Langsung ke konten utama

Security in Windows 7: User Account Control (UAC)

People who bought computers with Vista preinstalled tend to be a lot happier than those who upgraded from XP, especially those who failed to run the upgrade advisor. The same is true of Windows 7. Even after following all advice from the Windows 7 Upgrade Advisor, I still had to jump through hoops to re-enable my connection to PCMag's Virtual Private Network after upgrading from Vista.

Even the biggest Vista fans, the ones who've never experienced any upgrade tribulations, have to admit that User Account Control (UAC) can be a pain in the neck. Fortunately Microsoft made some significant improvements in it for Windows 7.


Why User Account Control?
Vista was designed to be significantly more secure than XP, and UAC is a cornerstone of its security scheme. The point of UAC is to make sure no system-level changes occur without an Administrator's permission. Even if you normally use an Administrator account, all of your day-to-day activity happens at the low-privilege Standard level. Before a nasty virus (or a useful application) can do something potentially dangerous like writing to the Windows folder, it has to get permission.

UAC pop-ups in Vista are especially shocking because of what's called "secure desktop mode." The screen blanks out briefly, then everything except the UAC pop-up goes dim. Anything else you were doing is out of reach until you respond to the pop-up. This prevents sneaky programs from meddling with the UAC dialog, but it can be an unpleasant shock.

Less frightening but equally annoying is the "I just told you!" scenario. You launch a program and UAC immediately asks if you want to run this program. D'oh! Of course you do! Users can really get steamed about this, even Administrator users who merely have to click Yes. Imagine the frustration of a Standard user who must type an Administrator password or (more likely) go track down a supervisor to enter the password. One time in a thousand this precaution might prevent a malicious program from launching, assuming (and it's a big assumption) that the user was alert enough to choose No. The other 999 times it's just a pain.

In the Engineering Windows 7 blog, Microsoft's engineers trot out the notion that requiring a UAC confirmation for every sensitive action is good, because it "forces malware or poorly written software to show itself and get your approval before it can potentially harm the system." That same rationale gave us old-style (and now obsolete) personal firewalls that deluged us with incomprehensible pop-up queries—ugh!

In fact, Microsoft's designers admit that UAC can't really keep out malware, because users don't know enough to correctly respond to its prompts. Most users just click Yes and allow the program to do what it was going to anyhow. Microsoft's own figures show that users click Yes about 90 percent of the time. That's usually the correct answer, but Joe User can't distinguish a scary UAC prompt about a perfectly valid program from a scary UAC prompt about a malware attack.

Postingan populer dari blog ini

57% Use Social Network Sites

The power of online social networking was demonstrated by the tens of thousands who gathered in Shanghai at the weekend to pay their respects to the people who died in last Monday's blaze. The event at Jiaozhou Road was launched on microblogs and information spread rapidly on the Internet , especially on social networking sites such as Kaixin001.com. According to a survey by Shanghai Daily and Touchmedia, of 110,000 people traveling in taxis in Shanghai, Beijing, Guangzhou and Shenzhen , 57 percent of interviewees use social networking sites or microblogs for more than half an hour a day, and 18 percent for more than three hours. Microblogging is the most popular form. Almost 60 percent of the interviewees said they publish information on microblogs, communicating with friends, following celebrities, expressing their opinions, sharing jokes and conducting online marketing, said the survey.

Upcoming Facebook Redesign Surface

Kerajaan Jeumpa, Kerajaan Islam Pertama Nusantara

Teori tentang kerajaan Islam pertama di Nusantara sampai saat ini masih banyak diperdebatkan oleh para peneliti, baik cendekiawan Muslim maupun non Muslim. Umumnya perbedaan pendapat tentang teori ini didasarkan pada teori awal mula masuknya Islam ke Nusantara. Mengenai teori Islamisasi di Nusantara, para ahli sejarah terbagi menjadi 3 kelompok besar, yaitu pendukung (i) Teori Gujarat (ii) Teori Parsia dan (iii) Teori Mekah (Arab). Bukan maksud tulisan ini untuk membahas teori-teori tersebut secara mendetil, namun dari penelitian yang penulis lakukan, maka dapat disimpulkan bahwa Teori Mekkah (Arab) lebih mendekati kebenaran dengan fakta-fakta yang dikemukakan. Teori Mekkah (Arab) hakikatnya adalah koreksi terhadap teori Gujarat dan bantahan terhadap teori Persia. Di antara para ahli yang menganut teori ini adalah T.W. Arnold, Crawfurd, Keijzer, Niemann, De Holander, SMN. Al-Attas, A. Hasymi, dan Hamka. i Arnold menyatakan para pedagang Arab menyebarkan Islam ketika mereka mendo...