http://www.darknet.org.uk/2009/11/windows-7-uac-user-access-control-ineffective-against-malware/ Ethical Hacking, Penetration Testing & Computer Security Tue, 14 Feb 2012 00:17:07 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://www.darknet.org.uk/2009/11/windows-7-uac-user-access-control-ineffective-against-malware/#comment-160006 Morgan Storey Sun, 08 Nov 2009 07:15:43 +0000 http://www.darknet.org.uk/?p=2267#comment-160006 I don't see the difference conceptually between the UAC and sudo (and I love sudo). But the technical differences are interesting; http://en.wikipedia.org/wiki/User_Account_Control#Tasks_that_trigger_a_UAC_prompt Realistically it is just another layer, if someone wrote a virus that executed from your home directory in Linux/MacOS no sudo would be needed, it could even make connections out on an arbitrary port, that being said it is a start over windows xp and its predecessors where most 3rd party programs where written to take account of the "everyone runs as admin" theory. Now that UAC are in, it has changed companies are programming stuff to not need write access to c:\windows\temp or c:\program files\ I don’t see the difference conceptually between the UAC and sudo (and I love sudo). But the technical differences are interesting; http://en.wikipedia.org/wiki/User_Account_Control#Tasks_that_trigger_a_UAC_prompt
Realistically it is just another layer, if someone wrote a virus that executed from your home directory in Linux/MacOS no sudo would be needed, it could even make connections out on an arbitrary port, that being said it is a start over windows xp and its predecessors where most 3rd party programs where written to take account of the “everyone runs as admin” theory. Now that UAC are in, it has changed companies are programming stuff to not need write access to c:\windows\temp or c:\program files\

]]> http://www.darknet.org.uk/2009/11/windows-7-uac-user-access-control-ineffective-against-malware/#comment-160001 Rashid Azar Fri, 06 Nov 2009 11:19:07 +0000 http://www.darknet.org.uk/?p=2267#comment-160001 UAC is just a lollypop in he mouth of noob users. I disabled this permanently. UAC is just a lollypop in he mouth of noob users. I disabled this permanently.

]]> http://www.darknet.org.uk/2009/11/windows-7-uac-user-access-control-ineffective-against-malware/#comment-159998 cbrp1r8 Thu, 05 Nov 2009 14:43:27 +0000 http://www.darknet.org.uk/?p=2267#comment-159998 I read the Sophos blog/report yesterday..got a chuckle out of it...score another one up for Winblows... :D I read the Sophos blog/report yesterday..got a chuckle out of it…score another one up for Winblows… :D

]]> http://www.darknet.org.uk/2009/11/windows-7-uac-user-access-control-ineffective-against-malware/#comment-159993 Hannibal Thu, 05 Nov 2009 11:04:43 +0000 http://www.darknet.org.uk/?p=2267#comment-159993 Thanks for the info :) Thanks for the info :)

]]> http://www.darknet.org.uk/2009/11/windows-7-uac-user-access-control-ineffective-against-malware/#comment-159990 Kitkat Thu, 05 Nov 2009 09:26:38 +0000 http://www.darknet.org.uk/?p=2267#comment-159990 Play safe, work offline and do not plug any removable drives. This will prevent your PC get any virus. :p I personally do not use UAC. For me, a USB vaccine (from Panda usb) and good anti virus (NOD32) is sufficient to keep my PC clean and healthy :) Play safe, work offline and do not plug any removable drives. This will prevent your PC get any virus. :p I personally do not use UAC. For me, a USB vaccine (from Panda usb) and good anti virus (NOD32) is sufficient to keep my PC clean and healthy :)

]]>