Posted on Saturday, May 05 2007 @ 14:25 CEST by Thomas De Maesschalck
Microsoft thinks its User Account Control (UAC) system in Windows Vista is so great that other operating systems should follow suit:
The company says that UAC and the approach it embodies is really the direction that all operating systems should be headed in, but to understand that argument, one must first understand what Microsoft means.
Microsoft's Mark Russinovich has made it clear that the company does not view UAC as a "security boundary." I wrote about this earlier, but one major point worth repeating is that UAC encourages developers (including black hats) to try and accomplish more without elevating permissions. Why? Because the goal should be to avoid tripping UAC except for operations that truly need elevated privileges, which frankly something like changing Mozy backup settings should not require (but currently does).
Peter Watson, Microsoft Australia's chief security advisor, gave a video interview to Builder AU in which he explained why other operating system developers should be paying attention to Microsoft's approach.
"There has been a lot of misunderstanding in the market around User Account Control (UAC) and how the function actually works. If you look at it from an architectural direction, User Account Control is a great idea and strategically a direction that all operating systems and all technologies should be heading down," Watson said.
More info
at ARS Technica.
