http://www.betanews.com/article/New_... ck/1223668881

There was another one presented here a couple of months ago.

"Mr. Arnold" MR. wrote in message
...
http://www.betanews.com/article/New_... ck/1223668881

There was another one presented here a couple of months ago.


Why would any NORMAL person need a UAC tool? Apart from those who just
tinker with their machines and don't actually do any WORK with them?

"Gordon" wrote in message
...
Why would any NORMAL person need a UAC tool? Apart from those who just
tinker with their machines and don't actually do any WORK with them?

You do realize that applies to 90% of computer nerds, right? I have a friend
who is like that and I am always asking him when he is actually going to use
his computer as a tool (as it was intended to be used) instead of playing
program manager on it. He buys new hardware just to geek out on upgrading
when he has no actual use or need for the hardware.

Security is such a bother...

It's so annoying to have to click again after I already
clicked such a short time ago...

All I wanted to do was execute a program - one click
should be sufficient for the task...

After all, It's not like I'm trying to *delete* something...

(which should take eleven clicks to make sure I really meant
to delete what I'm trying to delete because I don't have any
backups in case the file I delete is needed later*)...

Leave it to Symantec to "give the people what they want"
with no regard for the security implications.

* After the recycle bin there should be a truck and then a
waste management distribution center and a landfill where
I could still go to get back that file should the need arise.

The consequences of deleting a file IMO are far less than
the ones of executing a program (seeing as the program
could then effectively delete *everything*) so why all the
complaints about an extra click when a user (or something
else) invokes a program?

"Mr. Arnold" MR. wrote in message
...
http://www.betanews.com/article/New_... ck/1223668881

There was another one presented here a couple of months ago.

"FromTheRafters" wrote in message
...

Leave it to Symantec to "give the people what they want"
with no regard for the security implications.

I wouldn't use the thing. It's about as bad as Application Control in 3rd
party personal FW(s) or other such nonsense snake-oil solutions. One wants
the mouse click on the accept button when it's malware that was *accepted*
and remembered so that one is not asked about it again.

It's just below this one. Hey, I turned UAC off, because I have ran this way
for 25 years from Win 9'x as root admin, and I have ran as user/admin on Win
NT 4.0, Win 2k, and XP with full admin rights. I am good man. I am so good,
computer savvy, and it can't happen to me on the Internet. Hey, so what if I
get some malware that something detected. I'll wipe out the machine if it
happens.

But little did I know that a whole boat load of malware has come past my
little security blanket, planted itself deep and can't be detected by my
detection security blanket, and it's been this way for a long time. I
don't even know how to go check things out for myself with other tools
manually and look around and see what is running on the machine from time to
time.

Hey, I am good and my security detection blanket is good too. Everything is
okay-dokey! :-P

If I *really* wanted secure, I wouldn't use windows at all. Do you
REALLY trust microsoft to keep your data safe? I know I don't.

I use this tool, and it's *definetely* worth the "risk". I don't need
to disable the prompts entirely, and I dont need to see the darn thing
every single time I want to open up a command prompt (as I always run
the prompt elevated).


--
mike-cow

- -While I try to give as safe advise as possible, and use alot of
effort in making sure it's accurate, I can't take responsibility of
problems arising from the help I give. In the end it's you who need to
decide what's the safest way to manage your computer.-

"mike-cow" wrote in message
...

If I *really* wanted secure, I wouldn't use windows at all. Do you
REALLY trust microsoft to keep your data safe? I know I don't.


I don't trust Microsoft, Linux, Apple or any other O/S to keep my data safe,
because none of them are bullet proof O/S(s). They are all written by and
used by fallible human beings. When we as human beings become perfect, then
you can expect that anything we create or do will be perfect, and that's not
happening in your life time.

As far as security is concerned, the buck stops with the user, and it
doesn't stop any where else. If the machine gets compromised, then the user
had involvement in it someway that lead to the compromise. It doesn't happen
by itself.

In message mike-cow
was claimed to have wrote:

If I *really* wanted secure, I wouldn't use windows at all. Do you
REALLY trust microsoft to keep your data safe? I know I don't.

I use this tool, and it's *definetely* worth the "risk". I don't need
to disable the prompts entirely, and I dont need to see the darn thing
every single time I want to open up a command prompt (as I always run
the prompt elevated).

And that means you're as good as a full administrator, all malware needs
to do is take a guess (or sit back and learn) what programs
automatically elevate, then exploit them.

Command prompt is a perfect target, since the malware can literally
launch "%systemroot%\system32\cmd.exe /c %malware.exe%", thereby
promoting itself to running with an administrative token, all without
asking you.

DevilsPGD;859187 Wrote:
Command prompt is a perfect target, since the malware can literally
launch "%systemroot%\system32\cmd.exe /c %malware.exe%", thereby
promoting itself to running with an administrative token, all without
asking you.

Yes it would be, but I'm not running cmd. Cygwin ftw! 'Cygwin
Information and Installation' (http://www.cygwin.com/)


--
mike-cow

- -While I try to give as safe advise as possible, and use alot of
effort in making sure it's accurate, I can't take responsibility of
problems arising from the help I give. In the end it's you who need to
decide what's the safest way to manage your computer.-

In message mike-cow
was claimed to have wrote:

DevilsPGD;859187 Wrote:
Command prompt is a perfect target, since the malware can literally
launch "%systemroot%\system32\cmd.exe /c %malware.exe%", thereby
promoting itself to running with an administrative token, all without
asking you.

Yes it would be, but I'm not running cmd. Cygwin ftw! 'Cygwin
Information and Installation' (http://www.cygwin.com/)

Yes, and?

A similar command line parameter would do the trick for Cygwin.