Main Area and Open Discussion > General Software Discussion
How necessary is the UAC in Windows 7?
Stoic Joker:
Microsoft explains that because the UAC dialog box isn't on the secure desktop with the setting I suggested, "other programs might be able to interfere with the dialog's visual appearance.-cyberdiva (August 02, 2011, 04:45 PM)
--- End quote ---
Um... If it's not on the secure desktop (e.g. isolated secondary session), it's not secure, period. Because under attack, when the bugg is trying to get in, it can simply respond to the prompt for you.
If everybody is on the same desktop (e.g. session), then whoever is quickest wins (and the software will be). It really is just that simple.
This is a small security risk if you already have a malicious program running on your computer." The risk is obviously more than with a higher setting, but I don't think I'd say that UAC is rendered "pretty much useless" with the lower setting.-cyberdiva (August 02, 2011, 04:45 PM)
--- End quote ---
The question is can you keep it out when it comes-a-knocking. The answer - in that configuration - is no.
Lashiec:
Doing that renders UAC pretty much useless. And while the flicker-to-black is a bit annoying, it's a sign that UAC really is kicking in and you aren't being faked :)
-f0dder (August 02, 2011, 03:44 PM)
--- End quote ---
I wonder, is Windows 7 default UAC setting secure enough or is still advisable to kick the slider up a notch?
Carol Haynes:
Most secure is to leave the machine unplugged ...
cyberdiva:
The question is can you keep it out when it comes-a-knocking. The answer - in that configuration - is no.
-Stoic Joker (August 02, 2011, 05:06 PM)
--- End quote ---
I don't rely on UAC as my only defense. I've got a firewall, AV software, and whatever firewall function the router has, along with Malwarebytes in real time, and WinPatrol Plus (which, among other things, keeps watch over my HOSTS and critical systems files). And, of course, my own experience and common sense. So yes, I guess I do feel that when it comes a-knocking, it's unlikely to get in the door. (She says, crossing her fingers. :) )
Stoic Joker:
Real-time scanners & AV software only serve to slow the machine down (typically to a crawl). And in so doing can only catch what they (have signatures for) know about. Anything new that comes down the pike is a heuristics crap-shoot.
The only truly effective method (outside of common sense), is reduced permissions. Because the bugg will only have as much permission as you do. So if you don't have permission to break the machine... Neither. Does. The. Bugg.
You have an entire application running full time, grinding up CPU cycles, Just to monitor "System Files". System files that would be completely untouchable by a standard user account ... Which requires 0 CPU time.
The only "safe" trade-off for those that persist in doing day-to-day activities with administrative rights, is UAC. But it must be allowed to isolate itself from you, to be able to defend the machine effectively. Other wise if you're both sharing the same desktop/session it ends up being the same ineffectively silly light speed foot race to the kill switch that you have with AV software. Bugg comes in, slits the AV's throat, and sets up shop. I see this cycle repeated again and again.
Lady brought a laptop in today; on it she had a veritable laundry list of security applications, UAC set to the max, and 3 root kits. She lacks the most important common sense layer of security and tends to click on whatever gets her to where she wants to be the quickest...Because she is "Protected". By Elfin Magic I guess... *Sigh* ...Must be where the term Sheeple came from. :)
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version