Corrine has a nice find on her SecurityGarden site about Vista's UAC which can solve some of common questions and misconceptions about it:
Copy-Paste:
"UAC does not, nor is it intended to, stop malware."
What UAC does do is enable running a computer with Windows Vista installed as a standard user. The result of this is important. By following the recommendation to keep UAC running, the computer is significantly less vulnerable since currently most malware requires administrator privileges.
Does running as a standard user protect against the computer operator allowing installations? Absolutely not. However, it is certainly hoped that the average computer user will recognize the difference between an unexpected request for elevated privilege and a request when intentionally installing software.
For in depth look at User Account Control for Windows Vista, tune in to the Channel 9 interview of Jon Schwartz, UAC Architect, and Chris Corio, UAC Technical Program Manager, where they tackle UAC from various angles:1) What problems does UAC attempt to solve?
2) How does UAC actually work?
3) Why did we implement UAC UI to be so aggressive, from a user experience point of view?
4) How will UAC evolve?
Thanks Corrine - hope you do not mind I ripped the whole post :) Hey, when it's useful, it's useful - why reinvent the wheel :)
Via: SecurityGarden
Comments (2)
I don't mind at all, although I did get a bit opinionated. What concerns me about UAC is what is commonly being referred to as the "social aspect" where users get immune to the prompts and click away without giving thought to what they are giving permissions to.
Posted by Corrine | March 7, 2007 8:42 AM
Posted on March 7, 2007 08:42
I find UAC helpful. I also find myself clicking through it without looking since I know what that what I am doing at that moment is safe, but it happened a number of times that I started a program or an installation which I didn't want to start just couple of moments later - then UAC came into play. Also, I had one program which was suspicious trying to gain elevated privileges - therefore it was a red flag immediately - so I clicked cancel. It's quite simple thing and people will pay attention on what they do while clicking on this. If something is out of the ordinary - our brain itself can pick that up and say hay - this is new - I never clicked OK for this before ...
Posted by Petar Smilajkov | March 7, 2007 11:41 AM
Posted on March 7, 2007 11:41