| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 27 Aug 2009 09:35:28 -1000 From: Peter Besenbruch <prb@...a.net> To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: Re: [Fwd: Re: windows future] > >I'm not sure this is a solution. Most of the people I work with will > >unquestioningly click every UAC prompt. Knowing what to whitelist requires > > a fair degree of technical skill beyond most users' ability. On Thursday 27 August 2009 08:34:54 Thor (Hammer of God) wrote: > If they can just "unquestionably click" the UAC prompt, then they are > already running as administrators, or your DA has changed the default > setting for UAC, which requires "normal users" to enter the admin username > and password to run code with escalated permissions. > > In either case, it's not Vista's fault. It is somewhat Vista's (or Windows') fault if the default user is also the administrator by default. Yes, knowledgeable people will know to set up a separate user account, but in a home environment such people are few and far between. In my own "business" situation, I am the computer goto guy. Our equipment isn't capable of Vista. When I arrived it ran XP Home. It took about a year, but we migrated to something more open source, and to an OS that insists on regular user accounts by default. -- Hawaiian Astronomical Society: http://www.hawastsoc.org HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists