On Sat, 24 Feb 2007 02:30:11 -0500, "JD Wohlever"

MS should have made UAC a Business / Enterprise feature and left the
standard user and admin feature set of XP for the Home licenses of Vista.

95% of spam is sent through botnets, and them botted PCs aren't just
in the corporate world.

When 3-year-olds smack each other, it's ugly but harmless. When a
16-yer-old pulls an Uzi and goes postal, it matters.

When consumers were putting around with dial-up, it didn't matter to
the rest of us if they got infected. When they pack always-on
broadband and wide-open WiFi, it matters far more.

The real question is; how did the lanscape get so ugly that web pages,
email "messages" and "documents" can automate rings around users
without their noticing? That crap design is the Pandora flood that
we're trying to mop up with a UAC hankie.



--------------- ---- --- -- - - - -
Saws are too hard to use.
Be easier to use!
--------------- ---- --- -- - - - -

On Sun, 25 Feb 2007 19:30:45 -0500, "Chad Harris"
vistaneedsmuchowork.net wrote:

People who help consistently on groups have been posting when the OP is off
topic where to post it for years. You're just a newbie and instead of
putting up substantive help you seem obsessed with your delusion that I want
to be in charge.

I want people to read the name of the group and post appropriate to it. MSFT
names it. They purport to be "in charge." Take your bitching to them.



CH


"Adam Albright" wrote in message
.. .
On Sun, 25 Feb 2007 10:36:43 -0500, "Chad Harris"
vistaneedsmuchowork.net wrote:

Read my lips Albright. I'm not in charge of any newsgroup. I've
participated in them for years. But I rarely see threads that have
nothing
to do with the newsgroup on any of the hundreds of MSFT groups. This
group
became an exception the day that MSFT began selling Vista in stores.

As somebody has already pointed out Chad Harris, you're behaving like
a a-hole. I'm sure you're really a nice guy, but nobody will ever know
if you keep having temper tantrums, especially over nothing.

Again I need to ask you, what did you expect? Of COURSE this newsgroup
got more busy the day Vista hit the shelves. Does that surprise you?
It seems like half the posts here are from you bitching about cross
posting and bellyaching the question wasn't asked in the "right"
newsgroup. Sorry, the somewhat weird sense of humor I have, that's
damn funny to see you with your shorts all bunched up over nothing.
You're twisting in the wind due totally to what you yourself have said
and can't figure out why most people are probably laughing their ass
off over how you are acting. I'm not mad at you, doubt anybody really
is, we're just playing with you. You need to calm down.

There is no reason whatsoever to dump issues unrelated to setup in this
group and it distracts from the title and purpose of the group.

Listen fella, NOBODY distracts more in this newsgroup then you do. For
somebody that bitches about off-topic posts it should dawn on you that
your posts are more off topic than anybody's. Duh!

How dumb does someone have to be to dump off topic issues into a setup
group
when there are a dozen or so more groups for them?

How dumb does somebody have to be to keep beating a dead horse?

Chad,

We have read the name of the newsgroup and we read the quality of the posts
from the MVP's and others that are trying to help - and this is the place
that is offering the best solutions. You've been reading the other groups,
and I've made posts to the other groups as well as many others but we come
back here - wonder why?

It may be a matter of perception on what constitutes a set-up issue or not.
Your undefined definition is to narrow for our liking is what you're being
told by myself and others. Is there a charter for this group? I read
something on the MS site about keeping the threads "relevant to the topic
being discussed" and that is a pretty broad statement if I recall it
correctly. At any rate, the message also recognized that some off-topic
discussions will result from on-topic discussions simply (and I'm implying
this) because they aid in the understanding and troubleshooting effort.

So if someone can't get Vista setup on his system and along the way someone
here (like an MVP) suggests he may have a driver problem as well as some
other issues, does he now take his questions to "general", "devices" or
whatever? No, it stay's here - it's relevant and since it's "we" (the group
cabal) that decides what gets answered or not and not "you", your posts
about taking a question elsewhere will continued to be ignored and
criticized.

I think you're wound up a bit to tight over nothing and our jerking you
around a bit because of it has really got you in a dither. This is a
friggin newsgroup with people trying to help others the best they can.
Without us, M$ would not exist - right? Join in and quit being so
tight-ass - this isn't boot camp. Relax, help those you can and try to enjoy
life a little - it's only a computer operating system we're fussing about
here - not your wife or your girlfriend or boyfriend.

As for taking our bitching to MSFT.....yeah right. As I said in one of my
posts already, if the free MS tech support was any good, we would use them.
I made my one call, got some silly answer from someone in India, I said
thank you and came here to get the "real" help.

If you take a good read Chad you'll notice that we (the ones twisting you
around) have also been trying to help others here and saying Thanks to
others who have helped in-kind. A good example is some of Adam's
observations and detailed posts. Sure he ranted a bit, so did I - you're
dealing with a couple of frustrated perfectionists here (you can't win) who
have been around the block a few times, have written hardware drivers in
machine code and assembly language. We've dealt with many OS's, we and
many others have paid our dues so to speak and we've paid a good money for
Vista. It's good/bad and somewhere in-between.... and we're learning about
it just as MS and you still are.

This is a give and take group, very little spam and a whole lot of relevant
questions. May not seem like it to you because it's not you having the
problem and the last thing a person needs is someone telling him to take it
elsewhere. Ever think if he/she found this group - they also knows about
the others? They then did a lot of reading, saw the quality of the
information and decided "this is the place".

So be it... live with it.

Bob S.


"Chad Harris" vistaneedsmuchowork.net wrote in message
...
People who help consistently on groups have been posting when the OP is
off topic where to post it for years. You're just a newbie and instead of
putting up substantive help you seem obsessed with your delusion that I
want to be in charge.

I want people to read the name of the group and post appropriate to it.
MSFT names it. They purport to be "in charge." Take your bitching to
them.

CH


"Adam Albright" wrote in message
...
On Sun, 25 Feb 2007 10:36:43 -0500, "Chad Harris"
vistaneedsmuchowork.net wrote:

Read my lips Albright. I'm not in charge of any newsgroup. I've
participated in them for years. But I rarely see threads that have
nothing
to do with the newsgroup on any of the hundreds of MSFT groups. This
group
became an exception the day that MSFT began selling Vista in stores.

As somebody has already pointed out Chad Harris, you're behaving like
a a-hole. I'm sure you're really a nice guy, but nobody will ever know
if you keep having temper tantrums, especially over nothing.

Again I need to ask you, what did you expect? Of COURSE this newsgroup
got more busy the day Vista hit the shelves. Does that surprise you?
It seems like half the posts here are from you bitching about cross
posting and bellyaching the question wasn't asked in the "right"
newsgroup. Sorry, the somewhat weird sense of humor I have, that's
damn funny to see you with your shorts all bunched up over nothing.
You're twisting in the wind due totally to what you yourself have said
and can't figure out why most people are probably laughing their ass
off over how you are acting. I'm not mad at you, doubt anybody really
is, we're just playing with you. You need to calm down.

There is no reason whatsoever to dump issues unrelated to setup in this
group and it distracts from the title and purpose of the group.

Listen fella, NOBODY distracts more in this newsgroup then you do. For
somebody that bitches about off-topic posts it should dawn on you that
your posts are more off topic than anybody's. Duh!

How dumb does someone have to be to dump off topic issues into a setup
group
when there are a dozen or so more groups for them?

How dumb does somebody have to be to keep beating a dead horse?

On Sat, 24 Feb 2007 08:19:55 -0800, "Kerry Brown"

And how does the security in 'nix work? By separating users and superusers
(administrators). If you ran Linux as root (administrator) all the time you
would be much less secure than running Vista with UAC enabled.

And when you run Linux, you get prompts to enter the root password
whenever you do something that needs root permissions.

Same thing in MacOS - I only had to use it for a few minutes,
troubleshooting a WiFi access issue, before I was appropriately
prompted for a system-rights password.

How is that different from UAC?

I don't think anyone who knows anything about security would disagree
with the statement that Windows XP cannot be secured. It can be made
more secure but if you run as an administrator malware can find a way in.

I'm not that impressed with the notion of "user rights" as the be-all
and end-all of security, or even basic safety.

The whole "user rights" ediface stands on deeper levels of abstraction
that go all the way down to NTFS. But the same sort of holes in the
assumption that "code only does what it was written to do" etc. that
allow malware to run via exploits, may also drill through user rights
in various ways - either by assuming higher rights as a consequence of
what they've drilled into, ot escalating rights, or just going under
the whole thing alltogether, as Witty did.

Witty drilled in though an exploitable surface in a 3rd-party firewall
(Black Ice Defender), which presumably gave it admin rights, if not
complete system rights. From there it trashed the file system by
doing raw writes to arbitrary sectors, right from within XP.

So all that fancy NTFS permissions stuff wasn't worth a pile of beans,
in this case. All sectors are the same, from raw hardware access.

With Vista and UAC zero day attacks will certainly happen but UAC
will at least give you a warning that something is up.

It may do, prolly should do. YMMV depending on the nature of the
attack, especially if an exploitable surface allows the malware to
drill into a process that's accepted by UAC as part of the system.



--------------- ---- --- -- - - - -
Saws are too hard to use.
Be easier to use!
--------------- ---- --- -- - - - -

On Sat, 24 Feb 2007 17:14:28 -0600, Adam Albright wrote:

Hint: That means any malicious code can pretend to be a "installer"
too and in effect gain access to anything on your computer including
Windows kernel or YOUR data. It doesn't make much sense to me.

The basic mechanism of malware is to behave in a riskier manner than
what the user thought they were risking.

The most extreme cause of this is the clickless attack, such as
Lovesan waltzing in through RPC "service" (that should never have been
left waving it's ass at the Internet in the first place) without the
user doing anything at all.

OTOH, if you install a program, you are fully aware of the risk you're
taking. Installing software does position that software to do
anything it wants to do, including integrating itself so that it may
be impossible to run Windows without it running as well.

If you decide to give that much power to what turns out to be malware,
then really, you have only yourself to blame.

IOW, where's the risk escalation advantage in malware pretending to be
an installer? That is *exactly* what malware is, anyway.

This level of non-SE has been PoC'd, e.g. we've had malware called
VIRUS.EXE that pops up a dialog that says "I am a VIRUS and I will
attack your PC!" and yep, some users go right ahead and click "OK".



--------------- ---- --- -- - - - -
Saws are too hard to use.
Be easier to use!
--------------- ---- --- -- - - - -

On Tue, 27 Feb 2007 00:33:49 +0200, "cquirke (MVP Windows shell/user)"
wrote:

On Sat, 24 Feb 2007 17:14:28 -0600, Adam Albright wrote:

Hint: That means any malicious code can pretend to be a "installer"
too and in effect gain access to anything on your computer including
Windows kernel or YOUR data. It doesn't make much sense to me.

The basic mechanism of malware is to behave in a riskier manner than
what the user thought they were risking.

Why would anyone WILLINGLY give malware any permission to do anything?
You guys are priceless in your endless blind defense of Microsoft
decisions! The FACT is Microsoft ADMITS it had no choice but to leave
the door wide open to accept any installer request to have access
anything. Any reasonably clever hacker therefore can write code to
pretend his malware code is a installer of a "trusted" application and
such a attack will do whatever it wants.

OTOH, if you install a program, you are fully aware of the risk you're
taking.

If you include Windows in that statement you are entirely correct.

Windows is the biggest thread to your PC's security because of how it
was originally written and nothing to date changes that.

Windows has patches on top of previous patches over the course of 20
plus years. Just for kicks it would be damn interesting to see all the
source code don't you think?

Why is Windows so weak when in comes to security? Well Mr. Gates
himself made a poor decision. When Windows was first being developed
the Internet (main threat) was unknown to most. Microsoft originally
ignored the Internet. Gates is on record saying the Internet was a
passing fad that Microsoft wasn't interested in. Only after he
realized that was a huge miscaculation did Microsoft start to try to
patch the huge number of security holes hackers were starting to
exploit in Windows itself (stupid policy of turning everything on like
file sharing) making Windows easy prey to port sniffers and the
laughable early attempts with Microsoft's early browsers and Active X.

The problem is no matter how much Windows gets patched it still wasn't
designed as a secure OS. Microsoft had pleny of time to fix this
oversight by rewriting Windows from scratch. Surely they could have
with XP, may have with Windows 98, ever as far back as Windows 95, but
they chickened out fearful they would lose too many customers if
Windows suddendly became more secure but nobody's hardware or software
worked anymore with this new beefed up Windows. Surely with all the
attacks seen during XP's history you would think Vista would be more
secure, but all Microsoft did was put a bandaid on Windows called UAC
which is badly flawed and obviously has the serious drawback of really
****ing off current customers endlessly getting nag screens everytime
they do every little thing they always could easily do without
interference in prior versions of Windows which under Vista if UAC is
turned on as it is by default rather then choice as it should be
designed will often cause Vista to have one hissy fit after another.

I'm not against the concept of UAC, I'm simply surprised Microsoft did
such a crappy job with it considering its taken them over 5 years to
push Vista out the door. What have they been doing all this time?

Adam

They willingly give permission to the 'fun stuff' that is used to disguise
malware.. chat room and messenger smiley faces and crap like Budweiser Frog
cursors are popular with kids and adults alike..

Some open the URL to a bogus Citibank website to check details as instructed
even though they know that they don't have a Citibank account..

They accept e-mails and open files sent to them by people who are known to
hate their guts..

They accept and open Valentine e-mails and the files therein from mysterious
lovers called Chi_

They download MS Publisher "yes this version really works' using P2P stuff
like Limewire without thinking that maybe the MS Publisher installation may
be just a little larger than 785.5k in size..

It is not so much a case of Windows leaving the door open as the user keeps
opening the door..



"Adam Albright" wrote in message
...
On Tue, 27 Feb 2007 00:33:49 +0200, "cquirke (MVP Windows shell/user)"
wrote:

On Sat, 24 Feb 2007 17:14:28 -0600, Adam Albright wrote:

Hint: That means any malicious code can pretend to be a "installer"
too and in effect gain access to anything on your computer including
Windows kernel or YOUR data. It doesn't make much sense to me.

The basic mechanism of malware is to behave in a riskier manner than
what the user thought they were risking.

Why would anyone WILLINGLY give malware any permission to do anything?
You guys are priceless in your endless blind defense of Microsoft
decisions! The FACT is Microsoft ADMITS it had no choice but to leave
the door wide open to accept any installer request to have access
anything. Any reasonably clever hacker therefore can write code to
pretend his malware code is a installer of a "trusted" application and
such a attack will do whatever it wants.

OTOH, if you install a program, you are fully aware of the risk you're
taking.

If you include Windows in that statement you are entirely correct.

Windows is the biggest thread to your PC's security because of how it
was originally written and nothing to date changes that.

Windows has patches on top of previous patches over the course of 20
plus years. Just for kicks it would be damn interesting to see all the
source code don't you think?

Why is Windows so weak when in comes to security? Well Mr. Gates
himself made a poor decision. When Windows was first being developed
the Internet (main threat) was unknown to most. Microsoft originally
ignored the Internet. Gates is on record saying the Internet was a
passing fad that Microsoft wasn't interested in. Only after he
realized that was a huge miscaculation did Microsoft start to try to
patch the huge number of security holes hackers were starting to
exploit in Windows itself (stupid policy of turning everything on like
file sharing) making Windows easy prey to port sniffers and the
laughable early attempts with Microsoft's early browsers and Active X.

The problem is no matter how much Windows gets patched it still wasn't
designed as a secure OS. Microsoft had pleny of time to fix this
oversight by rewriting Windows from scratch. Surely they could have
with XP, may have with Windows 98, ever as far back as Windows 95, but
they chickened out fearful they would lose too many customers if
Windows suddendly became more secure but nobody's hardware or software
worked anymore with this new beefed up Windows. Surely with all the
attacks seen during XP's history you would think Vista would be more
secure, but all Microsoft did was put a bandaid on Windows called UAC
which is badly flawed and obviously has the serious drawback of really
****ing off current customers endlessly getting nag screens everytime
they do every little thing they always could easily do without
interference in prior versions of Windows which under Vista if UAC is
turned on as it is by default rather then choice as it should be
designed will often cause Vista to have one hissy fit after another.

I'm not against the concept of UAC, I'm simply surprised Microsoft did
such a crappy job with it considering its taken them over 5 years to
push Vista out the door. What have they been doing all this time?




--


Mike Hall
MS MVP Windows Shell/User
http://msmvps.com/blogs/mikehall/

On Tue, 27 Feb 2007 09:14:33 -0500, "Mike Hall - MS MVP Windows
Shell/User" wrote:


It is not so much a case of Windows leaving the door open as the user keeps
opening the door..

You get brownie points for defending Microsoft's poor design of Vista?

What part of "it is MY computer, I'll decide which features to
implement" don't you or Microsoft understand?

If UAC worked, transparently, behind the scenes, if it actually DID
offer some REAL protection it would be fine. From what I've read so
far it seems to do little if anything to protect the user but for sure
at the same time if UAC is turned on can get in the way of users with
constant nag screens.

Now sit back and learn how Windows in previous versions has "opened"
the door to hackers BY DESIGN.

As I've said before Windows wasn't designed to be a secure operating
system. Trying to patch holes is the most Microsoft seems willing to
do. For example I doubt many are aware that part of XP's design was to
automatically "turn on" file sharing. If your computer is connected to
the Internet, this is open door to your system hackers loved. The
irony is there was NO NEED to do this. It was done because originally
the Microsoft mindset was "turn everything on by default, otherwise
users would be too dumb to find out how to turn on features, that only
applies to LAN setups in this example.

Even fewer are aware that deep in the bowels of Windows there's a
hidden feature that without your knowledge is automatically turned on
and if you attempt to delete or turn off this feature through normal
means Windows, on its own, behind your back, will just install it
again the next time you boot. Microsoft likes to call these security
holes "features". Does not apply to XP home.

One of many, read all about it:

http://support.microsoft.com/default...;EN-US;Q314984

http://www.windowsnetworking.com/kba...eShares.ht ml

I haven't had time to check how many things like this may still remain
in lurking deep in Vista or if hopefully they have been corrected. My
point, is while Microsoft talks a good game, what it has actually done
in the past in way of design suggests a lot more work needs to be done
if they are truly serious about making Windows really secure.

"cquirke (MVP Windows shell/user)" wrote in
message ...
On Sat, 24 Feb 2007 08:19:55 -0800, "Kerry Brown"

And how does the security in 'nix work? By separating users and superusers
(administrators). If you ran Linux as root (administrator) all the time
you
would be much less secure than running Vista with UAC enabled.

And when you run Linux, you get prompts to enter the root password
whenever you do something that needs root permissions.

Same thing in MacOS - I only had to use it for a few minutes,
troubleshooting a WiFi access issue, before I was appropriately
prompted for a system-rights password.

How is that different from UAC?

UAC allows you to run as an administrator for backwards compatibility. In
Linux or OS X this isn't possible. A task either has full superuser
privileges or it doesn't. UAC gives a task two security tokens, Linux and OS
X one. This has both good and bad points. Personally I think it is mostly
bad points but in the interest of backwards compatibilty I can see why it
was done. It improves security greatly over XP while still allowing the
majority of old programs to run with little or no changes. It allows
programmers to catch up before the next OS comes out which will be even more
secure :-)


I don't think anyone who knows anything about security would disagree
with the statement that Windows XP cannot be secured. It can be made
more secure but if you run as an administrator malware can find a way in.

I'm not that impressed with the notion of "user rights" as the be-all
and end-all of security, or even basic safety.

The whole "user rights" ediface stands on deeper levels of abstraction
that go all the way down to NTFS. But the same sort of holes in the
assumption that "code only does what it was written to do" etc. that
allow malware to run via exploits, may also drill through user rights
in various ways - either by assuming higher rights as a consequence of
what they've drilled into, ot escalating rights, or just going under
the whole thing alltogether, as Witty did.

Witty drilled in though an exploitable surface in a 3rd-party firewall
(Black Ice Defender), which presumably gave it admin rights, if not
complete system rights. From there it trashed the file system by
doing raw writes to arbitrary sectors, right from within XP.

I've always been against software firewalls. They are an easy attack vector
as by definition they must have very low level access to the system. This
situation is better in Vista because of the reduced ability of a low
privilege task to affect higher privileged tasks but I still see it as an
attack vector.


So all that fancy NTFS permissions stuff wasn't worth a pile of beans,
in this case. All sectors are the same, from raw hardware access.

With Vista and UAC zero day attacks will certainly happen but UAC
will at least give you a warning that something is up.

It may do, prolly should do. YMMV depending on the nature of the
attack, especially if an exploitable surface allows the malware to
drill into a process that's accepted by UAC as part of the system.


I am sure that zero day attacks that work around UAC will eventually happen.
There is no doubt in my mind Vista is much more secure than XP could ever be
made through updates or service packs. How much more secure only time will
tell.

--
Kerry Brown
Microsoft MVP - Shell/User
http://www.vistahelp.ca

Adam

I didn't say that there were not holes, and I do not need lecturing on the
early design of Windows.. I was merely remarking that many users bring on
problems themselves..


"Adam Albright" wrote in message
...
On Tue, 27 Feb 2007 09:14:33 -0500, "Mike Hall - MS MVP Windows
Shell/User" wrote:


It is not so much a case of Windows leaving the door open as the user
keeps
opening the door..

You get brownie points for defending Microsoft's poor design of Vista?

What part of "it is MY computer, I'll decide which features to
implement" don't you or Microsoft understand?

If UAC worked, transparently, behind the scenes, if it actually DID
offer some REAL protection it would be fine. From what I've read so
far it seems to do little if anything to protect the user but for sure
at the same time if UAC is turned on can get in the way of users with
constant nag screens.

Now sit back and learn how Windows in previous versions has "opened"
the door to hackers BY DESIGN.

As I've said before Windows wasn't designed to be a secure operating
system. Trying to patch holes is the most Microsoft seems willing to
do. For example I doubt many are aware that part of XP's design was to
automatically "turn on" file sharing. If your computer is connected to
the Internet, this is open door to your system hackers loved. The
irony is there was NO NEED to do this. It was done because originally
the Microsoft mindset was "turn everything on by default, otherwise
users would be too dumb to find out how to turn on features, that only
applies to LAN setups in this example.

Even fewer are aware that deep in the bowels of Windows there's a
hidden feature that without your knowledge is automatically turned on
and if you attempt to delete or turn off this feature through normal
means Windows, on its own, behind your back, will just install it
again the next time you boot. Microsoft likes to call these security
holes "features". Does not apply to XP home.

One of many, read all about it:

http://support.microsoft.com/default...;EN-US;Q314984

http://www.windowsnetworking.com/kba...eShares.ht ml

I haven't had time to check how many things like this may still remain
in lurking deep in Vista or if hopefully they have been corrected. My
point, is while Microsoft talks a good game, what it has actually done
in the past in way of design suggests a lot more work needs to be done
if they are truly serious about making Windows really secure.



--


Mike Hall
MS MVP Windows Shell/User
http://msmvps.com/blogs/mikehall/