part of the Blog News Channel

User Account Control Getting Refined (and better)

The User Account Control blog explains some of the changes to be expected to UAC in Windows Vista Beta 2. To explain it: Windows has a Secure desktop and a User desktop. The Secure desktop is protected from anything, because it can only run one thing: system processes. The Windows Logon screen runs entirely in Secure desktop, so nothing malicious can get in when Windows is loading.

When you are using your computer, nothing dangerous (such as running unsigned programs or modifying the system) can happen on the User desktop, because before that can happen, the Secure desktop needs to approve it. For that to happen, UAC pops up a dialog, grays the entire rest of the screen, and asks for administrator approval. All of this is done in the Secure desktop, so nothing but system processes can run while you are being asked for administrator approval.

Lets say a program wants to get approved, so it can run all over your system doing terrible things. It would need to trick you into telling UAC to give it approval, by faking the information UAC shows. This would be done by showing a fake UAC screen, one that looked legit, and then passing on your password and approval to the real thing, which is right below the fake one. Now, that wouldn’t work, since the fake UAC can’t run on Secure desktop without getting approval, and it can’t get approval without a fake UAC.

Got it?

There are other issues I’m concerned about, including what prevents a fake UAC (not running in Secure desktop, and thus not affecting the system) from at least stealing your administrator password for later usage by a human. Still, the process they’ve got sounds excellent, and I’m looking forward to a more secure Windows.

As an aside, look at the screenshots on the UAC blog. They barely range from 60-80k, yet because of the increased complexity of Vista graphics (Aero Glass transparency doesn’t work well with compression, and neither do fades) means huge tradeoffs in file size vs. quality.

It looks to me like the biggest problem in Vista is going to be showing off the OS. A small screenshot at decent quality could run well over 125k, which is a lot of bandwidth for many of us to waste. Are there any compression settings which handle Vista well? I wonder.

May 4th, 2006 Posted by Nathan Weinberg | Vista, Windows, Security, General | no comments

Hosting sponsored by GoDaddy

No Comments »

No comments yet.

Leave a comment