what is going on. Other applications like AV, malware checkers and the like do not perform this function.
Yeah, but the majority of other users of Windows XP whose systems have been completely compromised (sometimes without the end-user having any idea)....probably do need this extra level of protection.
People yammer on and on about how much more secure that Linux and OSX is....and both of these systems have a security system similar to UAC. Of course, in both those cases, the user is not an admin and has to provide a password to go further. Microsoft started to implement these changes in their own systems after XP after getting so much egg on their face with all users having to be admins on the box. Whether so called "power users" want to believe it, steps like this are in the right direction to the overall security of the platform as a whole.
I have not turned UAC off. If I happen to land on a page that was injected with a 'drive-by', I'd kinda' like to know beforehand
I think we have a bit of a misunderstanding here. I'm not saying that UAC by itself was designed to keep a system clean but is designed to keep the user informed and notify the user if a program tries to makes changes to your system, which too me places UAC in the security category. I agree with what you're saying and I apologize if my wording wasn't exactly as I intended however if I receive a UAC prompt and I click "No", am I not preventing the application from making changes?Argghh.....UAC was never designed to keep a system clean. It's effective purpose is to notify you, the admin, when something is happening which is effectively increasing your priviledge level to administrator. In and of itself, it does nothing to prevent something bad from happening. But if I happen to be using my computer, and some random program informs me that it wants to become admin and I'm not running that app...then I click on No to escalation and investigate what is going on. Other applications like AV, malware checkers and the like do not perform this function.
The difference with Linux's "UAC" is that even when you create the first account at installation, you're not root. You're an admin, but admin isn't the highest class. Windows doesn't do this. If I login/operate as root, I can do whatever the hell I want; with Windows and UAC, even as an admin, I would still get prompts. Also, I feel like Linux prompts me for the root password less frequently than Windows does/would, and picks its prompting situations a little better.
All of that is configurable (UAC policy settings). It's actually far preferable to set UAC to "always allow" (and thus be invisible) than to disable the UAC. Both are bad news from a security standpoint, but the former less so.
It's because Windows has 47 billion times more apps and they're not all particularly well written w.r.t. security, which means they more frequently attempt to rummage round areas of the file system and registry which they have no business inspecting and modifying, which in turn means the user gets prompted for elevation.
The user is the biggest difference between NIX and Windows in this instance. Most NIX users tend to be relatively knowledgeable folk, by definition (the platform itself repels a55-hattery). They wouldn't dream of browsing the web and doing all those daily tasks while logged on as root, and yet that's exactly what many of the Windows "experts" do all day every day.
Microsoft's main security problem is their heterogeneous userbase. It's difficult to convince the "experts" who always use admin accounts - frequently with UAC disabled - that they're not actually being all that clever.
From a security perspective, advising someone to turn UAC off is just plain dumb. It disables IE protected mode, and that is a big loss.
i shortly disabled it when my pc shipped and i first installed win7 and all those programms.
after the initial setup i'm rather getting into contact at all. i got my couple of tools i'm used to use over the years and have no real need to install/test out more.
so, it's on, now and it doesn't bug me at all.
Last edited by Barman58; 08 Nov 2009 at 18:01. Reason: rephrase ;)
I don't like its harrasiveness, although i can tell if something isnt right, just one of those things after uve worked with computers for over 8 years.
Last edited by Uber Philf; 08 Nov 2009 at 18:07. Reason: Spelling :D
I've kept it, unless you want your pc to be about as secure as XP. Most users never implement proper security practices anyway, and thus rubbishware continues.
Quote