#444612 - 09/14/0907:58 PMRe: Windows 7 made for hackers !!
[Re: DLC]
six_of_one
Pool Bar
Registered: 04/19/02
Posts: 4474
Loc: Alexandria, VA
Hmmm ... sounds to me like there a "secure" mode that acts much the same way OSX does when you install something (prompting for a password and such) and a "convenience" mode which doesn't do that as much ... and the user decides which one to run ...
If a user decides to turn the security down, that's not really the fault of the OS ...
#444641 - 09/14/0909:57 PMRe: Windows 7 made for hackers !!
[Re: DLC]
six_of_one
Pool Bar
Registered: 04/19/02
Posts: 4474
Loc: Alexandria, VA
Hmmm ... as I read it the article says the attacks won't work if the account control is set to its safest mode. Hence the "irritating messages" vs. security loopholes conundrum ...
Well the final proof is in the final product... could be bad, or not so bad, hence why I asked how bad is it ?
could be a pain in the azz if it throws up many popup messages, in order to be safe. No one wants to be hacked but then no one wants to be pestered while they're in a rush to get work done... like trying to babysit and work at the same time!
#444665 - 09/14/0911:56 PMRe: Windows 7 made for hackers !!
[Re: DLC]
MacBozo Nut Dood
Registered: 04/21/02
Posts: 17704
Loc: Pinellas Park, Florida
As far as I'm concerned, it's bad.
Quote:
The new UAC from Windows 7 should be better as users can now decide when UAC should raise and alarm. The setback came in the first beta version of Windows 7 where a simple script was sufficient to start all programs within admin rights, without users knowing about it. The problem is rectified but only halfheartedly . Attackers can ease off the UAC through DLL injection even in the RC version, even giving all program admin rights.
When the attacker starts the Internet Explorer with this function, it disables the "Protected mode" and does not stop any hacker attacks. Microsoft does not help as they think that comfort is more important than hacking protection.
The DLL injection of the hacker gets hold of the Windows-internal DLLs, on which the entire operating system is structured. Normally, these libraries are protected by the UAC in Windows 7 but only if the account control is set to the safest mode.