次の方法で共有

People like this just frost me: Security considered a burden for users

  • [アーティクル]

So I want to take a second to vent. First, I recognize that I work for Microsoft and before the whole Trustworthy Computing thing (which hit it's 5 year anniversary this week) the concept of security and Microsoft was the brunt of several jokes. Not hurting my feelings....we needed those of you in the field to really open our eyes as to what we should have been doing from Square 1....so for that I thank you. I also think we're moving in the right direction, as do many of you.

What makes me angry is when we do what is "right" for the security field as a whole and then get some self-serving "security expert" who gets quoted saying that specific security features are just a "burden to users". Know what else is a burden? Seat belts. Would this same guy be quick to recommend that his kids drive without them? What about airport security checkpoints? I know they're a real drag for me. Maybe we should just have two lines at the airport...one for people who don't mind being screened and an express line for those who do. Of course, I bet if I choose to run this vendor's "security solution", my experience as a user would be near perfect. Funny how that works.

Here's the facts: The User Access Control feature in Windows Vista is absolutely the right thing to do keep users from being their own worst enemies, by running with administrative rights, when it's not required by the task. Of course, you need to determine if the risk of turning the UAC off is less of a hassle than rebuilding a corrupted network. Totally up to you. Don't forget (like this gentleman failed to mention) you do have the ability to set the level of user interaction with UAC through nine separate options in Group Policy. The Windows Vista Security Guide explains where to make that change.

The screen shot on the left shows the option for someone with admin rights. The other is for those who run as standard users without admin rights:

 

If you got any more questions about UAC please check out the UAC team blog....and always wear your seat belt.

Comments

  • Anonymous
    January 01, 2003
    I've worked with Kai directly for a number of years. He doesn't get all riled up easily. But he does

  • Anonymous
    January 01, 2003
    Jeff has an uncanny ability to dig into details that most folks gloss over: Exposed? : Examining Secunia

  • Anonymous
    January 01, 2003
    I was attending my son's swim meet last night (Go Wayzata !). They happened to be taking on my old school

  • Anonymous
    January 01, 2003
    Again, please correct me if this recent report seems to be a bit self-serving. The jist of this report

  • Anonymous
    January 01, 2003
    The comment has been removed