Vista beta blows hard.

[Xon]

It's a really bad idea shared by every Linux distro I've ever used, then.

The problem is Window's approach to processes is different from *nix. Simply slapping one's approach into the other without knowladge of the differences and what they mean just opens security holes.

You cant intercept the LUA prompt (and thus get an admin account + password or do software tricks to fake activating it) in Vista due to some OS side-voodoo which grants permisions to a single process, but it still doesnt prevent the application from being compromissed before hand.

Also Linux isnt exactly the pinnacle of the desktop user security, simply because it doesnt have enough stupid people using it.

Oh yeah, because display properties are a heinous security risk.

The display properties control which application is used when the screensaver comes on, the desktop background which supports ActiveX/html/whatever the fuck is plugged into IE as well as the ability to install drivers. It also controls all the viewable settings and the ability to send the computer into hibernation after 'x' idle time. These 2 allow for DOS attacks.

No shit is is a privileged operation.

Ideally, it should only prompt you for elevation when you do something. Thats why it's called a "BETA", so these issues can be tested by the public

[Stark]

Oh I don't deny your description of the risks, I just naively suggested something I use every day that seems to work.

[Xon]

Stark was describing Mac OS X's security system. In that system, you request a right from the security server. You'll be authenticated through a password dialog, SMART card reader or whatever. If this is successful, the security server stores a set of credentials for that session which expire after 5 minutes, typically. Then the server checks to see if you have access to the requested right in its policy database using the stored credentials. If the credentials have expired, you'll have to re-authenticate.

Sounds similar to Vista's system.

Except; it doesnt prompt for an administrator username or password if your account is a 'protected' administrator or has the potential ability to access it but the LUA is enabled. It just enables the otherwise hard disabled security tokens the user is allowed to manipulate, but the application needs to request access to the token as well as release access.

As far as I'm aware, the application requesting the access to a token needs to be 'blessed' to have permission to request access. And presumably this sets the application as a process which requires isolating so it prevents stuff like IE injecting crap into something like Task Manager.

What I thought Stark was describing was this; prompt for higher credentials allow access for 'x' time globally to anything which wanted them.

[Admiral Valdemar]

Probably because the average Window user shouldn't even have temporary admin access. If you're using Linux, chances are you know what the hell you're doing and didn't accidentally figure out how to e-mail one day. The sudo command is ample for the needs it fits, but the problem with Windows is that, ever since it came out, people expect to be admins from the get go, and you always start that way unless someone with a clue steps in. The gov't centre I was at this past fortnight used XP and I could access admin stuff from any work terminal. I honestly could control the system as I wanted, so either the IT guys were lazy or just damn stupid.

You're either going to get people moaning they want to have all these rights without the OS questioning whether it's a good idea to move killervirus.exe to WIN32 folder, or you'll just carry on this endless cycle of morons with computers.

[phongn]

I haven't used the Vista beta, but are the authentication dialogs really that annoying? Do they really pop up "every other click", or is that just an exaggeration because everyone's so used to being able to run amok on their systems without the slightest interference from the operating system?

The authorization request loads up a very annoying number of times. In addition, this is just another hurdle that the average user on a home PC will get conditioned to accept. He'll blindly type in an administrator password every time. Even for malware.

Probably because the average Window user shouldn't even have temporary admin access.

But Administrator access must exist on a home PC for mundane things like software installation, and this falls under the class of "average Windows user."

[Durandal]

What I thought Stark was describing was this; prompt for higher credentials allow access for 'x' time globally to anything which wanted them.

That's more like sudo. Although you can configure sudo pretty granularly.

The authorization request loads up a very annoying number of times. In addition, this is just another hurdle that the average user on a home PC will get conditioned to accept. He'll blindly type in an administrator password every time. Even for malware.

I wouldn't say it's annoying. It pops up whenever I expect it to, like when I'm installing software or accessing a privileges system preference.

As for users getting conditioned to just enter their passwords, that's just a reality that developers can't overcome. All you can do is somehow indicate to the user that an application is requesting a privileged action. Operating systems are not psychic, nor will they ever be.

[Netko]

They are still working on it - in fact, there are already improvements in place compared to the recently released Beta 2. They hope that in the end you will only need to provide elevated credentials (or allow something) when changing stuff and not when only viewing settings (so for the display properties example, you could move to any of the tabs, see whats set, but if you change something that MS feels is an possible attack vector, that is probably anything, you need to supply admin credentials when clicking on apply/ok)

Anyway, here is a nice 12 min video describing the ideas and implementation of UAC and the evolution of the popups (and note that the team behind UAC is very much aware of complaints of too much popups).

[Uraniun235]

The gov't centre I was at this past fortnight used XP and I could access admin stuff from any work terminal. I honestly could control the system as I wanted, so either the IT guys were lazy or just damn stupid.

Mmm... depends.

There's a handy app out there called "Deep Freeze" which can be nice... basically, you can do whatever to the computer, and if it's not "thawed" (which requires a reboot to accomplish), then anything you've done will be undone when it restarts. Although, I've heard disturbing reports that they're getting sloppy with the code and that the latest versions are a bit unstable.

Another possibility is that there are programs available which can remotely re-image the entire computer over the network. I've heard that one local school district basically just re-images every single computer at night, wiping out any changes that have been made. (User files get stored on the network, as they should be.)

Another possibility is that they figure it's easier to just re-image someone's computer when they break Windows.

[Mange]

Is there a way to change that god-awful CPU/Mem usage tacky-ometer and use some less conspicuous and therefore more useful display?

I think that's only one of the Vista Desktop Gadgets (widgets) and that there's bound to be a more useful display. I haven't tried the Vista beta myself though.

[Darth Wong]

Probably because the average Window user shouldn't even have temporary admin access. If you're using Linux, chances are you know what the hell you're doing and didn't accidentally figure out how to e-mail one day. The sudo command is ample for the needs it fits, but the problem with Windows is that, ever since it came out, people expect to be admins from the get go, and you always start that way unless someone with a clue steps in. The gov't centre I was at this past fortnight used XP and I could access admin stuff from any work terminal. I honestly could control the system as I wanted, so either the IT guys were lazy or just damn stupid.

You're either going to get people moaning they want to have all these rights without the OS questioning whether it's a good idea to move killervirus.exe to WIN32 folder, or you'll just carry on this endless cycle of morons with computers.

So the average Windows user responds to Windows' inconvenient security model by simply logging in and running as "Administrator" 100% of the time. Like it or not, they should make it more convenient to do a su.

[Glocksman]

I'm running the beta on my spare hard drive right now, and there are 2 glaring issues that stand out.

Random USB device failures (serious since both my mouse and keyboard are USB) that can be fixed by simply unplugging the device and plugging it back in.
EDIT: It's probably a keyboard/mouse driver issue rather than a USB issue per se, as my PS/2 keyboard fails randomly as well.
Since you can't hotswap PS/2 connections (at least you're not supposed to), simply uninstalling the keyboard and redetecting it in Device Manager fixes it for a while.
DNS failures that 'Diagnose Internet Connection' doesn't detect, but if I disable the NIC and re-enable it, DNS works correctly for a while.

And as others have said, UAC is a total pain in the ass as currently implemented.
Something else that stood out was that DVD playback in WMP was choppy to the point it looked like software playback on a P2-233, and this on an Athlon 64 3700+ overclocked to 2.65 Ghz, a Radeon X800 Pro video card, and 2 Gigs of system memory!
It had built in drivers for both of my laser printers and my HP Photosmart printer, but getting Vista to work with my print server and Windows Firewall enabled (no changes needed with the XP firewall) was somewhat of a pain.

All in all it shows some promise, but there's a lot of work ahead for MS to get all of the bugs out.

And for the curious, my setup is as follows:

Asus A8V socket 939 motherboard
Athlon64 3700+ San Diego core overclocked to 2.65 Ghz.
2 GB PC3200 RAM
250 GB SATA HD (integrated VIA controller)
160 GB SATA HD (Promise sataII tx150+ controller)(boot drive for Vista)
200 GB SATA HD (integrated VIA controller)
3 optical drives
550 watt Antec TrueControl power supply.
ATi Radeon X800 Pro 256 Meg AGP card that I got a super deal on from some WoW addict.
Dell 2007WFP flat panel
Klipsch Promedia 2.1 speakers.

[Admiral Valdemar]

I have finished the download of the beta public release and will install it via VMware Server on my (newly repaired thanks to a fucked up kernel upgrade) Ubuntu installation. I know they've corrected some things already since the release, but I want to see just how radical (or not as the case may be) Vista is over XP and 2000.

[Praxis]

Stark, that is a really bad idea.

Then you would get malware which injects itself into every application which it can, waiting for the chance it will one day get more privilages.

One thing Vista does, is prevent lower ranked applications touching higher ones. This means IE simply cant effect the rest of the system, this also has its down sides. That is IE cant effect the rest of the system.

What determines an application's ranking? What prevents a virus from telling Windows, "I'm high ranked"?

[Praxis]

The gov't centre I was at this past fortnight used XP and I could access admin stuff from any work terminal. I honestly could control the system as I wanted, so either the IT guys were lazy or just damn stupid.

My college set up all kinds of security on the computers. You couldn't open any folders they didn't want you to, couldn't even see the root drive, could only open stuff on the desktop, couldn't access the network, and the only usable programs were Office and Internet Explorer.

Of course, Start->All Programs->Accessories-> Command Prompt, and bam, I had access to everything on the drive, could run any program, and copy any file to the desktop and mess with it.

Heck, back in high school the PCs had some auto-restore PCI card that, every time you restarted the computer, copied a disk image to the hard drive and restored everything, so we had all kinds of fun clobbering the computers, trashing the Windows installation, collecting viruses, hacking each other's poorly-protected computers from across the room, etc, then just restarting the things and having them all go back to normal.

All this during class, too One of the students was a 16-year-old Linux system admin and managed to hack the BIOS password and disable the PCI card on one of the systems and install FireFox so it would stick.

[Admiral Valdemar]

My uni had decent security, but not so tight it would limit you to using only IE, and not installing Firefox. But then I went out with one of the IT people and most were Linux users anyway. Governments, however, are not known for being all that thorough, shall we say.

[Resinence]

DNS failures that 'Diagnose Internet Connection' doesn't detect, but if I disable the NIC and re-enable it, DNS works correctly for a while.

One I noticed alot, especially when using bittorrent because when the DNS drops you lose the tracker.

UAC is pretty annoying, for those of you who havent used it yet, it doesn't just ask for a password. It locks up the display and you cannot do anything at all until you hit cancel or enter the admin password.

If you open task manager, click show all users processes, it will show the UAC prompt, then after you enter the password it will open a task manager with admin rights. So now you can go new process and anything you start from that task manager (this works with a cmd prompt with admin rights too) will have admin rights and not ask for the password.

The current vista security model is no more restrictive than the the linux security model, people are just very used to running everything in a root account. They want security but want to run as an admin all the time...

I have been using beta 2 every day lately looking for bugs and when I'm just doing what a normal user does (email, net, IM etc) I never see the UAC prompt... ever. It's only when I go messing around with the guts that I see it, I think UAC is fine. They finally got something right.