topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 4:43 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: NortonUAC  (Read 15244 times)

Josh

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Points: 45
  • Posts: 3,411
    • View Profile
    • Donate to Member
NortonUAC
« on: October 10, 2008, 01:03 AM »
To all,

It appears that norton has done it this time. This tool is insanely useful. This tool is not to be confused for Tweak-UAC which lets you disable UAC, but instead this offers you the ability to whitelist (and submit results to norton for inclusion in the whitelist) programs so you do not receive UAC prompts. It replaces the UAC prompt with it's own, see below, and allows you to choose "Don't ask me again" which supresses all prompts in the future for said program.

Very useful and freeware! Good job symantec

NortonUAC.JPG

Link

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,747
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: NortonUAC
« Reply #1 on: October 10, 2008, 01:23 AM »
Very nice and useful!

lanux128

  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 6,277
    • View Profile
    • Donate to Member
Re: NortonUAC
« Reply #2 on: October 10, 2008, 01:28 AM »
surprising for a Norton product, i wonder if after Beta-testing they will bundle this into their security suite.

city_zen

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 134
    • View Profile
    • Donate to Member
Re: NortonUAC
« Reply #3 on: October 10, 2008, 09:51 AM »
surprising for a Norton product

Ditto!  :D

I guess this will first become standard in most security suites (not just Norton's) and then will be the default behavior of UAC in Windows 7
I'll have what she's having

Josh

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Points: 45
  • Posts: 3,411
    • View Profile
    • Donate to Member
Re: NortonUAC
« Reply #4 on: October 10, 2008, 09:57 AM »
I just don't understand how microsoft's engineer's didn't see this as an issue during testing. I mean, from the start of UAC I know users have been suggesting that they add the ability to whitelist programs and let them run regardless. Even a "Trust all from this publisher" for signed executables (I.E. the sysinternals suite).

MrCrispy

  • Participant
  • Joined in 2006
  • *
  • Posts: 332
    • View Profile
    • Donate to Member
Re: NortonUAC
« Reply #5 on: October 10, 2008, 04:36 PM »
Well the idea behind UAC is that it should only be seen in exceptional circumstances and not frequently. Unfortunately that is not the case with both Windows and many 3rd party apps because they are not well written (things like writing to files in system directories instead of user data), but they have been improving and no. of UAC prompts has gone down. Windows 7 will make UAC better. This blog has details -

http://blogs.msdn.co...account-control.aspx

The trouble with Whitelisting is if you make a mistake (and its easy since most users don't understand technical prompts, they just want to get rid of them, which is part of the problem with UAC to begin with) it can be very dangerous. Imagine if a malicious app managed to fake a UAC prompt and you whitelist it.




f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: NortonUAC
« Reply #6 on: October 10, 2008, 06:10 PM »
This is an incredibly bad idea.

The point of UAC isn't just to keep malicious programs from doing bad things - it's just as important to keep trusted programs from doing bad things. Imagine the havoc that could happen if you add explorer.exe to the whitelist...

And even the idea of whitelisting something like UAC is, by itself, bad. I wonder how long it'll take before somebody manages to exploit NortonUAC and add itself to the whitelist.

What should instead have been done would be to keep the user elevated for a configurable time period after saying yes to an UAC prompt, that would make life easier when messing around with the control panel etc. For other stuff, imho UAC isn't really a big bother.
- carpe noctem

ClausValca

  • Participant
  • Joined in 2008
  • *
  • Posts: 1
    • View Profile
    • Donate to Member
Re: NortonUAC
« Reply #7 on: October 11, 2008, 08:50 AM »
When I was checking out my RSS feeds I happened to see that Paul Thurrott also blogged about this on his WinSuperSite.

In the comments were links provided by a Chinese Windows researcher by the name of Asuka. He referred to two posts that provides some background on what Norton's appears to be doing to fuzz the UAC system.

I'm linking to the Google-Translate version pages. However it still leaves a bit of the technicals "lost in translation" if you will.

Norton UAC Tool theory analysis - Asuka's Blog

Vampire in mind: an in-depth realization of the principle Norton UAC Tool - Smallfrog's Technical Blog.

There is enough there to get the gist of it, and possibly one could replicate their results to figure it out on your own.

I'm no coder, but do use ProcessMonitor/ProcessExplorer heavily in my sysadmin work dealing with malware and buggy applications so I was impressed with their findings. 

I personally have UAC engaged in "quiet mode" with the TweakUAC utility and actually like the blend of flexibility/protection it provides.  I'm not sure how I feel about this Norton's one.  I like it in theory, but am a bit more hesitant to deploy on my system.  Maybe as its method gets picked apart more by the security and coding community I might be more open to it.

It leaves me wondering now if Norton's can pull off this method of UAC interaction, what else could.

Certainly curious stuff.

Thought the "DonationCoder" community would find those deeper looks into the program's function interesting.

--Cheers!

aruvam

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 9
    • View Profile
    • Donate to Member
Re: NortonUAC
« Reply #8 on: October 11, 2008, 04:03 PM »
One caveat - the application defaults to sending information to Norton about what caused the prompt and what your response to it was. See link for more details http://www.betanews...._feedback/1223668881

justice

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,898
    • View Profile
    • Donate to Member
Re: NortonUAC
« Reply #9 on: October 25, 2008, 05:41 PM »
So did anyone try it?