LG Split Screen Software Compromises System Security

jones_supa writes: The Korean electronics company LG ships a split screen tool with their ultra wide displays. It allows users to slice the Windows desktop into multiple segments. However, installing the software seriously compromises security of the particular workstation. The developers required administrator access for the software, but apparently they hacked their way out. The installer silently disables User Account Control, and enables a policy to start all applications as Administrator. In the article there is also a video presentation of the setup procedure. It is safe to say that no one should be running this software in its current form.

Re:Chinese or Indian Devs?

[MichaelSmith]

Korean more likely. Software architectures of theirs I have seen are a mess of hacks and patches.

Brian Fox is a Black Man

Brian Fox wrote the GNU Bash shell. If you've ever used Linux or OSX, you've used his software.

Re:Brian Fox is a Black Man

[hcs_$reboot]

What is informative, that he is a Black man, or that he wrote Bash? I'm happy to know that Brian Fox is the author of bash, a nice addition to sh that I'm using every day, but why the need to specify he is a Black man? Is it an American thing?

Re:Brian Fox is a Black Man

[wbr1]

It's in response to the trolling,racist, parent comment. That is why his race is mentioned. It to s not obvious the comment has a parent since the author removed the re and changed the title. Click parent on that post and see for yourself the anus of society.

Re:Brian Fox is a Black Man

[penguinoid]

I'm happy to know that Brian Fox is the author of bash, a nice addition to sh that I'm using every day, but why the need to specify he is a Black man?

Because someone was bashing black people's programming skills.

UAC - A Double Edged Sword

[some1001]

I realize that the software probably shouldn't have disabled UAC out of the box without at least informing the user, but having worked on some out-of-process COM applications (yes, legacy) in Windows Vista/7/8/10, UAC can be extremely frustrating. The biggest issue is that having UAC on creates a different user context between user and admin. If I execute a program as myself with admin privileges, it is not exactly the same as executing the program as myself without admin privileges.

For example, if your user with admin priveleges creates a COM component, that component may not be able to be accessed by a non-admin context even though your user may be in the local administrators group, DCOM Users group, etc.

I wouldn't be surprised if LG ran into a COM issue with Windows and decided to make the program for reliable for the user by disabling UAC instead of resolving the problem in a different way.

Re:UAC - A Double Edged Sword

[thegarbz]

since most Windows programs are written incorrectly

What a load of garbage. I rarely if ever see UAC prompts other than installing software. This goes for programming tools both well written and poorly hacked together, all manner of internet related things (reads browsers, Acrobat, flash, etc) remote administration tools, games, office productivity applications, even my explorer replacement program doesn't bug me with a UAC prompt.

In fact the only program I've ever used that needed UAC prompts was a custom VPN tool, and it only needed UAC because it had the ability to tie into windows settings and modify the system's own L2TP VPNs on top of providing an OpenVPN client, something that requires elevated privileges to do.

What you're saying I haven't experienced since maybe 2-3 months after Vista was released. So please share some more details on what exactly you are doing that makes a UAC prompt appear every time you move the mouse, and which of the many millions of programs on the PC actually require administrator to run?

Re:UAC - A Double Edged Sword

If I execute a program as myself with admin privileges, it is not exactly the same as executing the program as myself without admin privileges.

No shit, Sherlock. Here's a clue: you're supposed to be writing the program as if the user did not have admin privileges so that sysadmins and home users can properly run a locked down system with your software.

Frankly, I wish M$ had won their anti-trust trial just so they could strong-arm the crapware writers like Adobe, Norton, various extremely shitty HW OEMs that write extremely shitty drivers, and the goddamned parent poster so that Windows can move to a proper root vs. non-root security model.

Re:UAC - A Double Edged Sword

[ATMAvatar]

If you need to use COM components, and you don't want to require admin rights, you register them in HKEY_CURRENT_USER instead of HKEY_CLASSES_ROOT. After that, it just works.

The sad part is, it would have not have taken any more time to Google that than to find how to disable UAC through the installer.

Re: UAC - A Double Edged Sword

[DigitAl56K]

Yes, a component in an admin context may not be accessible to a component used by user in a non-admin context. This is called a "security" model, and prevents the non - admin process manipulating the admin-context process to do things it shouldn't be able to do. You make it sound like a quirk, but the entire design is that "non elevated components can't talk to elevated components". Try starting Notepad as admin and dropping a text file on it from the non - elevated explorer view, it won't work by design.

Re:UAC - A Double Edged Sword

[dwywit]

Unlike linux of course, where you only need to sudo anything worthwhile.

Which is why I immediately su every terminal session.

Re:UAC - A Double Edged Sword

I'd tell you why that's a horrible idea, but I think it'll be more fun if it's a surprise.

Re:UAC - A Double Edged Sword

[epyT-R]

We found the last lindows user..

Re:UAC - A Double Edged Sword

On my wifes computer I have installed about 600 games that I have bought her over the years.

There is maybe 10 or so of those that need UAC. I even run her in a lower privileged standard user account. Those tend to be win9x games. She rarely runs into it. Her biggest issue tends to be the games that do not work with the nvidia chipset or the intel chipset but it is trivial to fix. I run into it a decent amount on her computer when I am installing things for her to use.

On my personal computer I only run into UAC when doing 'admin' sort of things. I do it quite a bit, and run into it 2-3 times a day. But that is because I am doing ADMIN type things. I expect it to pop up. Because I like tweaking my computer to see what I can break/fix. I do the same thing in linux with sudo.

It really depends on what you are doing.

Re:UAC - A Double Edged Sword

[gstoddart]

The biggest issue is that having UAC on creates a different user context between user and admin.

That's kind of the point. Sudo does the exact same thing.

Running everything as the admin is idiotic, because everything you do is as admin, and the machine is wide open. Back in the bad old days of Windows everybody was always admin ... we keep malware out by not running as admin.

If you need to be logged in as the admin, be logged in as admin to do only do the tasks you need.

Saying "oh noes, teh COM says we have to write teh sux04 security" sounds like someone did a cheap hack to accomplish something they couldn't actually do.

This sounds like crap software which incompetently implements a feature, and achieves it by stupidly disabling any sense of security.

This makes any PC running this crap so outrageously insecure that there's imply no excuse, and sure as hell not "well, they had to use COM, so they had to suck".

That's essentially malware.

If legacy apps on these systems need UAC disabled, stop using them, or stop pretending you still have a viable product.

If you're selling shit which makes everything admin, you're criminally incompetent.

Re:UAC - A Double Edged Sword

[dwywit]

Well, if "sudo make" won't execute, but "su", then "make" does execute, and I'm the only user, member of root and other needed groups, what else do you suggest? I want to compile and execute a program, not re-write the configuration scripts.

Re:UAC - A Double Edged Sword

[dAzED1]

As others have said...the "problem" you're describing is *exactly the farking point of UAC* - it's *intentional*. of course the context is different - that is almost completely the entire design concept of UAC, and as an infosec and 20+ year UNIX guy, I personally appreciate UAC in windows when I'm forced to use that OS (which is all too often). UAC isn't a bad thing, it's a *good* thing. And if you can't get your program to work with UAC, either you're bad at design, or your program shouldn't exist.

Re:UAC - A Double Edged Sword

[dAzED1]

/what/? I run make all the time on systems where I don't even have the /option/ of running sudo, much less have to actually do it. What the hell is wrong with your code? How in the world could that be required?

Re: UAC - A Double Edged Sword

[Voyager529]

The problem is that it works both ways. For example, if a non-admin user has smb://foo/bar mapped to z:, but the admin user does not, attempting to make a scheduled task running as admin that involves data in z: will fail, because admin doesn't have it mapped. If you go to %userprofile% in an elevated command prompt, you go to Administrator's profile folder, not the currently logged in user. "non-elevated being unable to talk to elevated" is the 'by design' situation you speak of. 'elevated being unable to talk to non-elevated' is another.

Re:UAC - A Double Edged Sword

[dwywit]

'taint my code. I'm trying to set up a simple, open source digital cinema package generator - http://dcinemaforum.com/forum/...

I want to make it possible for local independent producers to put together a DCP so it can be projected on our community digital cinema system. The server ONLY accepts DCP, so if you've made a short film and want it shown, I have to do a dance with a DVD player and the projector, instead of being able to use all the nice automation provided by the d-cinema server - things like sponsors' slides, "please turn off your mobile phone", automatic aspect ratio selection, and so on.

Anyway, I've tried the open source workflow on 7 linux distros running as virtualbox guests - Elementary OS (recommended), debian, mint, ubuntu studio, Fedora, OpenSUSE, and Mageia. NONE of them has provided a smooth run - some of the open source packages come as binaries, some need compiling - I have no problem with that, but each linux distro has thrown some obstacle in the way, and it's mostly been compile failures because something somewhere expects to write to some directory for which it doesn't have permission - even when using "sudo make". I "su" then "make" and it works.

Re: UAC - A Double Edged Sword

[Dog-Cow]

The mapped drive situation is working as designed. You're implying that it should work, and that's just opening up for a hack. It's like having non-locked down paths in root's PATH. What happens when the user remaps Z: to point to another drive with specially-crafted data in it?

Re:UAC - A Double Edged Sword

[jonwil]

The only times I tend to see UAC prompts are for software installs/update, changing system or privileged settings (e.g. anti-virus settings), running certain older software (games mostly) that need admin rights for some reason or running certain pieces of software that legitimately need admin rights to do their job (e.g. Process Explorer or the tool that I use to log GPU calls for a DirectX app)

Re:UAC - A Double Edged Sword

[kilogram]

I wouldn't be surprised if LG ran into a COM issue with Windows and decided to make the program for reliable for the user by disabling UAC instead of resolving the problem in a different way.

There really isn't any reason they needed to do this, besides incompetence or malice. I know, I develop commercial software that does much the same thing as their software.

I commented further down with more details regarding why.

Re:UAC - A Double Edged Sword

[thegarbz]

Because just about everything in text that is downloaded on the internet these days spits out PDFs. It is now so prolific that each browser vendor actually started to write their own PDF interpretor.

Re:UAC - A Double Edged Sword

[tompaulco]

What you're saying I haven't experienced since maybe 2-3 months after Vista was released. So please share some more details on what exactly you are doing that makes a UAC prompt appear every time you move the mouse, and which of the many millions of programs on the PC actually require administrator to run?

It doesn't happen to me either because after the first day of dealing with dozens of popups, I turned it off.
I don't think I am going to bother with listing out the millions of programs which require administrator to run. I'm sure there is a site out there somewhere. I know i see far too many programs that SAY they need administrator, but maybe do not. Many programmers run as administrator on their own machines so they put in the documentation that the programs they develop must run as administrator.

Re:UAC - A Double Edged Sword

[geoskd]

There is maybe 10 or so of those that need UAC.

That is because those 10 games are malware games. They are most likely boting her computer, or worse. Just because you paid money for them originally doesn't mean they weren't intended to do bad things to the computer...

Re:UAC - A Double Edged Sword

[geoskd]

Well, if "sudo make" won't execute

Sounds to me like you downloaded something off the internet and now you're giving it free reign to do whatever the hell the author pleases with your computer. You sir have been pwned.

Re:UAC - A Double Edged Sword

[dAzED1]

ok, so a couple things. First, no distros are likely putting "obstacles" in your way - they're behaving appropriately, and whatever package you're installing is the thing to blame. As a senior software architect (I'm the infosec leg of the design board) if "something somewhere expects to write to some directory for which it doesn't have permission" then - that "something somewhere" was written by someone who didn't properly design their software - or at least, the installation thereof. Second, I a suggestion - try changing your base to /usr/local instead of /usr and seeing if that helps :P Hell, you might get me to try installing this myself just to prove it can be...lol

Re:UAC - A Double Edged Sword

[Zaelath]

That just makes you a shitty Administrator; you shouldn't be updating production without testing for exactly that reason.

Re:UAC - A Double Edged Sword

[thegarbz]

You are not going to bother because the list is in fact small and the vast VAST majority of people rarely if ever encounter a UAC prompt. It's very rare that standard productivity / consumption software needs administrator privileges.

If on the other hand you've spent the last few years downloading nothing but malware then more power to you.

Re:UAC - A Double Edged Sword

[tlhIngan]

There really isn't any reason they needed to do this, besides incompetence or malice.

Most likely incompetence.

You have to remember, LG makes money on the monitor, they don't make money on the software. Once you buy the monitor, the software's just a bonus to help you manage the windows more effectively.

The problem is, this makes the software a cost center - so a company like LG would basically say "we need software to do this" and give you $0 to develop it. I.e., get the thing out ASAP and spend no more than a day on it (including any sort of "QA" you want to do). Remember, it costs LG money to make the software which they hope will sell a few extra monitors.

Disabling UAC is supposed to be "hard" in nature - Microsoft provides no API for it, so you have to actually go in and twiddle with the controls itself (trivial to do - just hook it to Spy++)...

Reminds me of Sony's rootkit

The installer silently disables User Account Control, and enables a policy to start all applications as Administrator.

Holy fucking incompetence, Batman. This reminds me of Sony's rootkit, the one that tried to hide itself from AV software, but in doing so, opened up a huge hole that any malicious program could exploit. How does shit like this make it past any kind of review? What CIO/CTO says "hmm OK, gutting security on every customer's PC sounds like a great idea!" This approaches criminal levels of negligence.

Re: Reminds me of Sony's rootkit

The same CxO that says "hmmmm... I'm gonna leave this company in a vulnerable position, but I will make my bonus!"

Re:Reminds me of Sony's rootkit

[holostarr]

Most CIO aren't worth shit, trust me at the company I work for our CIO is a total fucking moron and god knows how he landed his job, I doubt its any different at LG.

Re:Reminds me of Sony's rootkit

Perhaps Microsoft could give the right to disable UAC only to the selected tools usually adjusting the setting. It could be like a certificate or a token of some kind..

Re:Reminds me of Sony's rootkit

[mpe]

How does shit like this make it past any kind of review? What CIO/CTO says "hmm OK, gutting security on every customer's PC sounds like a great idea!"

Maybe they simply don't care. Only that their program "works", regardless of the consequences.

Re:Reminds me of Sony's rootkit

[Agripa]

How does shit like this make it past any kind of review?

There is little or no criminal and civil liability for the company.

Re:For when you're too cheap to buy two monitors!

[ArcadeMan]

Now you are constantly paging because every single Windows program is unusable unless it is in full screen even though the number of white pixels is approximately 98%.

Have you tried inverting the colours?

Re:For when you're too cheap to buy two monitors!

[AchilleTalon]

Want a chocolate medal for the single monitor performance back in the good old days? Ever used punch cards as well? Or paper typewriter as a terminal?

I knew!

[Kickasso]

It is a well-known fact that all Samsung software is utter crap. I have long suspected that this statement should admit a nice elegant generalization, and here it is.

Jokes aside, why third party software should ever be allowed to change UAC settings?

Re:I knew!

[dwywit]

And why is third-party software allowed to install and run in the SYSTEM context? Even Administrator isn't allowed to terminate them.

If McAfee et al were nearly as good as they like to claim, I wouldn't have to uninstall them to run a decent malware scanner (after they've let ukash in), instead of just stopping them.

Yes, I know they usually have a "suspend protection" option, but I need it out of memory completely, and some of them still start in safe mode.

Re:I knew!

[arglebargle_xiv]

It is a well-known fact that all Samsung software is utter crap.

We're bashing LG here, not Samsung. It's their turn next week, after we do Microsoft on Monday.

Re:I knew!

Does it matter? They are both Chinese!

Re:I knew!

[cbhacking]

What do you mean, Admin isn't "allowed" to terminate SYSTEM processes? Administrator (the user), or members of the Administrators group (after UAC) have exactly the same level of access as SYSTEM; SYSTEM is just a machine/service account, rather than a user account.

There are certain processes on Windows that the OS will prevent you from trying to terminate, but that's because they're critical OS processes, not because they run under SYSTEM. You can run Calc.exe under SYSTEM with a little effort, but killing it through (elevated) Task Manager is trivial.

Re:I knew!

[dwywit]

Well, I must be doing something wrong, then. Start, run, taskmgr, right-click, run as administrator, right-click {AVG/Trend Micro/McAfee/Symantec} whatever their core process is called, "end process". "access denied". Check again, the account for said process is SYSTEM. Click start, run, services.msc, right-click, run as administrator, locate service/s, right-click. properties, can't stop 'cause greyed out, select "logon" tab, service uses SYSTEM account.

Start, run, regedit, right-click, run as administrator, HKLM\System\CurrentControlSet\Services\{whatever}, lo and behold, the only permissions are for CREATOR OWNER and SYSTEM.

The software installs so that Administrator does not have permission to terminate the service (without tickling permissions in the registry beforehand). AVG, McAfee, Trend Micro and Symantec DO NOT inform the user that they or Administrator will not be able to start and stop the services.

Re:I knew!

[BUL2294]

We can't bash Microsoft on Monday--patch Tuesday is this week...

Re: I knew!

[Kickasso]

Just fetching adependency package, if you catch my drift.

Re:I knew!

[geoskd]

We're bashing LG here, not Samsung. It's their turn next week, after we do Microsoft on Monday.

Microsoft is Tuesday, its patch week. Apple is Monday...

Re:I knew!

[dAzED1]

and who is the "creator/owner" there? Probably administrators :) You're right though, AV software sortof has to work a bit umm...outside the proper flow, because Windows is poorly designed.

Re:I knew!

[Neil+Boekend]

Since /. delay is about a month this doesn't really matter.

I'll run it if I want, thanks

[wonkey_monkey]

It is safe to say that no one should be running this software in its current form.

I'd say it's safe to say that the software shouldn't have done this without informing the user, but if someone wants to run it while knowing it is less secure than might otherwise reasonably be expected, who are you to tell them they shouldn't?

I disable selinux and in some cases I always log in as root, because I've decided that's the way I want to do things - I'd rather have the extra convenience than the extra security.

Re:I'll run it if I want, thanks

[holostarr]

You must be thick in the head, that statement isn't ordering you to comply, it is simply advising users against running it. So by all means go ahead and run it and stop looking for reasons to complain!

Re:I'll run it if I want, thanks

who are you to tell them they shouldn't?

For their own protection.

A similar advice would be "It is safe to say that everyone should be using a condom with one night stands."

No one is forcing anything, but it is a pretty good advice.

Not again

[AndyKron]

I'm getting so fucking sick of this shit.

UAC is for idiots

[duke_cheetah2003]

As what I'd consider a 'power user', one of the first things I do is turn that obnoxious thing off. I understand it's purpose for being there, it's to protect idiots. Though if you've been reading the studies related to 'security popups', they're pretty ineffective anyway.

A program that magically turns it off for you is definitely a bad thing. However, from a power user perspective, its like.. 'um i don't care, it was already off.'

Windows simply wasn't built from the ground up to insulate the user space from the root space, and frankly I don't know if it ever can properly do that. The fact some program that can change the UAC settings is pretty huge example of why Windows has issues separating userspace from root space. It just simply can't do it right. Who's brilliant idea at Microsoft was it to provide any sort of API that can let any program (besides the control panel widget that lets you adjust UAC settings) adjust UAC settings? Some majorly FUD there. I think this is more Windows' fault than this stupid dual monitor program. No program should be permitted, regardless of it's permissions, to touch things like UAC settings.

Re:UAC is for idiots

[whoever57]

As what I'd consider a 'power user', one of the first things I do is turn that obnoxious thing off. I understand it's purpose for being there, it's to protect idiots.

You never heard of "drive-by installs"? And don't reply with "but I don't go to that type of website", because we have often seen that both ordinary websites and ad networks can be compromised to install malware.

Re:UAC is for idiots

[sinij]

I keep mine on. While it could be annoying, if you don't expect it to show up and it does, it is huge red flag for you to start paying attention.

Re:UAC is for idiots

[arglebargle_xiv]

As what I'd consider a 'power user', one of the first things I do is turn that obnoxious thing off.

And I appreciate that, I really do, although I wish you had less crap on your machine, it's slowing down the warez site I'm running on it. Some of the other guys have been complaining as well.

Oh, and could you at least write or call your mother once a week or so, I'm getting sick of seeing her nagging in your inbox.

Re:UAC is for idiots

[spire3661]

I dont mind UAC. Its just like sudo warning you 'think before you type'. Its a clear sign you are initiating a system level action.

Re:UAC is for idiots

[complete+loony]

So you don't like UAC, but you want there to be some things that a user can't change? But that's exactly what UAC is *for*. Preventing users from changing system settings. What, you want more than one kind of admin user?

Re:UAC is for idiots

[DigitAl56K]

The fact some program that can change the UAC settings is pretty huge example of why Windows has issues separating userspace from root space. It just simply can't do it right. Who's brilliant idea at Microsoft was it to provide any sort of API that can let any program (besides the control panel widget that lets you adjust UAC settings) adjust UAC settings?

I hope you realize what you are saying here is the equivalent of a Linux user saying "The fact that some program can change permissions after I launched it as root is an example of a huge security hole. Whose brilliant idea was it to provide any sort of mechanism that can let any program I run as root do things a user who is root can do?".

This is an example of why UAC exists, in fact: A program that is not UAC elevated could not change your UAC settings (if you hadn't turned them off already).

Re:UAC is for idiots

[duke_cheetah2003]

erm correction needed, really need to proof my posts better: WITHOUT me noticing or doing something

Re:UAC is for idiots

[fisted]

So you have never noticed malware being installed without you noticing, uh-huh. That's the kind of circular reasoning I'd expect self-proclaimed "power users", running Windows no less, to engage in, indeed.
Also, you don't understand seem to understand the pertinent attack vectors for shit.

Re:UAC is for idiots

http://www.zdnet.com/article/google-chrome-hacked-with-sophisticated-exploit/

Their drive-by Chrome exploit launches the calculator. Since you have UAE disabled, the exploit could do anything on your system. For someone with UAE enabled, they'd get a prompt and a power user would know that they were doing nothing that should have triggered a UAE prompt. And it doesn't matter if an exploit exists right now or not. There's always the possibility of one existing in the future. Do you trust every Google developer? Do you trust every Microsoft developer? Did you know many developers have worked at both places? I've known near 20 people who've switched between the two. Do you trust Google writes exploit proof code or that the OS API calls it makes are prefect? Microsoft used to have a critical bug in how they handled mouse pointer icons. Websites used to be able to automatically change your cursor. It didn't matter what browser you were using, they all used the same OS API. Even software approved for life critical systems has bugs and that's ignoring if the requirements are correct or not.

You're not a power user, you're an idiot. One of the "it'll never happen to me" people who end compromising everything around them.

Re:UAC is for idiots

[jones_supa]

Well, I have UAC turned on, and never have seen it trap anything suspicious. If you are a geek and have common sense security practices (do not run spurious installers, do not have Flash plugin enabled by default, etc.), this stuff does not come to bite you in the ass.

Re:UAC is for idiots

[reikae]

A dialog that pretty much only appears when (un)installing software is hardly obnoxious in my opinion. Security popups may well be ineffective for most people, but as a power user I know when UAC prompts should and shouldn't appear; getting a prompt when one shouldn't pop up is a useful warning sign.

Re:UAC is for idiots

[DigiShaman]

Cryptowall 3.0 will hit your box via drive-by download if UAC is turn off. Unless you value your data (and that of the network drive you're mapped too), you really should leave UAC enabled!

Re:UAC is for idiots

[Mr+Z]

UAC pops up very infrequently for me. The few places it does, I expect it to. I would actually be a little squicked if it didn't.

Given the amount of piggy-back and drive-by malware out there for Windows, I actually kinda like it. Sure, I think I've hit 'Cancel' exactly once on a UAC prompt, but I've never had my Windows box infected with a trojan.

And yes, I consider myself a power-user. Hell, I've been running Linux on my personal machine since '93, and have at least two Solaris patches that I can point to for root exploits I've helped uncover. I architected the security system on an entire family of processors.

Re:UAC is for idiots

[Mr+Z]

Yep. I've disabled both Flash and PDF plugins, both of which are common attack vectors. I also run AdBlock, as compromised ad servers are a very common attack vector. Net result is that I've hit 'cancel' once on a UAC prompt that I didn't think was justified.

The thing is, even after a stint as a UNIX admin at a university—a hostile environment if there ever was one—and even finding a couple Solaris security holes that lead to root escalation, I still managed to eventually, one day, get a UAC prompt that didn't make sense to me, and so I mashed 'cancel'. I don't even remember what it was, but it points to the fact that you always, always need to be on your guard.

I really dislike the lack of control I feel when using a Windows box. All my personal machines at home are Linux boxes, except one WinXP system I use for specific tasks that require Windows. And on those Linux boxes, I do damn near everything as an unprivileged user. I only sudo to install packages that come from a verified source, such as the latest GCC.

Re:UAC is for idiots

[jones_supa]

I really dislike the lack of control I feel when using a Windows box. All my personal machines at home are Linux boxes, except one WinXP system I use for specific tasks that require Windows. And on those Linux boxes, I do damn near everything as an unprivileged user. I only sudo to install packages that come from a verified source, such as the latest GCC.

That's not any different to Windows box. You generally don't need Administrator privileges to do things.

Re:UAC is for idiots

[Rhywden]

Anyone who still insists in writing Microsoft as "M$" just shows that you can't take him seriously.

Re:UAC is for idiots

[Zero__Kelvin]

"As what I'd consider a 'power user', one of the first things I do is turn that obnoxious thing off."

Ironically, the first thing you do as a 'power user' immediate exposes you as incompetent.

Re:UAC is for idiots

[Mr+Z]

The difference is on my corporate-issue Windows 7 box, even though I'm nominally Administrator, there are things I can't disable / shut off that I could if I were root in UNIX / Linux.

Re:UAC is for idiots

[arielCo]

You misspelled “cowboy user”.

Re:UAC is for idiots

[fisted]

Look at the pertinent CVEs related to (in particular) adobe flash, java, the usual suspects. I'm not doing your homework for you.

That attitude in people who don't know better

[dbIII]

That attitude in people who don't know better is part of the problem.
Yes, you are a "power user", but so are the developers that wrote this stuff in their mind even if they did seriously fuck up. IMHO no developer should have seamless admin/root access on the machine they are testing their software out on and for new developers preferably not on their "daily driver" either.

Not that I wrote seamless and bolded it - they may need full admin/root access but they should know when they are a normal user and when they are not so that when the software is released it has been shown to run in an environment where it can be used as a normal user.
I've had this problem for YEARS where some people who still have the single user MSDOS mindset keep on writing software for internal company use that needs admin rights for utterly braindead reasons, simply because the developers were writing for their own "power user" environment and everyone else can go fuck themselves. One gem required admin access for the sole reason that it was putting a temporary file on the root of the "C" drive (it would also not work for people who had a different drive letter for their system drive). That was fixed, but of course the developer now thinks I'm an utter prick for insisting that his trivial VB app that should be replaced by a simple webpage has to be able to run as a normal user.

So while you may be fine, others that copy what you do without understanding the implications are not.

Re:That attitude in people who don't know better

[duke_cheetah2003]

Yes, you are a "power user", but so are the developers that wrote this stuff in their mind even if they did seriously fuck up. IMHO no developer should have seamless admin/root access on the machine they are testing their software out on and for new developers preferably not on their "daily driver" either

I'm not much of a developer. I tinker a little as a hobby, but I generally don't do any development anymore.

Re:That attitude in people who don't know better

[dbIII]

I wasn't saying it's not fine for you, but for a newbie developer (or a developer than makes newbie mistakes) it's a headache for others.

As I already pointed out, there was an article right here on /. just a week or so ago that pointed to a study that security popups are basically ineffective on people who don't understand. So what's the point? They bother me and the people they were intended for ignore them.

That's a very good point, but they do at least mark some sort of attempt at separation and the sign of a good program in the MS environment is not triggering the popups unless to operate it has is do something the OS thinks it should not (such as openvpn making major changes to the network layer).

My point is that I suspect these samsung guys run everything as admin and at the last minute found that some of their customers do not, hence an ugly hack to force it to run as admin. It's 2015 and so many developers just do not get this multiuser thing that I had my head around as an ordinary fourteen year old before MS Windows was even written. Samsung guys, you are not on a fucking Apple ][, learn how to fucking program on a late 20th century system.

Re:That attitude in people who don't know better

[dbIII]

I didn't mean for you to take it personally I was just pointing a finger at a general attitude that includes many people who are way out of their depth as well as those who actually know what they are doing.

I try to do all mundane work on systems that are as close to "stock" as possible so that they resemble a typical environment. That's possibly why Windows7 still pisses me off at times (reboot in the middle of a game on my home system again - yes I could turn off updates, but then I don't get to see how much of a POS it is so can't empathise with the users whom have no other choice) and why I feel dirty and frustrated every time I've been in contact with Win8. There are fixes for the broken halves of the control panel and the bipolar interface but they are a crutch I can't depend on if a user has a problem that gets sent up the tree.

Re:That attitude in people who don't know better

[cbhacking]

As a point of random curiosity, are you aware that there's malware that installs into your hard drive controller and/or your motherboard firmware? Reformatting won't help you there. Also, have you heard of cryptolocker (and friends)? If you reformat, you lose just as much data as if the malware has its way with your machine.

Re:That attitude in people who don't know better

[Zero__Kelvin]

"Already said I understand the point of it. "

You state that you understand it, but show that you clearly don't understand it, or you wouldn't disable it.

remember......

[Lumpy]

LG was the bottom end manufacturer GoldStar and they honestly have never changed their ways. LG smart TV's happily spy on you and they will not stop doing that, I have found several times that LG commercial sets will give you a ROOT login via the rs232 port if you reboot the set rapidly.

It is no surprise that LG decided to ship a half baked solution for their new flagship displays.

Re:remember......

[arglebargle_xiv]

It is no surprise that LG decided to ship a half baked solution for their new flagship displays.

It's kind of a surprise they shipped it at all. I didn't know what this thing did without a bit of googling, it appears that it's custom software that allows you to display multiple windows at once on your desktop, like, um, what's that Microsoft OS called that does that too? Not Microsoft Window (aka Windows 8), but the one where you can have multiple windows tiled across your desktop.

Oh yeah, Windows 1.0, that was it.

Re:For when you're too cheap to buy two monitors!

[epyT-R]

Those who've actually done it know that it's actually more productive than multiple displays because of less eye panning. You can see more in less space. I had a high res 21" crt which, with the software back then, was far more productive for me than having two of today's 1080p monitors and the modern software UI designs he talks about.

Re:For when you're too cheap to buy two monitors!

[epyT-R]

OSS is following this trend too.. It's the trend that needs fixing. The software will follow. That will happen when today's 'ux designers' are banished to the hellpits they arose from.

Re:For when you're too cheap to buy two monitors!

[AchilleTalon]

You are full of shit my friend. I started my career on typewriter which were nothing less than computer screens on paper. I experienced the ascii terminals, the graphics terminals, the modern displays on CRT all sizes and flat displays and I am having two physical displays right now and I would take a third and a fourth without any problem and eye strain. Back in the old days, we were writing simple piece of software with simple interactions and well defined input/output access. The world has changed for the better, the proof being people are ready to pay good money for interactive and smart pieces of hardware and good software. I am very sorry for you, but personally I do not regret anything of the past. I'm old and I enjoy the wonderful gadgets we can imagine, build and have today, including multiple screen displays to work efficiently with many document and testing environments at once.

Re:For when you're too cheap to buy two monitors!

[Chas]

Sorry, but typewriters are ANYTHING but computer screens on paper.

With a typewriter, you're looking at the copy you're typing instead of what you're actually typing. If you're looking at what you're typing You Are Doing It Wrong.

The only thing they share is that, hey, QWERTY keyboard!

you're not good at this

[lucm]

Sounds like something a cool kid told you one day back in school, in front of pretty girls. I bet they laughed, and later that day gave him a blowjob duet while you were alone in your room playing with your Magic cards.

Re: you're not good at this

[lucm]

Reminds me of Bill O'Reilly accusing the ACLU of being pedophiles because they took NAMBLA's side in a freedom of speech case.

Re:UAC is for power users

[jader3rd]

As what I'd consider a 'power user', one of the first things I do is turn that obnoxious thing off.

I remember during the Vista Beta time frame visiting a website that I'd never been to before and all of a sudden having the browser cause a UAC prompt. Now you can go off on what sort of insecure hole could exist that would allow a website to make admin level privileges on a computer, but that doesn't matter; what matters is that fact that it could. I clicked 'No' on the prompt and felt a sudden rush of power over my computer that I hadn't had before. Previously random crap from anywhere could make admin level changes to my computer, and before UAC I'd have no\little idea about it. But with UAC I was in control now.

It happened a few more times too. I was doing something that shouldn't have required admin privileges, got a prompt and denied the poorly written program the access it was trying to usurp.

As a power user, I'm sure you're aware that it's a really bad idea to do your day to day computing logged in as a user with administrative permissions. So with UAC turned off you must have some system setup where you download your installers, and then switch users to the admin to actually install them. Sounds like too much work to me.

Turning off UAC is like have a setting that will click 'yes' to every prompt. An idiot would click 'yes' to every prompt. A power user knows when to click 'no'.

Re:For when you're too cheap to buy two monitors!

[lucm]

With a typewriter, you're looking at the copy you're typing instead of what you're actually typing. If you're looking at what you're typing You Are Doing It Wrong.

I have no idea what this means. I think you have inhaled (or ingested) too much correction fluid during your typewriter days. Also please stop saying "You Are Doing It Wrong" out of context, you are ruining a perfectly good catchphrase.

Waste of time

[lucm]

Why don't you do like me, and put "sudo bash" in your .bashrc. A lot more efficient.

Re:Chinese or Indian Devs?

[fisted]

No, I have seen some utterly substandard garbage code written by Ameriancs, so according to my anecdote it's probably from there.

Re:For when you're too cheap to buy two monitors!

[dwywit]

There are some situations where 2 monitors are necessary. I do a little video editing - 1 screen for the controls, and a second screen for the actual video. I can't afford a reference monitor, so I just use a good quality LED/LCD screen calibrated as best I can.

You can't edit video efficiently on a single screen, even a big one. There's just too much else on the screen to allow a decent sized window for the actual footage.

They didn't have to

[kilogram]

There are ways to work around UAC without disabling it in this case. I know, because I wrote MaxTo, which does much the same things, and works with software running under UAC.

If you want MaxTo to work with UAC, you'll need to run MaxTo elevated. If you say deny elevation, it simply won't work with elevated software.

I'm pretty sure LG just took the "easy way" out (or they may have nefarious purposes, but I won't speculate), instead of figuring out how to communicate between elevated and non-elevated processes.

To do this sort of thing, you'll need to divide your software into a few parts. First and foremost, you'll need to install a global system hook. That hook has to be written in unmanaged code (meaning C/C++). You'll need software that controls the hook (but it can be written in a managed language). Now, both the controlling software and the hook has to be compiled as both x64 and x86 code. They will probably also have to communicate with eachother across the x86/x64 platform boundary.

Now, to get the software to communicate (using window messages) across the UAC boundary, you have to specifically let Windows know which window messages your app will accept from the other side. This is probably the step they missed. You do this by using ChangeWindowMessageFilter or ChangeWindowMessageFilterEx .

Re:They didn't have to

[cbhacking]

Looks pretty good. LG should have just licensed/bought that from you. They'd probably have made it a service that starts (with elevation) automatically, but eh, much better than what they actually did!

Re:For when you're too cheap to buy two monitors!

[Chas]

If you're using a typewriter, you're looking directly at the content you're supposed to be typing. You're not looking at the pieces of paper on the roller that you're actually typing.

Surely its a bug/bad design

[Chrisq]

Surely its a bug/bad design that it's possible to silently disable User Account Control, and enable a policy to start all applications as Administrator. If you can do this without acknowledging a UAC popup then it makes UAC itself pretty useless

Re:Chinese or Indian Devs?

[MichaelSmith]

The system I had to deal with: the intranet installed an activex component onto each workstation. The component checked to see if a USB device was mounted and if it was, it refused to connect to the internet. You had to disconnect the USB device, download your file, then reconnect it and copy the file. This was their idea of "security".

So, Linux has no security thought?

[cbhacking]

Uh, no offense, but you don't know much about Linux, I take it?

There's a bunch of options, ranging from "mark everything setuid and owned by root" (the least efficient, but you could do it in a few lines of shell script) to simply making each user be UID 0 (which is a trivial edit to /etc/users).

Frankly, you kin of sound like you're mouthing off without knowing anything of what you're talking about (Windows or Linux. Windows NT (which everything since XP has been, in kernel and core components) was very much designed from the beginning with security options in mind. The fact that everybody then ran as Admin instead of running as a normal user unless a program needed admin is unfortunate, and is partially Microsoft's fault, but only somebody utterly ignorant would think that Windows security is an afterthought.

To be the kind of person who would be utterly ignorant and then open your damn fool mouth is... well, I'm sorry. Nobody wants to be that person. You do deserve to be modded down, but what you say is not true at all. I have mod points, as it happens, but chose to reply instead. Maybe somebody else will take care of you and your unfortunate attitude...

For what it's worth, here's some more info: It's true that mandatory integrity control (MIC), which has security impacts, is relatively new (Vista) to Windows, but at least Windows uses it at least slightly; a typical Linux distro doesn't use it at all (though it is available). Speaking of afterthoughts, though, Windows (NT family) has supported ACLs since its initial release, while Linux only supported basic Unix permissions (which are a small subset of the control that ACLs give you unless your group count balloons absurdly) until 2002.

Re:So, Linux has no security thought?

[Viol8]

Oh dear, you got modded up, what a surprise.

"There's a bunch of options, ranging from "mark everything setuid and owned by root" (the least efficient, but you could do it in a few lines of shell script)"

Yes, and it would take literally hours on a bit system plus a lot of things would break because they check their user id and won't run if they have superuser permissions for security reasons. As for NFS mounts... Next...

"which is a trivial edit to /etc/users)."

$ ls -l /etc/users
ls: cannot access /etc/users: No such file or directory

Oh 'm sorry, did you mean /etc/passwd ?

Yes you could set all users to uid 0. And nothing would happen except no one would be able to login since in unix users are actually distinguised by their numeric user id, not their name which is merely an attribute thats used for login.

"Frankly, you kin of sound like you're mouthing off without knowing anything of what you're talking about"

Ah, theres nothing like a nice bit of irony in a post :o)

" have mod points, as it happens, but chose to reply instead"

You shouldn't have bothered. You might know ignorance about unix is quite apparent since you don't even realise why ACLs are required in Windows but rarely used in unix due to group permissions and multiple group membership.

Now go away and educate yourself.

You're part of the problem

[cbhacking]

Wow, I've rarely seen so much idiocy written in one post! I honestly can't tell if you're trolling just a little too subtly, or are sincerely that clueless. People are modding you up though, which is really unfortunate. Here, let me see if I can correct even a little of that...

If you run as a full Admin, nobody cares what you consider yourself; people who know anything about security (on *any* OS) are going to consider you an idiot. The fact that you think you know anything is just extra pathetic. People who actually understand security turn UAC up (to make it require your password, like the equivalent mechanism does on non-Windows OSes), or don't run as a member of Administrators at all (in which case UAC requires an Admin's password).

Windows simply wasn't built from the ground up to insulate the user space from the root space.

Welcome to... 1993? Windows NT was very much built from the ground up to do (among other things) exactly that. It was a core design goal and generally successful; while local EoP exploits have been found (and fixed) much like they are on every multi-user OS, I challenge you to get from my normal account to Admin on either my work or personal boxes. Fortunately, on a properly-used machine - even one being used by a security engineer, which I am - UAC prompts are very rare.

The fact some program that can change the UAC settings is pretty huge example of why Windows has issues separating userspace from root space.

You're aware that the installer for this thing runs as Administrator (like most installers), right? How exactly do you propose separating Admin (the installer) from Admin (the privileges needed to change the way UAC works), and what the fuck does that have to do with separating user from Admin? Oh, by the way, "userspace" or "user mode" is the opposite of "kernel mode" or "supervisor mode". Everything in kernel runs as root, but not everything in root is in the kernel. Most processes running under root (or Administrator, or even SYSTEM) are user mode.

Who's [SIC] brilliant idea at Microsoft was it to provide any sort of API that can let any program (besides the control panel widget that lets you adjust UAC settings) adjust UAC settings?

Do you have any fucking clue how an operating system works? I mean, even at the basic, general level? Here's a hint: when that Control Panel widget adjusts UAC settings, it is flipping some bits in some configuration store somewhere (*nix mostly uses text files for these stores, Windows mostly uses the registry; in this case the relevant bits are, indeed, in the registry). *ANYTHING* with arbitrary privileges on the system (like an installer running as root) can flip those bits; that's just a basic function of the way OS security works.

I think

No, you actually don't. It's really kind of pathetic.

No program should be permitted, regardless of it's permissions, to touch things like UAC settings.

And how, exactly, do you propose to stop a program that has (worst case) the required permissions to load a driver that can touch physical memory directly from doing anything at all, including changing an OS setting? I sincerely ask you, please, tell me your brilliant idea for revolutionizing the entire field of computer security more than anything since Multics development started 50 years ago.

Re:You're part of the problem

[mattpalmer1086]

While I agree with a lot of what you say, the obvious solution is that installers should *not* run as Admin, but as a user with only the permissions required to install software for a normal user. Certainly not with permissions to do anything it likes on the system, and particularly not to change existing security settings.

This is actually one of the biggest potential advantages of the Windows security model over Unix and Linux. There is no god-like root user with a complete pass to do anything it likes. Even Admin's permissions can be altered (although Admin can put them back again if it likes). And the security model is much more fine-grained (and therefore complex, so nobody uses it to its full advantage).

Of course, it won't surprise me to learn that most installers do run as Admin, as you claim. I'm mostly on Linux these days, so I'm not fully up to speed on the Windows world any more...

Damn, you're *STILL* spouting bullshit

[cbhacking]

You're aware that Windows 1-3.x, Windows 9x, and Windows NT/2000/XP/Vista/7/8.x/10 are each very different systems, right? No, of course you're not, you're a loudmouth who has no idea what he's talking about. Windows NT (which is to say, every version of Windows for PCs or servers since XP) was very much designed with isolation between *all* users, including between Administrators and non-Administrators, as a central feature. Windows NT is not, and never has been, a single-user operating system.

The last version of Windows that was designed as "A SINGLE USER operating system" was Windows ME. Why the fuck would you want to run as though you're running Windows ME? That's bloody idiotic!

Windows NT 3.1 (the initial release, came out in 1993) was very much multi-user, although it wasn't terribly good at timesharing (it wasn't until Windows 2000 that Microsoft added the ability for multiple interactive logins at the same time).

As for why you shouldn't use your OS as a single-user system, there's a number of reasons. One of them is because you, personally, obviously aren't competent to use a computer securely, and probably shouldn't be trusted with anything you have more control over than an iPad (which is, by the way, very multi-user although the earliest versions of iPhone OS, before it could run third-party apps at all, ran everything as root). Another is because sometimes other people run stuff on your computer (via exploits or Trojans or just by walking up to it while you're taking a piss) and you probably don't want them to be able to change everything they feel like changing (you had an impressively stupid rant above about how even an installer shouldn't be able to change UAC settings, which was funny).

Re:Windows is poorly designed, Linux is way better

[Zero__Kelvin]

Multi-monitor support has been rock solid for at least 5 years. Nice troll though!

United We Stand

[lucm]

Liberal witch hunters are hilarious. They remind me of those pro-life people who bomb abortion clinics.