Slashdot Mirror
Details on Refining Vista's User Control
borgboy writes "Windows Vista has gotten a lot of negative press recently following the release of the latest beta, especially regarding excessive prompting for privilege escalation for seemingly common activities. On his blog, Steve Hiskey, the Lead Program Manager for User Account Control in the Windows Security Core group, details what the issues with the excessive prompting are, what the design goals of the feature are, and how they plan to achieve them. Briefly - they know the excessive prompting is a royal pain, they know that have to reduce it to an absolute minimum to be both productive AND an effective security risk mitigation measure, and they want as much feedback as they can get on the beta."
Just a few clicks away& size=o
http://www.flickr.com/photo_zoom.gne?id=151250154
Tough crowd here at Slashdot. We all know it's going to suck, but at least let them release it first before you criticize. Seriously though, it is just a beta and not the end result. They're looking for feedback to make improvements and thats a good thing.
http://religiousfreaks.com/unfortunately, this breaks the brilliant synergy2 tool temporarily...
I kind of disagree. For me, it was more of a parabola. I hated Windows 3.1, hated 95 less, 98 even less, 98SE I had contempt for, and then the peak is Windows 2000, which was the most Stable and least-resource hungry. Then ME and XP were released... XP maintains some of the stability but they wonked up a ton of little things. And it looks like Vista is just stacking more 'stuff' on top to annoy me.
I think why I liked 2000 so much was that it was NT done right, a well written and stable OS without a lot of clutter. I think that if Vista really was a new OS, not just enhancements to their existing codebase, then we'd be okay with it.
I think we'll have a 2000-like resurgence in a good Windows when a Windows OS is released as a managed code OS. until then I'll keep dreaming.
Reason, free market capitalism, and individualism
How about if you add something extra to make sure no "malware" lands up on my system? Can you do that?
In a word, no. How is the OS supposed to know that that cute little systray weather forecast app you downloaded and installed is actually a trojan?
As long as a user can download and install/run software, the system is vulnerable, and there's nothing it can do about it.
It's official. Most of you are morons.
there's still some core OS UI that's not UAC-enabled, though. for example, you can't fully configure network connection settings without running running explorer.exe elevated.
No, this isn't even close to be the same. Vista asks you for confirmation of nearly everything you can possible do on the computer. At no point did OS X do this. While *installation* of applications have always asked for confirmation, and access to your Keychain has also, pretty much nothing else does. Vista, on the other hand, is about a gnat's hair away from asking you to confirm "Did you really want to click?"
I've used the beta. It's awful. The usability of the file "explorer" is atrociously convoluded. It makes it even more complicated to know what's going on that XP did. And, to keep this on topic-- the security measures are astoundingly invasive. Vista seemingly asks you to confirm the same type of function, triggered in the same way, but by different applications. Look, if I want port 80 HTTP requests to go through, I want them to go through all the frickin' time. Don't make me repeat myself. (Yes, this is only an example but it's indicative of the process you'll go through time and time again.)
Maybe it's the horrible presentation of the dialogs that does it? They offer ZERO information about what *application* (in English instead of seemingly random strings of letters and numbers!!!!) wants your attention. It also offers no real understanding of what is being asked of you. Microsoft, for all they did correctly with the xbox 360 interface, needs to learn how to design a dialog. Here's a fine example:
I open a jpeg file or some other seemingly harmless thing. I get a security alert box that unnecessarily shares the shit out of me with it's inappropriate use of iconography. It says something incomprehensible like this:
Application gobbleygook.exe is attempting to access suckit.dll. Do you want to want to allow this? (This is considered a minor threat.)
Oh. Great. So some EXE with a name I don't recognize wants access to a DLL (what's that-- hahaha?) that I also don't recognize. Now that I'm completely lost, Windows tells me this is not that much of a threat and I can probably click "allow" for the application I don't know to open the dll I don't know to do some task that I have no clue to what it's purpose is. Super.
I'm trying to make a point by being a bit funny about this-- but Microsoft really needs MAJOR improvement to this process. First, don't assume everything is a threat and scare a user into confirming something that is not needed. Second, improve the presentation. Third, figure out how to discen between Malware and your own software!
"Politicians find new names for institutions which under old names have become odious to the people."
Well, Apple required everyone to rebuild their applications for OS X, and when they did so, they fixed all the stupid single-user assumptions. Which is great so long as your apps were ported to OS X.
Windows, on the other hand, has hundreds of thousands of apps that expect to be administrator. The software companies don't want to fix them, and Microsoft doesn't want to break them.
So MS defined a middle ground -- annoying prompts which you can't get rid of. Since there isn't a special security level which hides the prompts. presumably people will complain to the software authors and the software authors will fix the apps. And if they don't fix the apps, at least the programs will still run.
Whenever I hear the word 'Innovation', I reach for my pistol.
i have dealt with some difficult customers, but this slashdot crowd right now is just utterly ridiculous. there are a few that are willing to go against the grain and give vista a chance before dismissing it entirely, but the vast majority of the slashdotters lately are as close-minded and biased as any group i have ever seen. if MS adds a feature that you all love from another OS or application, they are copying. if they don't add it, they are behind the times. if MS tries to beef up security, they are doing too little too late, and it probably won't be effective anyway. if they don't try to beef up security... well i think you know what you all think of that. if MS releases a patch for IE, it is yet more proof that their software was flawed in the first place. if they don't release the patch, they are too slow to react to security threats, and are failing their users. this is the best one, and it happened just like this, a few posts up... if they open up to a beta group and ask for suggestions, they are skimping out on doing actual work and getting us, the computer elite, to do their design for them. if they don't open up to a beta and take suggestions, they are ignoring their users. i could go on, but i think you catch the drift. i get it, you guys hate MS. i thought this was a forum for open-minded people to share ideas and learn from each other, but if you want to just sit around and play target practice on a company that you have decided a long time ago that you will hate for life, then i might just have to give up on getting any more actual insight from reading the comments on slashdot, particularly on MS related stories.