| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Windows 7 will nag users 29% less often, Microsoft claims | |
|
||
| Time: 13:00 EST/18:00 GMT | News Source: ComputerWorld | Posted By: Kenneth van Surksum | ||
|
One of the most hated features of Windows Vista will be seen a third less often by users of the upcoming Windows 7, a Microsoft executive promised today.
| ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 329 Last | Next |
The time now is
6:30:08 AM
ET.
Any comment problems? E-mail us |
| #1 By 20505 (216.102.144.11) at 4/22/2009 5:26:11 PM |
|
You know, I've actually been seeing a lot more of these things lately. This is on the advice of one Lloyd Ketchum. Now, my normal log-in does not have administrator rights.
It is a nuisance but if it makes computing safer........... |
| #2 By 23275 (24.196.4.141) at 4/22/2009 6:18:29 PM |
|
#1, It does indeed, Sir
The fact is that at every turn, enthusiasts and pro's shouls be encouraging users to run as standard users only. I'll give you an example of how important it is... just today, while attempting to access a well known tech website, on page load, I was prompted for the machine's admin credentials. I did not provide them and closed the browser. What prompted the escalation? A wormable Trojan, which had it not been for the Windows Integrity Mechanism, it woul dhave been up to may AV software to intercept. Yes, UAC would have fired in admin approval mode, BUT... would I, or another user have paused and examined the escalation carefully? I don't know. *On another test machine, I approved the escalation and NOD32 did catch the mal-ware... leaving me to wonder how many XP users were going to fall because they rolled to a site. |
| #3 By 20505 (216.102.144.11) at 4/22/2009 10:37:19 PM |
| So, Lloyd, can I get rid of NOD32 on my Vista machine running as a standard user or is that just dumb? |
| #4 By 23275 (24.196.4.141) at 4/23/2009 12:23:22 AM |
|
#3, Depends on a couple of things:
If, as we do, you use a layered defense for email/Exchange were the relays are off-site and filtered, there is little chance that any mail object that was infected would make it through to you. It also depends upon if you use IE 8. IE 8's smart screen filter is the best I have seen - better than Haute Secure by far. Finally it depends upon how you use your computer and how it faces the Internet. I use live search as the returns are filtered. Since I only used (hint) NOD32 for AV and not for any other purpose, and I do use Vista's firewall, defender, etc... and I do run as a standard user, AV software has no real role for me. Hosted Exchange services are great - we provide them, but not all are the same - we for example, filter offsite in four layers and at the edge and perimeter before traffic comes to the edge transport and mail servers. I would not call NOT running AV dumb - provided you run as you are and you use IE 8. There are select vulnerabilities that can make it past the UIPI and into less well randomized memory space, but these are quite rare and regardless, you'd be prompted for your password - the nonsense that Google's Chrome did anything different than use Windows' secure-able objects and integrity mechanism as suggested after the pwn2own contest was simply and flatly, wrong. It is in fact, less secure than IE 8. Couple things to review: enable DEP for all programs. Run Vista x64. Use IE 8 in its defaults. When surfing unknown sites, use the x64 version of IE 8. Pretty normal stuff, really and you can dump AV for good. If you're ever concerned about a particular file, or you want to scan a file you download before you open it, use this site, http://www.virustotal.com Finally, I have not used AV software since IE 8's RTM and.... I DO NOT plan to run Windows 7. More on why later on. |
| #5 By 15406 (216.191.227.68) at 4/23/2009 8:12:31 AM |
| #2: Switch to a browser that doesn't happily accept every drive-by download around and you'll be fine. May I recommend Firefox 3 and NoScript? |
| #6 By 23275 (24.196.4.141) at 4/23/2009 8:58:15 AM |
|
#5, absolute rubbish.
Look Latch, I'm all good with opinions and preferences, but you are wrong. Firefox DOES NOT use the many layers inherent to the Windows Integrity Mechanism. Firefox DOES NOT use Protected Mode, Securable Objects and the UIPI Brokering Agent. (though it could as these measures are available to all developers on the Windows platform) IE 8 does. Google Chrome does. IE 8 adds the smart screener and a number of other enhancements - process isolation, separately recoverable tabs, etc... Please leave the partisan opinions out of this one - we're talking about the safety of people online and the Swiss cheese that once fairly characterized IE 6 on XP has been dead and gone for many years now. The notion that Firefox is more secure than IE 8, or even IE 7 on Vista is not just a myth, it is a dangerous lie. Your arguments are dated and increasingly irrelevant. Oldog, Sir, please review items #10 and #9, at the top here, http://blog.libertech.net/blogs/lketchum/archive/2007/05/23/top-ten-things-i-love-about-windows-vista.aspx |
| #7 By 23275 (24.196.4.141) at 4/23/2009 9:21:31 AM |
|
Folks, the people that comment here are either IT Professionals, or highly capable people in other fields. Most are computer experts relative to normal every day users.
It is long past due for all of us to be encouraging and conditioning Awin's community to embrace running as real power users. Simply, the notion that went something like: "For the technically seasoned or capable that know what they are doing... they can x, y or z as they wish, because 'they know' .... etc... " is wrong and has to end. Real experts and true power users run as standard users only. Windows Vista and Windows 7 are designed to run all processes in a least privileged security context - the very fact that users see a UAC escalation at all, indicates that the software and or process is either writting in violation of well established rules governing best practices that date back to Windows NT, or involve system level functions requiring admin approval. Professionals and power users should take comfort and pride in the fact that they run as standard users and show all other users the ease and wisdom of running as such. Similarly, Vista/Win7 includes an addition to the access control security mechanism of Windows that labels processes and other securable objects with an integrity level - this is the basis for securing a platform and unlike the *nix, or OS X, Windows includes several additional layers of security which are available to all developers and end users. The true state of the art is Windows in the context of security - for end users and most especially for SMB's and enterprises. Increasingly, Windows is becoming harder and harder to exploit and even where flaws exist, there are many additional layers working in concert with one another to keep users safer. The first and last line of defense is and will always be the operator of the computer and running as a standard user, despite the occasional need to enter a password approving an escalation, is the only way to go. Regardless of our differences, we should all join together in pushing for that. |
| #8 By 15406 (216.191.227.68) at 4/23/2009 10:06:05 AM |
| #6: And yet, despite all the whiz-bang goodness you mentioned, you were one UAC prompt away from hosing yourself. And sorry, but I don't accept your "You're wrong because I say so" conclusions. I agree with you that Windows is slowly getting better, but IE is still not at a point where I trust it. You don't just wipe away a decade of IE hilarity overnight based on Microsoft promises of security or astroturfer advocacy. |
| #9 By 23275 (24.196.4.141) at 4/23/2009 10:40:39 AM |
|
no you don't, you wipe away the effects of the growing diversity of the web and its continuously evolving threats with a design that is designed to be secure from the start. You then bake security into the DNA of the company building the software and you layer in complimenting mechanisms designed to harden the platform the deeper you move into it.
You then extend these methods to the engineers and developers working on the platform as you maintain an effort to continually monitor threats to it and improve it - while engaging the entire industry to work with you on behalf of users and in their individual and collective interests. This is exactly what Microsoft did and continues to this day and Vista, IE 8 and Windows 7 are the result. They did not do this work overnight - the trustworthy computing initiative was begun in 2000 and the sincerity of the effort as well as its efficacy were manifest in XP SP2, the Vista reset and the challenges brought forth by the new model. The effort continues. Or... you can continue to snipe away as you choose to. And you ARE wrong, but not because I say so, but because you simply ARE, as the facts in this matter are clearly evident. Even Google, by leveraging the methods I have simply pointed to, provides strong evidence of this. You constantly remind us that you post here in the broader interests of computer users as a counter to Microsoft's 'evil' or incompetence, yet your remarks in this thread don't seem to demonstrate any interest in working with others on behalf of making all users safer online. It causes me to question 'your' sincerity, which I find ironic as you question not only mine, but the very companies who are working together, despite differences, to make computing better and certainly safer for all users. The web, after all, is a very connected place and what impacts one platform, may impact all of them. |
| #10 By 92283 (70.67.3.196) at 4/23/2009 10:47:03 AM |
|
#5 "May I recommend Firefox 3"
Sure. The hackers will thank-you. Its riddled with security holes. Another day another 9 advisories (with dozens of holes patched) http://www.mozilla.org/security/known-vulnerabilities/firefox30.html And don't say they were fixed quicker than IE. The most critical one has bugs that are a year old. http://www.mozilla.org/security/announce/2009/mfsa2009-14.html |
| #11 By 15406 (216.191.227.68) at 4/23/2009 11:49:09 AM |
|
#9: Or... you can continue to snipe away as you choose to. And you ARE wrong, but not because I say so, but because you simply ARE, as the facts in this matter are clearly evident.
Is that right? Well, the clearly evident facts that I won't divulge indicate that you're a teapot.... because I say so. yet your remarks in this thread don't seem to demonstrate any interest in working with others on behalf of making all users safer online. I told you to use a browser that won't roll over for ever website that comes along. What more do you want? btw I don't consider acting as an apologist to be be 'working with others' as you clearly do. #10: Hello Mr Pot! Lovely shade of black you're wearing today. |
| #12 By 28801 (65.90.202.10) at 4/23/2009 12:02:02 PM |
| Latch, my problem with your FF3 argument is the NOSCRIPT caveat you always add. As FF grows in popularity and seeps into the masses of everyday users, you can be certain that the NOSCRIPT add-on will not be implemented by most. In fact, I would love to the the current NOSCRIPT usage stats by the so-called web savvy FF community. It's probably a lot lower than you think. Additionally, you ague that Lloyd was 1 click away from hosing himself, but can't the same be said of NOSCRIPT? |
| #13 By 15406 (216.191.227.68) at 4/23/2009 12:14:03 PM |
|
#12: Yet you have no trouble when Ketchum recommends IE8 with Threatfire and Protected Mode on running under Vista x64 with DEP and ASLR enabled, etc etc which is a much longer list of prerequisites that nobody actually follows (what's even funnier is back in the early Vista days when he would scoff at the thought of anything penetrating IE7 under Vista --until it happened and then suddenly he starts with all the prereqs.) I have no idea how many FF users use NoScript, but the class of user who runs FF is generally more savvy than the norm. I believe you're better off with FF+no extensions than you are with IE7. IE8 doesn't yet have enough of a history to make any judgements. He says that he went to some site and a UAC prompt suddenly appeared. This leads me to believe that, devoid of any active clicking on his part, IE picked up on a drive-by download and UAC saved the day before the download executed. FF does not have this behaviour. IIRC, there has been exactly one instance of a drive-by download in FF and that was a bug in itself. With IE it seems to be designed into the spec, despite the security problems it invites.
|
| #14 By 28801 (65.90.202.10) at 4/23/2009 12:31:44 PM |
|
#13: I believe all of that is automatic under Vista 64. The only thing a user has to do is run as a standard user. This post was edited by rxcall on Thursday, April 23, 2009 at 12:32. |
| #15 By 143 (216.205.223.146) at 4/23/2009 6:52:07 PM |
| IE8 can be taken over "real easy" the only halfway safe browser is FF3 with add-ons NoScript and Adblock Plus. Of course the user going sites like craigslist will always be a repeat victim of some kind. |
| #16 By 28801 (65.90.202.10) at 4/23/2009 7:29:07 PM |
|
#15: Please share your test results with us. This post was edited by rxcall on Thursday, April 23, 2009 at 19:34. |
| #17 By 23275 (24.196.4.141) at 4/23/2009 7:43:31 PM |
|
#14, Correct rxcall, all I recommend are automatic defaults on Windows Vista and 7 - with the single exception of running as a standard user, vice an admin approval mode user.
Easy to do. No set up. No fuss and the creation of one (1) account. |
| #18 By 23275 (24.196.4.141) at 4/23/2009 7:47:02 PM |
|
Latch, your technical understanding of Windows Vista is very weak.
The UAC escalation was actually one of four that would have fired. The first one was when UIPI intercepted the request for higher level access. Two additional handlers would have fired after that and finally, a fourth request would have tripped another UAC escalation after that - for the actual install of the mal-ware. So... again, you are very wrong here and clearly, you have little experience with Vista and UAC. That's okay - just be quiet about it and stop trying to confuse people. |
| #19 By 143 (216.205.223.146) at 4/23/2009 9:44:11 PM |
|
@ rxcall
The test is easy. The group's "Conficker Eye Chart" pulls images from three sites that Conficker is known to block and displays them in a box. Below the box is a guide to interpreting how you see the images -- if they all show up you're in good shape, but if one or more doesn't display it could indicate a Conficker (or other malware) infection. http://www.confickerworkinggroup.org/infection_test/cfeyechart.html Take your IE only box and test it your self. ;) |
| #20 By 28801 (65.90.202.10) at 4/24/2009 6:59:07 AM |
|
#19: Thanks for the link. I will certainly try it on all of my computers. However, I would also ask, what the hell does that prove? It appears to be a test to check for infection. It in no way backs up your claim that IE8 can be taken over "real easy".
By the way I just viewed that site at work with IE6 and had no issues. This was probably because my machine was patched with the available fix SIX MONTHS AGO! Anyone infected by this virus only has themselves to blame. |
| #21 By 15406 (216.191.227.68) at 4/24/2009 8:13:53 AM |
| #18: Yayaya, I know, I'm always wrong... even when I'm right. I may not be a Vista expert but I know that IE happily served you up a heapin' helping of malware that UAC caught. Firefox wouldn't have done that. You can ridicule me all you want, but you know that's just a distraction from the real issue that we were talking about. |
| #22 By 23275 (24.196.4.141) at 4/24/2009 9:14:08 AM |
|
#21, Actually Latch, IE works within Protected Mode and as part of the integrity mechanism. It was actually IE's protection that fired the first UAC.
IE again would have asked when the object requested to be install and finally, after IE was done warning me, the object would have been allowed out of IE's very restrictive space where I would been asked again. Firefox would have skipped all that and gone straight to step four. Now you're not just wrong, you're intentionally being inaccurate, because I refuse to accept that I am willingly debating with someone as stupid as it would take to persist as you are. |
| #23 By 28801 (65.90.202.10) at 4/24/2009 10:12:04 AM |
|
Let's just cut to the chase folks.
FF with NOSCRIPT is probably a more secure option than IE on XP and even possibly Vista 32-bit. IE7 & 8 are the most secure option on Vista 64-bit. |
| #24 By 15406 (216.191.227.68) at 4/24/2009 2:38:48 PM |
|
#22: Firefox would have skipped all that and gone straight to step four.
Nonsense. How would it get to step four when it wouldn't get to step one? You know, the step where the drive-by download occurs? |
| #25 By 92283 (70.67.3.196) at 4/24/2009 3:51:27 PM |
|
"With the publication of drive by download attack code this week which impacts Firefox security on all platforms by exploiting an unpatched and critical flaw in the browser ..."
http://www.itpro.co.uk/blogs/daveyw/2009/03/26/in-need-of-an-urgent-firefox-fix/ https://bugzilla.mozilla.org/show_bug.cgi?id=485217 |
|
Write Comment
Return to News |
Displaying 1 through 25 of 329 Last | Next |
The time now is
6:30:08 AM
ET.
Any comment problems? E-mail us |
