Wednesday, April 06, 2005
I may have to give a Medal of Cluefulness to Microsoft
If they go through with something they're discussing, Microsoft will be provably clued in.
Ever wonder why malicious software can do so much damage? It's because it's allowed to do anything you can do. Your best option now is to log in as a user without Administrator privileges except when you really need them. Unfortunately a lot of common operations require Administrator privileges, so many people stay logged in as an administrator all the time. That's like carrying a loaded gun with the safety off.
Microsoft hasn't committed to anything yet but they're talking about some really good ideas for the next major version of Windows, "Longhorn". They've sent up trial balloons about something called a "least-privileged user account" or "LUA". They are considering changes to let ordinary users do day to day work without having to risk their systems by running as Administrator. Even better, they're talking about a system where your IT department can set limits on what a program can do, separate from what you're allowed to do. In other words, you'll finally be able to run a program without giving it full power of attorney. Theoretically you could run a web browser but deny it permission to install spyware.
If they go through with this a lot of existing software may need upgrades. It will be worth the hassle.
None of these ideas are new, but I've long thought they're exactly what Microsoft needs in order to make solid improvements to Windows security.
|
Ever wonder why malicious software can do so much damage? It's because it's allowed to do anything you can do. Your best option now is to log in as a user without Administrator privileges except when you really need them. Unfortunately a lot of common operations require Administrator privileges, so many people stay logged in as an administrator all the time. That's like carrying a loaded gun with the safety off.
Microsoft hasn't committed to anything yet but they're talking about some really good ideas for the next major version of Windows, "Longhorn". They've sent up trial balloons about something called a "least-privileged user account" or "LUA". They are considering changes to let ordinary users do day to day work without having to risk their systems by running as Administrator. Even better, they're talking about a system where your IT department can set limits on what a program can do, separate from what you're allowed to do. In other words, you'll finally be able to run a program without giving it full power of attorney. Theoretically you could run a web browser but deny it permission to install spyware.
If they go through with this a lot of existing software may need upgrades. It will be worth the hassle.
None of these ideas are new, but I've long thought they're exactly what Microsoft needs in order to make solid improvements to Windows security.
# posted by Frederick @ 9:23 PM Email to a friend:
Haloscan: they provide trackback