Day 12, “Security”

April 17, 2007

I think I’ll start on Vista’s brand-spanking new User Account Control (UAC). First, some background knowledge. The UAC is basically a way to restrict the user from installing malicious software on their computer. In some ways it works. But in others, it doesn’t. First off, the good points; it always pops up whenever I’m installing any software, requiring me to confirm that I want to install the software. One major bad point is that it pops up whenever I’m installing any software, requiring me to confirm that I want to install the software. Although adding a layer of security, it is so manically irritating. Before the ill-times popup, well, pops up the screen goes blank for an unspecified time. Sometimes as long as half a second, in which time I have the chance to panic, and possibly run across the room in frustration. This, as you may have guessed, gets old very soon. Not only this, it insists on giving the most ambiguous warnings humanly possible:

Now, I’m no security expert, but to me that is looking very insecure. Not only do I not know what I am running, I don’t even have to type a password to allow it. I’m pretty sure that bypassing the pressing of a button, is easier than cracking a password (which still doesn’t have competant encryption). Also, how on earth is a non-savvy computer user going to know what the hell UAC is, and what it’s for. No normal PC user knows what effect it has running as root on a machine. Microsoft was even kind enough to bundle in a little ditty called ‘SendTo’ which allows bypassing of UAC when it is turned on, it makes non-writable directories fully writable. Wonderful really.

If UAC fails to do its job, people don’t know what it is for, can be easily spoofed, and has crap design overall, what is need for it?

Another major beef is the shoddy firewall. Apparently, the firewall blocks all connections, except those applications listed. Upon opening up nmap and scanning my PC I found I had three ports open. Three ports which had been opened without my consent. These are: msrpc, netbios-ssn, and microsoft-ds. After not being able to see any of these in my list of accepted apps, I proceeded to Google. As you can see, the second result of a google search of ‘msrpc’ is entitled “Hacking Windows: MSRPC vulnerabilities”. Oh good, that really strikes confidence in the Windows sceptic of Vista’s new-found security. Apparently, if I had my computer in my router’s DMZ (like it always is when Linux is installed with a competent firewall) I am vulnerable to a buffer overflow. Wonderful.

I think it’s safe to say that Microsoft’s overzealous attempts at security are short lived. Although “Most secure version of Windows ever” is a little like saying “diphtheria is better than cancer”.