1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Symantec proves Vista's UAC is flawed

Discussion in 'Article Discussion' started by Tim S, 23 Feb 2007.

  1. randosome

    randosome Banned

    Joined:
    17 Sep 2006
    Posts:
    226
    Likes Received:
    0
    yes but linux doesnt say, oh this piece of software is trusted

    and then you run it and part of the software was actually not trusted and your box breaks
     
  2. ou7blaze

    ou7blaze sensational.

    Joined:
    5 May 2003
    Posts:
    2,653
    Likes Received:
    2
    I'm leaning to the side that I agree with what Symantec has done with their security message - it addresses the problem in detail and basically pushes Microsoft to do something about it instead of sitting on their asses with most problems.

    Remember that damned annoying security hole in which your ocmputer would just shut off every time you logged on the internet? (I forgot the name of it, but a msg comes up and your computer just shuts down in a 1 minute countdown)

    Symantec also showed how easy it was to exploit this, something Microsft would never ever announce themselves, instead they hide and wait for someone else to do it, therefore I think Symanetic has done the right thing this time.
     
  3. GoodBytes

    GoodBytes How many wifi's does it have?

    Joined:
    20 Jan 2007
    Posts:
    12,300
    Likes Received:
    710
    If I had Vista, I would disable UAC... as I KNOW what I install... and I KNOW I am smart enough to not go to virus.com and trojan.com oh and how can I forget spy.mal.ware.com and get stuff from there.

    I'm responsible and smart.
     
  4. randosome

    randosome Banned

    Joined:
    17 Sep 2006
    Posts:
    226
    Likes Received:
    0
    i think your talking about the "remote procedure call" problem

    Most services in XP can be setup to do something when terminated, nothing, restart the process, run a program, restart the computer

    Sadly RPC is set to restart the computer, when really you just need to restart the service, and people exploited this by killing the RPC service - in fact the bug is still there generally, just something needs to kill the RPC service, which most virus scanners and such block these days
     
  5. Havok154

    Havok154 What's a Dremel?

    Joined:
    20 Aug 2006
    Posts:
    79
    Likes Received:
    0
    This is why Symantec will never be a real security company. Sure they sell security software, but they only become aware of 99% of new problems after companies like F-Secure find them and report them. The big difference is that companies like F-Secure report the problem and tell other companies how to help protect against them, not a how-to manual detailing the way to exploit the problem. That just makes you petty and pathetic as a sef-proclaimed security company. You can bet this is just a "hissy-fit" type of reaction to MS's claims of being a secure OS and "payback" to MS not letting Symantec into the Vista kernel for so long. They're just scared that people won't buy their software as much. You can bet I won't be selling as much.
     
  6. Buzzons

    Buzzons Minimodder

    Joined:
    21 Jul 2005
    Posts:
    3,029
    Likes Received:
    34
    the shut down bug

    SP2 fixed that with enabling the firewall be default, and not to slag you off, but if you had updated your PC about.. oh, a MONTH BEFORE slamer // blaster hit the internet you would have been UNEFFECTED! yes that is right, the patch was out BEFORE the worms. So dont go blaming MS for that, blame the fact you did not update.

    oh and also "Shutdown -a" from the run bar would have stopped your pc from rebooting.

    if a trusted application in windows tries to run and has been edited by maliciouse software, yes the UAC is flawed, however, it is JUST AS EASY to do this on linux as well, to hook an app that needs root/sudo to run and inject your code into it, as such, neither of them is secure, but at least MS is trying to remove some of the user stupidity. However, once again, if you use a computer safely and properly you would never get a virus, if you enable the firewall that comes default on from SP2 onwards, you will never get a worm (so far, no holes have been found in the firewall to disable it remotly once it is on - other than already having access to the PC)

    so in short, MS is doing all it can to protect the user from them selves, and if they are moronic enough to run anything and everything then they deserve to have a broken computer, and at least, windows is, and nearly always has been, harder to break than linux.
     
  7. randosome

    randosome Banned

    Joined:
    17 Sep 2006
    Posts:
    226
    Likes Received:
    0
  8. ou7blaze

    ou7blaze sensational.

    Joined:
    5 May 2003
    Posts:
    2,653
    Likes Received:
    2
    Yeah how ridiculous is that. Yeah, yeah I know software needs to be contantly updated and adjusted to prevent the inevitable millions of holes in the software coding to be exploited. But to let something as serious as that crop up unnoticed on thousands or even millions of computers world wide is just ridiculous - just take a look at the price of the most expensive Vista edition aswell, it's just...rip.

    I'm not upgrading, not for a long while anyway. Of course Microsoft will have that covered with a typical press conference with the follow words - "due to the age of the XP O/S and the introduction of the new O/S Vista we have discontinued support for Windows XP, we apologise for any inconvenience caused". I can just ****ing TELL. :miffed:
     
Tags: Add Tags

Share This Page