Anyway I used it for 1-2 days and found alot of programs asking for UAC access:
Teamviewer
Secunia PSI
Filezilla setup
AutoIt setup
When UAC is alerting, it doesnt rly give any info about what is going on? It just said that this file wants to make changes / needs admin access. But there is no information of what this program actually wants to do. So how do you know if you should allow a file/setup or not (besides trustfull stuff. which still could be binded with a malware when someone found an exploit on the site and modified the download file.. but ye.. nvm that
)thx
Reply 1 : Uac
UAC at the default Windows 7 can be disabled by malware. At max settings it can not be.
UAC is very helpful for preventing against malware because it essentially doesn't allow the malware to elevate to administrative level and therefor it doesn't allow it to mess with system files.
I found the linux popup more annoying because I couldn't hit "yes." lol I know I'll get for that.
Basically, UAC is asking "Is this program supposed to be running as admin?" and you look at the program and if you don't recognize it you can go ahead and say "No." Otherwise just let it run as admin. More and more programs are being coded to install to areas that don't require admin access because it's a security issue.
How are you supposed to know? Well as I said, if something is trying to get admin access randomly you probably don't want it to. If something is asking for UAC after you opened up a program it's probably that program but always check. When in doubt, google.
UAC is very helpful for preventing against malware because it essentially doesn't allow the malware to elevate to administrative level and therefor it doesn't allow it to mess with system files.
I found the linux popup more annoying because I couldn't hit "yes." lol I know I'll get for that.
Basically, UAC is asking "Is this program supposed to be running as admin?" and you look at the program and if you don't recognize it you can go ahead and say "No." Otherwise just let it run as admin. More and more programs are being coded to install to areas that don't require admin access because it's a security issue.
How are you supposed to know? Well as I said, if something is trying to get admin access randomly you probably don't want it to. If something is asking for UAC after you opened up a program it's probably that program but always check. When in doubt, google.
Reply 2 : Uac
Quote:
|
Originally Posted by zakazak 
Some people said that UAC when beeing at maximum protection, cant be disabled/bypassed by any malware/trojan/... is it true?
|
Quote:
|
Originally Posted by zakazak
Also it looks more annoying than usefull/secure since its just a simple "yes" popup and not something like root pw on linux.
|
Quote:
|
Originally Posted by zakazak
When UAC is alerting, it doesnt rly give any info about what is going on? [...] how do you know if you should allow a file/setup or not (besides trustfull stuff. which still could be binded with a malware when someone found an exploit on the site and modified the download file.. but ye.. nvm that :D)
|
However, UAC dialogs will show you the "Verified publisher" of a file. This information is verified by looking at the digital signature of the file. So if the file gets modified, the UAC dialog normally doesn't show that original publisher anymore, but instead say that the publisher is "Unknown". Be aware that this technique is not foolproof either. For instance, there are various problems with it that are inherent to the design of a PKI (Public Key Infrastructure), which is being used to verify the signature of a file. For instance, if you (or a malicious software) succed(s) to install a malicious root certificate on your system, the "Verified publisher" of any file on your system can be faked. Furthermore, another big PKI problem is that the certificates which are already installed on your system must not necessarily have certificate chains following them that are absolutely trustworthy. The good news is that this is rather irrelevant given the fact that for various reasons, UAC is not really secure in the first place...
------
Quote:
|
Originally Posted by zakazak
thx
|
On an unrelated side note, why not give using proper English a try? ;)
------
[1] Security is not a solution, it' a concept
Reply 3 : Uac
Quote:
|
Originally Posted by Christoph.krn
It can be bypassed. Have a look at [1], which has /some/ links to further information about this. Also, have a look at User Account Control: Inside Windows 7 User Account Control.
|
Quote:
|
Originally Posted by zakazak
So after that discussion about UAC in the other thread i now used it for some days too and for me it kinda feels "annoying".
|
Quote:
|
Originally Posted by zakazak
Some people said that UAC when beeing at maximum protection, cant be disabled/bypassed by any malware/trojan/... is it true?
|
Quote:
|
Originally Posted by zakazak
Also it looks more annoying than usefull/secure since its just a simple "yes" popup and not something like root pw on linux.
|
Quote:
|
Originally Posted by zakazak
Anyway I used it for 1-2 days and found alot of programs asking for UAC access:
Teamviewer Secunia PSI Filezilla setup AutoIt setup |
Quote:
|
Originally Posted by zakazak
When UAC is alerting, it doesnt rly give any info about what is going on? It just said that this file wants to make changes / needs admin access. But there is no information of what this program actually wants to do.
|
Quote:
|
Originally Posted by zakazak
So how do you know if you should allow a file/setup or not
|
Reply 4 : Uac
Quote:
|
Originally Posted by Pirx
That's because you did not configure your user correctly: You are supposed to run your day-to-day work as a standard user, not as an admin. If you do that, you'll have to provide a password, just as in Linux, or Unix, etc.
|
Quote:
|
Originally Posted by Christoph.krn
It can be bypassed. Have a look at [1], which has /some/ links to further information about this. Also, have a look at User Account Control: Inside Windows 7 User Account Control.
However, UAC dialogs will show you the "Verified publisher" of a file. This information is verified by looking at the digital signature of the file. So if the file gets modified, the UAC dialog normally doesn't show that original publisher anymore, but instead say that the publisher is "Unknown". Be aware that this technique is not foolproof either. For instance, there are various problems with it that are inherent to the design of a PKI (Public Key Infrastructure), which is being used to verify the signature of a file. For instance, if you (or a malicious software) succed(s) to install a malicious root certificate on your system, the "Verified publisher" of any file on your system can be faked. Furthermore, another big PKI problem is that the certificates which are already installed on your system must not necessarily have certificate chains following them that are absolutely trustworthy. The good news is that this is rather irrelevant given the fact that for various reasons, UAC is not really secure in the first place... |
Quote:
|
Originally Posted by Christoph.krn
Yeah, that's indeed a reproduction standard.
On an unrelated side note, why not give using proper English a try?  |
Reply 5 : Uac
Generic malware doesn't have to bypass it most of the time because most people don't realize how useful UAC is lol
Reply 6 : Uac
Quote:
|
Originally Posted by zakazak
.. true that :P in the end i guess it would be more disturbing when having to enter a pw all the time :S
|
An admin with UAC kind of like using sudoer with no password attribute on it.
Anyways UAC is pretty useless, when most people just hit OK anyways when they got no clue of what it does. Goes pretty much the same on all linux OS. Luckily, most linux user are classed as technically proficient after they figure out the installation process, graphic or terminal.
In the end, it's all really is if that do your trust them, their code, their compiler that made their binaries ... etc etc
Reply 7 : Uac
Quote:
|
Originally Posted by zakazak
Couldnt read that article yet (just woke up, had an espresso and now got to go :S) but if malware could disable/bypass UAC (without the user clicking on yes) or fake the publisher...
|
Reply 8 : Uac
Anyway this link shows you how to enable Highest Security UAC on Windows 7 Home Editions.
Hope it helps Home Administrators to lock down systems from pesky "download and run anything" Users.
Irresponsible and silly home users NEED to have their rights taken away.
This also helps in preventing people who "borrows" your computer with Windows 7 Home Edition from messing with it when your account is created as Administrator.
Hope it helps Home Administrators to lock down systems from pesky "download and run anything" Users.
Irresponsible and silly home users NEED to have their rights taken away.
This also helps in preventing people who "borrows" your computer with Windows 7 Home Edition from messing with it when your account is created as Administrator.
Reply 9 : Uac
Quote:
|
Originally Posted by Pirx
Excellent source. If you look at the details, you'll see that the examples are not really ones of malware bypassing UAC in the strict sense of the word, but rather tricking the user into giving permission to execute stuff that should not be executed. Ultimately there is no protection against this kind of thing, independently of what technology you use.
|
- Security feature:
A "security feature" does enhance security but can't necessarily be relied upon. Taking W-LAN as an an example, security features would be using a MAC-filter, disabling SSID broadcast ("hiding" the wireless network) or using WEP - in some way, these do enhance security, but they are easy to bypass. - Security boundary:
A "security boundary" is a strict security feature with no obvious easy ways to crack it. Taking W-LAN as an example, using WPA2 encryption would be a security boundary - for now, WPA2 can be called reasonably secure.
The default of Windows Vista as well as Windows 7 with UAC on highest setting is that your user account is an "Administrator in Admin Approval Mode" (AAM). This means that you have have the rights of a standard user unless you allow some process to run with elevated privileges (through a UAC dialog), which will automatically give them administrative rights. These UAC consent prompts for AAMs are NOT a security boundary, they can "easily" be bypassed [1].
So yes, UAC /may/ sometimes lead to higer security, but basically it's insecure because it's not meant to be relied upon. In any case, this doesn't mean that it's a good idea to disable UAC because it's not absolutely secure anyway. First of all, there is no such thing as "absolutely secure", and second, disabling security features makes you a potentially more lucrative victim (see also: "'I've Got Nothing to Hide' and Other Misunderstandings of Privacy").
zakazak, to somewhat increase the security of UAC (have a look at [1] for more information about what kind of security this would give you), you can create another password-protected user with administrative rights in the control panel of your system and make your own user account a standard account. Be aware that this will also cause UAC to ask for the password of the other account instead of asking you to click yes or no, which is another convenience tradeoff. I already linked to this information at Security is not a solution, it' a concept, where you can also find quite a lot more information on how to increase the security of your system.
------
Quote:
|
Originally Posted by zakazak
Sry but i was writing this from my HTC Desire HD while i should have cleaned weapons at army ;D + im not a native american so english is just a 2nd language for me :P
|
Quote:
|
Originally Posted by zakazak
(is windows looking for its digital signature in the internet or just readon the publisher from the file itself.. second could be faked so easily :S)
|
Quote:
|
Originally Posted by Pirx
You should have read the article... ;)
|
Please read before asking. If you can't be bothered to look for information yourself before asking, people can't be bothered to answer you. (No offense intended, I'm not trying to imply that you don't care.)
------
[1] UAC: Desert Topping, or Floor Wax?
No comments:
Post a Comment