It is not impossible, in fact it is very possible.Microsoft would have to create a flag so that programmers can set it to tell the system that it is a security related program and thus should be allowed to execute under the admin account.
Once they do that, the game's over, because the malware programmers would all set that flag, run as admin and go right around any anit-virus software you might think you were running to protect your computer. I'm a Linux user and advocate, and I wouldn't want to see that happen.
Please read above mentioned points, that topic has already been covered.
To save time ill summarize. Malware authors are going to set that. Its expected, and if an admin executes the bad program without checking it out. You now point I hope...
Also I should explain the last point. Command prompt couldn't be blocked. I need it as an admin. Administrators should always check foreign scripts before executing them. Its not that hard to get the source code to a batch file or VBscript or (insert favorite cmd language here). Admins can always download using their standard accounts and switch users to execute it. Its more inconvenient but it takes almost as long to display and read a UAC prompt anyways. A switch user takes what 10 seconds. Thats a really long time.
Microsoft would have to create a flag so that programmers can set it to tell the system that it is a security related program and thus should be allowed to execute under the admin account.
The problem with your implementation suggestion is that software developers who don't respect good security practices as it is will not respect such an API. If it is easier to set a flag asserting that the program is "security related" than to follow good software development practices, that is what they will do.
If the security flag was set then the program would not be available to the standard user, only to the admin. That would defeat that argument. If the admin still used the poorly coded program, thats his fault. I'll be awaiting his payment.
1. Im assuming that the virus authors probably would set that flag which goes back to my "the user should not be a complete retard rant"
2. Allowing a web browser to run in admin as a security flagged app! Are you !@#$'ing kidding me!!! Please go shoot yourself, or at least get re-educated in basic security principals. Thats exactly what the system would be aimed at stopping.
Like it was mentioned before, all systems have its pros and cons and when weighed (microsoft controlled vs. developers) I trust that a game developer wouldn't set the security flag. Another thing that I should mention is that apps with the security flag set can only run as admin. So if a web browser had the flag set, not many people would use it then, and vice versa if a virus writer set the flag then only retards could execute it.
What you suggest is either impossible, extremely undesirable, or both, assuming that by "they" you mean Microsoft.
For them to prevent certain classes of applications from running, without special knowledge, would require a kind of analysis similar in nature to solving the halting problem - a problem well known to be unsolvable.
Then the course of action is to require applications requiring root privileges to be signed by Microsoft, essentially making Windows a closed platform for developers. Furthermore, any applications they sign would have to be bullet-proof, getting back to the halting problem.
It is not impossible, in fact it is very possible.
Microsoft would have to create a flag so that programmers can set it to tell the system that it is a security related program and thus should be allowed to execute under the admin account. There is no microsoft involvement there except that they have to create a flag in the API. Not impossibly hard to them do.
With that in mind, I don't see how this is impossible. I didn't say we could completely prevent attacks, just make them a hell of a lot harder.
I am assuming however that the user that knows how to get in and use the admin account is not a complete retard. If they are and do execute a virus as admin, then they are retarded and deserve to pay me to fix their computer.
Yes, I run a computer business. So offering this could hurt me in the long run, but I hate seeing all the pings and scans and attacks against my firewall everyday. Something needs to be done.
What they need to do is limit all users to not be administrators. They should create the admin account so that it can ONLY do admin tasks. It cannot run programs like office or games. It can only run security and diagnostic apps, adding-remove apps. If they restricted admin users from using their account for daily use and only for admin use, that would significantly reduce the attack surface for crackers.
but doesn't the object need to be very very light in order for it to work? I mean birds have hollow bones and thats how they are very light, they would need a very small very light camera or whatever they plan on using on this "flapping object" or it wont fly. Or have they made things that im not aware of that are light like this?
I didn't ask if it was morally correct to have free music, I just used that as an example to state a fact that DRM or no DRM people are still gonna pirate the same if they want something they can afford. Its like shoplifting, they are taking it because they can't afford it, but they want it anyways.
I don't think that it would help really, most people pirate because they can't afford to pay that much. I know people that have 8000 song music collections, do you really think that @ 99 cents a song at most music download places they paid $8000 for their music? I doubt it.
why not? it was probably them that did those searches so they had somebody else to scream at and sue. Now the MPAA and RIAA will want to start censoring google, and the sad thing is google would probably let them do it.
If only Microsoft would open source these things... Heck if DirectX was open sourced imagine how much farther Linux would have come in the gaming arena. Yet, there is wine and that is pretty damn close to an open source version of DirectX and windows altogether now. I mean its just as buggy as native windows, sometimes even less for me. Counter-Strike: Source doesn't crash wine like it crashes XP and Vista.
Microsoft needs to fix bugs before putting in new "features"
P.S: Where can I score one of them 8-core processors, that was the most interesting part of the announcement for me.
At my work we use a program called samurize: http://samurize.com/
It can monitor WMI out of the box, and there is an SNMP plugin that you can use also. Its hard to work sometimes, and its time consuming also, but it works and since you design the graphics you can make it as pretty as you want
You know, it might be in your best interests to just go and ask a copyright attorney about this. They would be able to tell you definitively if you could be sued into oblivion.
Slashdot Mirror
It is not impossible, in fact it is very possible.Microsoft would have to create a flag so that programmers can set it to tell the system that it is a security related program and thus should be allowed to execute under the admin account.
Once they do that, the game's over, because the malware programmers would all set that flag, run as admin and go right around any anit-virus software you might think you were running to protect your computer. I'm a Linux user and advocate, and I wouldn't want to see that happen.
Please read above mentioned points, that topic has already been covered.
To save time ill summarize. Malware authors are going to set that. Its expected, and if an admin executes the bad program without checking it out. You now point I hope...
Also I should explain the last point. Command prompt couldn't be blocked. I need it as an admin. Administrators should always check foreign scripts before executing them. Its not that hard to get the source code to a batch file or VBscript or (insert favorite cmd language here). Admins can always download using their standard accounts and switch users to execute it. Its more inconvenient but it takes almost as long to display and read a UAC prompt anyways. A switch user takes what 10 seconds. Thats a really long time.
Microsoft would have to create a flag so that programmers can set it to tell the system that it is a security related program and thus should be allowed to execute under the admin account.
The problem with your implementation suggestion is that software developers who don't respect good security practices as it is will not respect such an API. If it is easier to set a flag asserting that the program is "security related" than to follow good software development practices, that is what they will do.
If the security flag was set then the program would not be available to the standard user, only to the admin. That would defeat that argument. If the admin still used the poorly coded program, thats his fault. I'll be awaiting his payment.
1. Im assuming that the virus authors probably would set that flag which goes back to my "the user should not be a complete retard rant"
2. Allowing a web browser to run in admin as a security flagged app! Are you !@#$'ing kidding me!!! Please go shoot yourself, or at least get re-educated in basic security principals. Thats exactly what the system would be aimed at stopping.
Like it was mentioned before, all systems have its pros and cons and when weighed (microsoft controlled vs. developers) I trust that a game developer wouldn't set the security flag. Another thing that I should mention is that apps with the security flag set can only run as admin. So if a web browser had the flag set, not many people would use it then, and vice versa if a virus writer set the flag then only retards could execute it.
What you suggest is either impossible, extremely undesirable, or both, assuming that by "they" you mean Microsoft.
For them to prevent certain classes of applications from running, without special knowledge, would require a kind of analysis similar in nature to solving the halting problem - a problem well known to be unsolvable.
Then the course of action is to require applications requiring root privileges to be signed by Microsoft, essentially making Windows a closed platform for developers. Furthermore, any applications they sign would have to be bullet-proof, getting back to the halting problem.
It is not impossible, in fact it is very possible. Microsoft would have to create a flag so that programmers can set it to tell the system that it is a security related program and thus should be allowed to execute under the admin account. There is no microsoft involvement there except that they have to create a flag in the API. Not impossibly hard to them do. With that in mind, I don't see how this is impossible. I didn't say we could completely prevent attacks, just make them a hell of a lot harder. I am assuming however that the user that knows how to get in and use the admin account is not a complete retard. If they are and do execute a virus as admin, then they are retarded and deserve to pay me to fix their computer. Yes, I run a computer business. So offering this could hurt me in the long run, but I hate seeing all the pings and scans and attacks against my firewall everyday. Something needs to be done.
What they need to do is limit all users to not be administrators. They should create the admin account so that it can ONLY do admin tasks. It cannot run programs like office or games. It can only run security and diagnostic apps, adding-remove apps. If they restricted admin users from using their account for daily use and only for admin use, that would significantly reduce the attack surface for crackers.
but doesn't the object need to be very very light in order for it to work? I mean birds have hollow bones and thats how they are very light, they would need a very small very light camera or whatever they plan on using on this "flapping object" or it wont fly. Or have they made things that im not aware of that are light like this?
... something they can afford ...
supposed to be cant, oops
I didn't ask if it was morally correct to have free music, I just used that as an example to state a fact that DRM or no DRM people are still gonna pirate the same if they want something they can afford. Its like shoplifting, they are taking it because they can't afford it, but they want it anyways.
you forgot tax ;)
I don't think that it would help really, most people pirate because they can't afford to pay that much. I know people that have 8000 song music collections, do you really think that @ 99 cents a song at most music download places they paid $8000 for their music? I doubt it.
why not? it was probably them that did those searches so they had somebody else to scream at and sue. Now the MPAA and RIAA will want to start censoring google, and the sad thing is google would probably let them do it.
If only Microsoft would open source these things... Heck if DirectX was open sourced imagine how much farther Linux would have come in the gaming arena. Yet, there is wine and that is pretty damn close to an open source version of DirectX and windows altogether now. I mean its just as buggy as native windows, sometimes even less for me. Counter-Strike: Source doesn't crash wine like it crashes XP and Vista.
Microsoft needs to fix bugs before putting in new "features"
P.S: Where can I score one of them 8-core processors, that was the most interesting part of the announcement for me.
At my work we use a program called samurize: http://samurize.com/ It can monitor WMI out of the box, and there is an SNMP plugin that you can use also. Its hard to work sometimes, and its time consuming also, but it works and since you design the graphics you can make it as pretty as you want
You know, it might be in your best interests to just go and ask a copyright attorney about this. They would be able to tell you definitively if you could be sued into oblivion.