05/01/2007, 4:45pm, EDT
Tuesday, May 1stMicrosoft: UAC the future of every OS
The controversial User Account Control security guard in Windows Vista should be integrated with every OS, a Microsoft executive said today. The company's chief security advisor in Australia, Peter Watson, made the remark when discussing protection with a developer news site. The executive contended that the fundamental idea behind process, which is meant to trap viruses and spyware by asking permission before running potentially risky tasks, is an essential component that emphasizes the user's own responsibility.
"There has been a lot of misunderstanding in the market around User Account Control," Watson said. "If you look at it from an architectural direction User Account Control is a great idea and strategically a direction that all operating systems and all technologies should be heading down."
The comment has triggered frustrated reactions from some, who note that Microsoft's claim is neither original nor ideal. The basic principle of explicit permission even when running as administrator has been present since UNIX and has found its way into spin-offs such as Mac OS X and Linux, either of which requires a password-protected superuser command, known as a "sudo" for automated installs and other hands-off code that could expose the system to attack.
"The fact is that Microsoft is late to the party with their Microsoftized version of sudo," Ars Technica's Ken Fisher said. "That's really what UAC is, after all: sudo with a fancy display mechanism (to make it hard to spoof) and extra monitoring to pick up on 'suspicious' behavior."
Fisher also drew attention to the sheer abundance of prompts that occur with UAC, which can irritate both casual users whose day-to-day use is interrpted as well as experienced users who might "freak out" at having to repeatedly authenticate for small commands even when logged in as full administrators. UNIX variants are typically more hesitant to trigger password prompts and will sometimes let comfortable users force a permanent superuser mode that escapes prompts altogether.
While not responding directly to the columnist, Watson readily admitted that the abundance of prompts in Microsoft's implementation could potentially numb less knowledgeable users by discouraging them from reading and understanding potentially serious messages.
"The problem you can never get around is if the user is just going to sit there and blindly hit the Enter key," he said.
Apple infamously made light of this last problem with its "Security" TV ad.
, 
, 21
, 
, 
, 
, 
, 
Top
subscribe to comments
for this article
Mr. Watson, just like many other MS soldiers, is just doing his duty. Trying as hard as he can to spin. Critical mass is moving in the other direction, though, and people are recognising Vista for what it is - pretty shell around Fisher Price XP.
And what other operating systems should be 'heading down this way' if Unix and OS X are already using it??
The trade-off between security and convenience is wrong in Vista. They clearly don't understand or care to understand usability.
"Apple infamously made light of this last problem..." I believe "infamous" would be more appropriate for Vista than for Apple's ad.
Somebody should make a page dedicated to the amusing/chilling quotes that come out of Microsoft. I would regularly visit such a page.