Who is planning on going from windows 7 to windows 8.1?

[Wrench00]

I use Windows 8 (well Server 2012) on a 27" touchscreen at work every weekday. I use the screen instead of the mouse for about 50% of my tasks. I'd never go back to a setup without a touchscreen at work, because the productivity boost is incredible. You're not using Windows 8 on the right hardware if you didn't see a marked productivity boost, but when that hardware costs a couple thousand dollars, it's easy to understand why most people haven't really tried it and won't for at least another year or two.

At home, my PC isn't used for productivity, so I'm still on Windows 7. I don't have the hardware to make any use of Windows 8 here.

Windows 8 is all about the hardware, but hardly anyone has it. Microsoft did an absolutely terrible job of getting OEMs on board with producing hardware for it. They should have flat-out told OEMs they couldn't sell Win8 on any machine without touch, and then discontinued 7 as planned to force the OEMs to build touch from the ground-up or use another OS like Chrome.

Sorry but you're using it wrong. Server 2012 is much better being Core/Powershell OS. Any one that uses a Server 2012 with GUI is a noob. MS says to use Core no GUI installs on servers these days. So You essentially wasted companies money on a 27" touchscreen. You must work at a Bank or for the .gov.

You are using it wrong Core is much superior to GUI. I can do things 100X faster on core then GUI. Command shell is far superior to touch or any GUI.

 

[RogueTrip]

You think Vista is the worst and you use ME?! Very funny.

I will admit. Always loved Win98SE. Just swapped to ME a few months back for my retro gaming rig though and its actually alot easier to tweak and setup. Real-Mode DOS really isn't needed for games after 94/95, well at least the ones I play.

Now onto my Vista rant. As a OS it is very bloated and high memory/disk requirements. I knew a guy that would wait 5 minutes boot time on a new eMachine with 512MB memory. Then there's the disk space that Vista will just eat away at. No OS should be eating up 30+GB of space with Hibernation, System Retore and the likes turned off on a fresh install!! Can't even put it on a 32GB SSD.

Win7 and 8 using basic trims only take 17~20GB w/ system retore on. Hibernate and pagefile off or moved to another drive.

I know WinXP Pre SP1 usually ran good on 512MB, Then SP2 hit and really needed 1GB+ for a speedy rig.

The general rule is to skip every other M$ Windows release.
Buy WinNT, skip Win98, Buy Win98SE, skip WinME, Buy XP, skip Vista (aka Windows v6.0), buy Win7 (aka Windows v6.1), skip Win8, wait for Win9.

If the bold is true. Then 8.1 should be good

 

[pxc]

Windows NT 3.5/4.x weren't consumer oriented OSs. Many software incompatibilities erased those as an option for most consumers. Simple rules don't really reflect what's good or bad.

Windows 3.0
Windows 3.1/3.11
Windows 95
Windows 95 OSR2
Windows 98
Windows 98SE
Windows ME
Windows 2000
Windows XP
Windows Vista
Windows 7
Windows 8

Windows 3.0 was buggy, some crummy hardware had driver problems with Windows ME (all Win9x releases of Windows had major problems with stability compared to the NT-based versions), pre-SP2 Windows XP was insecure (just like all previous Windows versions; its huge success simply made it more notable), Windows Vista had obnoxious security prompts and poorly written software only made that worse (and unusually high system requirements to make it as usable as XP), and Windows 8 UI changes are probably the only major issues I'd point out on that list. Otherwise, I wouldn't have minded recommending any of those OSs when those were current. I ran all of those, plus Windows 2.11/386 and DOS going back to 3.3 before that.

 

[Dogs]

So You essentially wasted companies money on a 27" touchscreen. You must work at a Bank or for the .gov.

LOL, what? If he likes it, and can be productive with it, then it wasn't a waste of money. Perhaps you don't have a firm understanding of business, but in order to maintain retention of valuable employees, good companies will spend lots of money to make sure their employees have the best tools for their needs. Good employees will get picked off by headhunters if they're not given a good reason to stay where they're at, and the costs associated with turnover of skilled employees vastly outweighs the costs associated with buying said associates a 27" touchscreen.

 

[Dogs]

Now onto my Vista rant. As a OS it is very bloated and high memory/disk requirements. I knew a guy that would wait 5 minutes boot time on a new eMachine with 512MB memory. Then there's the disk space that Vista will just eat away at. No OS should be eating up 30+GB of space with Hibernation, System Retore and the likes turned off on a fresh install!! Can't even put it on a 32GB SSD.

First, you should look up the word bloated. Second, Vista easily offered the largest jump forward in technology of any Windows operating system ever. What you perceive as bloat is actually just Vista being better at utilizing your hardware. Literally every aspect of Vista was lightyears ahead of XP.

As for not being able to put Vista on a 32GB SSD, you're doing it wrong. Why are you trying to put it on such a small disk? And if you really want to, all you have to do is turn off Windows features. There's plenty of them enabled out-of-box that someone trying to put their OS on a 32 GB SSD clearly has no use for.

 

[DeathFromBelow]

Windows Vista had obnoxious security prompts

No, it did not. UAC is by far the most user-friendly variation of privilege escalation I've used. Windows users only bitch about it because they're never had to deal with that level of security before and don't understand that it's not just a pop-up. It's a vital feature that people need to understand and get used to. Always run UAC at the max setting.

Running Windows XP as an administrator (or Vista/7 with UAC not at max) is like running as root on Linux, without privilege escalation you're completely open to unpatched exploits. That's why internet 'drive by' infections were so common in the XP era. Vista was a huge leap forward and does not deserve the negative reputation it ended up with.

 

[CEpeep]

Sorry but you're using it wrong. Server 2012 is much better being Core/Powershell OS. Any one that uses a Server 2012 with GUI is a noob. MS says to use Core no GUI installs on servers these days. So You essentially wasted companies money on a 27" touchscreen. You must work at a Bank or for the .gov.

You are using it wrong Core is much superior to GUI. I can do things 100X faster on core then GUI. Command shell is far superior to touch or any GUI.

I'm using it as a workstation OS because we have more licenses for it than we do for Win8, but thanks for your concern about my organization's financial stability and my personal level of computing expertise. Since I'm using it as a workstation rather than a server, I kind of need a GUI.

I agree on Powershell, though. Extremely powerful and I'm glad it's a core part of Windows.

 

[pcjunkie]

Sorry but you're using it wrong. Server 2012 is much better being Core/Powershell OS. Any one that uses a Server 2012 with GUI is a noob. MS says to use Core no GUI installs on servers these days. So You essentially wasted companies money on a 27" touchscreen. You must work at a Bank or for the .gov.

You are using it wrong Core is much superior to GUI. I can do things 100X faster on core then GUI. Command shell is far superior to touch or any GUI.

Oh god...her we go back top the 90's with cli crap. Must be a unix fan boy that wants use 1000 keystrokes in a command prompt vs. a GUI and a few clicks/keystrokes. I hate to tell you but there are reasons to use GUI's to help make things simpler and faster. There can be a balance of gui and cli you know.

LOL and if it gets the job done how are they doing it wrong?

 

[Dogs]

Oh god...her we go back top the 90's with cli crap. Must be a unix fan boy that wants use 1000 keystrokes in a command prompt vs. a GUI and a few clicks/keystrokes. I hate to tell you but there are reasons to use GUI's to help make things simpler and faster. There can be a balance of gui and cli you know.

No, I'm going to side with Wrench00 on that part of the discussion. In terms of cli vs gui for Windows Server, cli kicks gui in the face. If he's using the Windows Server machine as a server, or as an 'administrative console', he is far better off using powershell than by doing things with a mouse.

A powerful scripting language like powershell is of orders of magnitude more expressive than a stupid mouse is. 1000 keystrokes in a cli could easily accomplish something which would literally take as much as a few years working 40 hour work weeks to accomplish with just basic gui control. It all depends on what you're trying to accomplish, but for a lot of IT tasks, a cli is without question the vastly superior tool. The amount of 'command' you can express with a few lines of well-written, idiomatic powershell is astronomically larger than what you can accomplish with a few mouse gestures.

On the other hand, if CEpeep is using his Windows Server box more as a workstation, where a GUI would be appropriate, there is no real, objective productivity difference between using a mouse and using a touch screen. If he can be more productive, or be more comfortable at the same productivity level, using a 27 inch touch screen, then the 27 inch touch screen was probably money well spent for his employer.

 

[Wrench00]

Oh god...her we go back top the 90's with cli crap. Must be a unix fan boy that wants use 1000 keystrokes in a command prompt vs. a GUI and a few clicks/keystrokes. I hate to tell you but there are reasons to use GUI's to help make things simpler and faster. There can be a balance of gui and cli you know.

LOL and if it gets the job done how are they doing it wrong?

I was being sarcastic because using a server OS on a touchscreen is asinine. This particular user use of a 1200 dollar OS is just wasteful.

Buy a 120 dollar OS instead this is why I call fud on this user. BS. No IT department would let you mis-approriate a server OS. If they have then they most likely Broken tons of other rules.

 

[Dogs]

Buy a 120 dollar OS instead this is why I call fud on this user. BS. No IT department would let you mis-approriate a server OS. If they have then they most likely Broken tons of other rules.

Are his Windows Server licenses transferable? If yes, then it's not a waste, because the license wasn't being used for anything else. Having a copy of Windows Server not being used for anything is more wasteful than having it on a workstation. If they're running low on Windows Server licenses, they can remove it from his machine and put a standard copy of Windows in its place. Since most volume licensing from Microsoft includes transfer rights, it's probably not an issue.

 

[CrimsonKnight13]

I'm going to upgrade to 8.1 by this weekend. Is there any benefit to activating with my 8 key or should I wait for an official 8.1 key from TechNet?

 

[CEpeep]

I was being sarcastic because using a server OS on a touchscreen is asinine. This particular user use of a 1200 dollar OS is just wasteful.

Buy a 120 dollar OS instead this is why I call fud on this user. BS. No IT department would let you mis-approriate a server OS. If they have then they most likely Broken tons of other rules.

Why do you care so much about how our IT department works? We have a large number of licenses to Server 2012 due to a volume agreement, more than we will use on our actual server machines by a significant margin. I had my choice of Windows 8 Enterprise or Server 2012 when the machine was provisioned, and I went with the server version for the superior Hyper-V management console options. No rules were broken and this is in-line with our existing IT policy, but you don't work here so why do you even care?

 

[pxc]

No, it did not.

Yes, it did. In fact Vista's security prompts were so obnoxious that MS seriously toned it down in Windows 7 for the same tasks... and was widely praised for fixing one of Vista's most glaring problems. As I mentioned, some of that was related to poorly written programs which had assumed admin privilege for various functionality (usually just bad choices like writing configuration files in system or program files areas instead of under the profile folder).

I do agree that *nix and OS X security prompts can be even worse, but nobody really liked how often UAC prompts came up for basic config tasks.

 

[Dogs]

Yes, it did. In fact Vista's security prompts were so obnoxious that MS seriously toned it down in Windows 7 for the same tasks... and was widely praised for fixing one of Vista's most glaring problems. As I mentioned, some of that was related to poorly written programs which had assumed admin privilege for various functionality (usually just bad choices like writing configuration files in system or program files areas instead of under the profile folder).

I do agree that *nix and OS X security prompts can be even worse, but nobody really liked how often UAC prompts came up for basic config tasks.

You're confusing a user problem for a system problem. That's just a case of users being too dumb and stubborn to tolerate proper security practices.

 

[CEpeep]

You're confusing a user problem for a system problem. That's just a case of users being too dumb and stubborn to tolerate proper security practices.

Vista's UAC implementation wasn't "proper" though, it triggered UAC prompts for actions that shouldn't have needed Admin access and didn't make allowances for old/poorly-designed software that wanted more rights than it actually needed. The fact that Microsoft was lauded for "fixing" UAC in 7 (when all they did was tweak which actions triggered it) should illustrate this.

 

[Dogs]

Vista's UAC implementation wasn't "proper" though, it triggered UAC prompts for actions that shouldn't have needed Admin access and didn't make allowances for old/poorly-designed software that wanted more rights than it actually needed. The fact that Microsoft was lauded for "fixing" UAC in 7 (when all they did was tweak which actions triggered it) should illustrate this.

Wrong. Any action which required a UAC prompt was an action that could not be completed without admin credentials. If you turned UAC off and tried to complete the same action as a standard user, it would not work.

What Microsoft changed in 7 was the default prompting level. If you change the security level in 7 to the same level which vista defaults to, you will encounter the same behaviour. Additionally, by making this change to the default protection level in 7, Microsoft introduced unintended security vulnerabilities. The same actions are caught by uac, however, by default in Windows 7 some actions are now automatically elevated for you, instead of promoting. This was not a problem with Vista. This was a problem with consumers disliking proper security.

 

[Lith1um]

Vista got a rough start because of driver availability, the lack thereof. It was the transition to the new wdm driver structure.

That, and the disk thrashing which most people disabled, and probably wouldn't even be noticeable with an ssd drive.

 

[CEpeep]

Wrong. Any action which required a UAC prompt was an action that could not be completed without admin credentials. If you turned UAC off and tried to complete the same action as a standard user, it would not work.

What Microsoft changed in 7 was the default prompting level. If you change the security level in 7 to the same level which vista defaults to, you will encounter the same behaviour. Additionally, by making this change to the default protection level in 7, Microsoft introduced unintended security vulnerabilities. The same actions are caught by uac, however, by default in Windows 7 some actions are now automatically elevated for you, instead of promoting. This was not a problem with Vista. This was a problem with consumers disliking proper security.

I don't think that triggering UAC prompts for things that can be safely overridden automatically by the system is "proper security." If it's always safe for the system to automatically elevate privileges for an action, that action shouldn't be requiring admin access to begin with. Proper security is smart security, not bothering the user about every single action fi there's no actual need for them to be bothered.

 

[Dogs]

I don't think that triggering UAC prompts for things that can be safely overridden automatically by the system is "proper security." If it's always safe for the system to automatically elevate privileges for an action, that action shouldn't be requiring admin access to begin with. Proper security is smart security, not bothering the user about every single action fi there's no actual need for them to be bothered.

They cannot be safely auto-elevated, though. There is always risk inherent with such behavior. One of these risks includes the ability of virus software running in the context of an admin account to disable UAC without UAC prompting. Once malicious software has done this, it is running with an admin security token and can do as it pleases. In Vista, this was never a possibility on the default settings, but on Windows 7, this could be accomplished and has been readily demonstrated both in real world viruses and in academic, controlled settings.

I'm sorry, but while Vista did have some valid barriers to adoption at launch, UAC was not one of them. UAC was only a barrier because consumers are stupid, stubbornly lazy, and arrogant beyond belief.

 

[DeathFromBelow]

I don't think that triggering UAC prompts for things that can be safely overridden automatically by the system is "proper security." If it's always safe for the system to automatically elevate privileges for an action, that action shouldn't be requiring admin access to begin with. Proper security is smart security, not bothering the user about every single action fi there's no actual need for them to be bothered.

Again, you're showing that you don't understand privilige elevation at all. UAC works the same way privilige elevation works in any Linux distro. Administrative actions require admin credentials, period. If you don't require credentials for all administrative actions you have a security hole. Windows users bitch and moan about it because they've never had to deal with real security prior to Vista.

The only alternative for achieving the same level of security is only allowing trusted software from an official app store to run.

As I mentioned, some of that was related to poorly written programs which had assumed admin privilege for various functionality (usually just bad choices like writing configuration files in system or program files areas instead of under the profile folder).

I do agree that *nix and OS X security prompts can be even worse, but nobody really liked how often UAC prompts came up for basic config tasks.

See above.

Additionally, one of the great things about UAC is that it maintains backward compatibility by sandboxing apps when you give admin credentials. Apps that won't run with limited user accounts on older versions of Windows can be run securely on Vista and later versions.

Realistically very few apps require admin priviliges on each run. Going through my old games collection Neverwinter Nights and Star Wars Knights of the Old Republic I/II are the only things that come to mind.

 

[Flogger23m]

No. I will eventually with Classic Shell, though that does bring up some issues. But I might have to switch eventually.

I can't stand Modern/Metro for a desktop or laptop. I find a mouse much easier to use than a touch device. I've used a mouse in Modern UI as well as my fingers... I prefer the mouse.

 

[B00nie]

Again, you're showing that you don't understand privilige elevation at all. UAC works the same way privilige elevation works in any Linux distro. Administrative actions require admin credentials, period. If you don't require credentials for all administrative actions you have a security hole. Windows users bitch and moan about it because they've never had to deal with real security prior to Vista.

The only alternative for achieving the same level of security is only allowing trusted software from an official app store to run.

UAC does NOT require admin credentials like in linux since every windows is preconfigured to allow loginless admin rights. All the user has to do is to click one extra box without even understanding what it means.

As long as Windows is not preconfigured to use a non admin account with a password protected privilege elevation it won't get much benefit from UAC. All UAC does is prevent some (not all) remote exploits.

 

[heatlesssun]

UAC does NOT require admin credentials like in linux since every windows is preconfigured to allow loginless admin rights. All the user has to do is to click one extra box without even understanding what it means.

As long as Windows is not preconfigured to use a non admin account with a password protected privilege elevation it won't get much benefit from UAC. All UAC does is prevent some (not all) remote exploits.

I believe that anything that triggers UAC requires admin rights. However when UAC is turned on even a admin is not always running in the security context of an admin, thus when UAC is on and one is logged in as an admin you can configure UAC not to ask for credentials. However if one is running as a standard user an UAC is turned on then the UAC prompt requires credentials.

 

[B00nie]

I believe that anything that triggers UAC requires admin rights. However when UAC is turned on even a admin is not always running in the security context of an admin, thus when UAC is on and one is logged in as an admin you can configure UAC not to ask for credentials. However if one is running as a standard user an UAC is turned on then the UAC prompt requires credentials.

Yes yes but my point was that:

a) UAC gets triggered on practically anything that touches program files, prompting the user even if a localized software wants to save itself there.

b) Due to constant prompting the end user learns that he must click that accept button whenever it opens up. As he can't tell the difference between a safe localized operation and a system involving change.

c) Windows is configured to allow admin rights to whoever logs in the first time to the installed OS. No separate root account and password.

 

[heatlesssun]

a) UAC gets triggered on practically anything that touches program files, prompting the user even if a localized software wants to save itself there.

Unless an app HAS to do things like write to Program Files it shouldn't. Apps should be storing data in User directories for a whole host of reasons.

b) Due to constant prompting the end user learns that he must click that accept button whenever it opens up. As he can't tell the difference between a safe localized operation and a system involving change.

There just should be a lot of UAC prompts showing up for average users beyond program installs.

c) Windows is configured to allow admin rights to whoever logs in the first time to the installed OS. No separate root account and password.

True, not really sure why this would be a problem other than of course once the initial user sets up a system there could be a step to prompt a user to create a standard user.

 

[Dogs]

a) UAC gets triggered on practically anything that touches program files, prompting the user even if a localized software wants to save itself there.

That's because the file permissions in the Program Files directories are read-only for standard users. If you turned off UAC and logged in as a standard user, those operations would simply throw an access denied, and you still wouldn't be able to do what you want.

This isn't a function of UAC. This is a function of the way Windows permissions have been set up. Allowing standard users to modify the program files directory is a big no-no, and leaves your computer wide open to attack. But if for some reason your goal is to have an insecure computer, you can easily give write permissions to standard users, and then UAC won't prompt you when things try to make changes to program files.

Software should not be making the assumption that it can write to program files, or any other protected directory. That's just poorly designed software. Best practices are to save to locations like %appdata%. The only time a program can safely assume/require admin rights is at install time. Outside of that, it should be working under the assumption that it is being operated as a standard user.

c) Windows is configured to allow admin rights to whoever logs in the first time to the installed OS. No separate root account and password.

That varies depending on where the OS came from. Most OEMs ship the computers that way, because like we've established, most users are hopelessly stupid and wouldn't tolerate a proper security setup (which is why Microsoft made UAC in the first place).

 

[B00nie]

That's because the file permissions in the Program Files directories are read-only for standard users. If you turned off UAC and logged in as a standard user, those operations would simply throw an access denied, and you still wouldn't be able to do what you want.

This isn't a function of UAC. This is a function of the way Windows permissions have been set up. Allowing standard users to modify the program files directory is a big no-no, and leaves your computer wide open to attack. But if for some reason your goal is to have an insecure computer, you can easily give write permissions to standard users, and then UAC won't prompt you when things try to make changes to program files.

Software should not be making the assumption that it can write to program files, or any other protected directory. That's just poorly designed software. Best practices are to save to locations like %appdata%. The only time a program can safely assume/require admin rights is at install time. Outside of that, it should be working under the assumption that it is being operated as a standard user.

Before Vista practically all software installed to program files by default. Now all of the sudden the default location is banned and ISV:s typically just create new install paths outside of it and continue as they did before.

UAC is a nice tool for attackers since it allows a standard user to elevate privileges with a single click whenever a program asks for it. When the prompt comes for basically any software you're installing the users get used to accepting it automatically. It's the same as not having any limitations in the end.

Example: User wants to see youtube. Firefox and/or Flash wants to update. UAC prompt.. accept. User wants to see some porn. Porn site wants to install malware. UAC prompt - user has got used to having to accept UAC prompts for youtube before, accepts the malware riddled viewer install. Or a website has an infected ad which executes code - user sees UAC related to browser use and accepts it because he's used to having to accept it or it 'wont work'

And this is disregarding the methods which will bypass UAC anyway!

That varies depending on where the OS came from. Most OEMs ship the computers that way, because like we've established, most users are hopelessly stupid and wouldn't tolerate a proper security setup (which is why Microsoft made UAC in the first place).

Yes which is why the 'best practices' on windows should involve static applications in private user environments. Users should be jailed to their environments. Apps should be made portable instead of spreading them all over different folders and relying on registry. Then the UAC prompt should be a 'whats this?' moment alerting the end user something serious is happening and preferably it should require a physical login just to make sure a user won't just click to accept without at least having to think what the administrative password was.

 

[Dogs]

Before Vista practically all software installed to program files by default.

Practically all software still installs to Program Files by default. Claiming otherwise just demonstrates that you literally do not know what you're talking about.

UAC is a nice tool for attackers since it allows a standard user to elevate privileges with a single click whenever a program asks for it.

This is literally the least informed statement I have ever heard anybody say on this forum in a very long time. You clearly do not understand how UAC (or security, for that matter) works.

A standard user cannot elevate privileges to an admin privilege level without supplying the login credentials for an admin account. Claiming otherwise means you're literally just making stuff up at this point. If you think this is how UAC works, you absolutely do not know enough about computers to even be helping your grandmother read emails.

Example: User wants to see youtube. Firefox and/or Flash wants to update. UAC prompt.. accept. User wants to see some porn. Porn site wants to install malware. UAC prompt - user has got used to having to accept UAC prompts for youtube before, accepts the malware riddled viewer install. Or a website has an infected ad which executes code - user sees UAC related to browser use and accepts it because he's used to having to accept it or it 'wont work'

As opposed to non-UAC Windows, where the application would have already been running as an administrator to begin with, so the same outcome would have happened quicker.

And this is disregarding the methods which will bypass UAC anyway!

If properly configured, UAC can't effectively be bypassed, in the same way sudo can't effectively be bypassed. The ability to bypass UAC depends on the user running UAC at lowered security settings. If you understood these exploits, you would be well aware of this. But clearly, you don't, because you don't even understand how UAC works to begin with.


How about you go learn about operating systems, security, and software develoment, and come back to have this discussion only once you have a grasp on these topics you are trying to discuss. Right now, nothing you have said is even the faintest bit close to reality.

 

[B00nie]

Practically all software still installs to Program Files by default. Claiming otherwise just demonstrates that you literally do not know what you're talking about.

No they don't. Can't you read? Many ISVs have opted to install on their own install path instead.

This is literally the least informed statement I have ever heard anybody say on this forum in a very long time. You clearly do not understand how UAC (or security, for that matter) works.

A standard user cannot elevate privileges to an admin privilege level without supplying the login credentials for an admin account. Claiming otherwise means you're literally just making stuff up at this point. If you think this is how UAC works, you absolutely do not know enough about computers to even be helping your grandmother read emails.

A standard user which is created right after install has the ability to elevate rights using an uac prompt since a standard user account in Windows IS AN ADMIN ACCOUNT. Stop being obnoxious.

As opposed to non-UAC Windows, where the application would have already been running as an administrator to begin with, so the same outcome would have happened quicker.

2 seconds difference makes no good security LOL!

If properly configured, UAC can't effectively be bypassed, in the same way sudo can't effectively be bypassed. The ability to bypass UAC depends on the user running UAC at lowered security settings. If you understood these exploits, you would be well aware of this. But clearly, you don't, because you don't even understand how UAC works to begin with.

No?
http://pen-testing.sans.org/blog/2013/08/08/psexec-uac-bypass
http://www.rapid7.com/db/modules/exploit/windows/local/bypassuac
...

How about you go learn about operating systems, security, and software develoment, and come back to have this discussion only once you have a grasp on these topics you are trying to discuss. Right now, nothing you have said is even the faintest bit close to reality.

Untill now you've given 100% opinions and character attack with zero substance.

 

[Dogs]

No they don't. Can't you read? Many ISVs have opted to install on their own install path instead.

If by 'many', you mean almost none.

A standard user which is created right after install has the ability to elevate rights using an uac prompt since a standard user account in Windows IS AN ADMIN ACCOUNT. Stop being obnoxious.

Nope. A standard user is differentiated from an admin user by the lack of admin group membership. Again, you do not understand what you're talking about. Please come back when you do.

No?
http://pen-testing.sans.org/blog/2013/08/08/psexec-uac-bypass
http://www.rapid7.com/db/modules/exploit/windows/local/bypassuac
...

Those attacks can only bypass UAC under certain conditions. They cannot bypass UAC when the target is a standard user, a.k.a. when the target is following best practices. Please come back when you know what you're talking about.

 

[B00nie]

Nope. A standard user is differentiated from an admin user by the lack of admin group membership. Again, you do not understand what you're talking about. Please come back when you do.

The one and ONLY active user account after a Windows install is an admin account, therefore it's the standard account. Do I have to spell it out for you?

Those attacks can only bypass UAC under certain conditions. They cannot bypass UAC when the target is a standard user, a.k.a. when the target is following best practices. Please come back when you know what you're talking about.

http://www.zdnet.com/blog/security/...-bypassed-by-8-out-of-10-malware-samples/4825

The DEFAULT settings which all users use by DEFAULT. Not 'best practises' since 'best practise' is not to use Windows at all! It's very secure when it's turned off!

 

[Dogs]

The one and ONLY active user account after a Windows install is an admin account, therefore it's the standard account. Do I have to spell it out for you?

There are plenty of Linux distros that leave you with only the root account after install. Does that mean root is the standard Linux account?

Yet again I am forced to remind you that you do not know what you are talking about.
http://windows.microsoft.com/en-us/windows-vista/what-is-a-standard-user-account

The DEFAULT settings which all users use by DEFAULT. Not 'best practises' since 'best practise' is not to use Windows at all! It's very secure when it's turned off!

...Which is useless as a demonstration of a vulnerability in UAC. Sorry, but you're wrong. Come back when you've figured out what you're talking about.

 

[B00nie]

There are plenty of Linux distros that leave you with only the root account after install. Does that mean root is the standard Linux account?

Yet again I am forced to remind you that you do not know what you are talking about.
http://windows.microsoft.com/en-us/windows-vista/what-is-a-standard-user-account

The linux distros which leave you with a root account are usually ram based distros which get wiped out on shutdown lol! Windows then again DEFAULTS ALWAYS to admin account.

...Which is useless as a demonstration of a vulnerability in UAC. Sorry, but you're wrong. Come back when you've figured out what you're talking about.

How is it useless as a demonstration? The standard level of UAC was used to achieve all those attacks. 99,99% of users use either the standard setting or LOWER.

 

[Dogs]

The linux distros which leave you with a root account are usually ram based distros which get wiped out on shutdown lol!

Or any number of distros which require you to do the configuration your self. The ones target at people who are capable of preventing themselves from drooling.

How is it useless as a demonstration?

Because in order to successfully execute those attacks, the target must be operating Windows in a way which violates best practices AND Microsoft's own explicit recommendations.

 

[Valnar]

It's my job to be productive, not to cater to Microsoft's changing whims. Right now that means I run Windows 7 because the Windows 8 GUI makes everything I do take longer. If it's not more efficient, I fail to see the reason why Microsoft did it.

In all the MS GUI's I've used, I've come to this conclusion.

XP > 2000 > 7 > NT4 > 98 > 95 > Vista > 8 > 3.1

Say what you will, but I challenge any of you not to FLY through Windows XP or 2000 with ease. Everything else since then has added more layers.

 

[heatlesssun]

Say what you will, but I challenge any of you not to FLY through Windows XP or 2000 with ease. Everything else since then has added more layers.

Added more layers? Security was kind of broken in Windows before Vista, that can add "layers" I guess. Routine day to day stuff like launching desktop applications and using those applications has no additional layers between 2000 and 8 that I can think of. Indeed if an app is pinned to the task bar click it and in.

 

[CEpeep]

It's my job to be productive, not to cater to Microsoft's changing whims. Right now that means I run Windows 7 because the Windows 8 GUI makes everything I do take longer. If it's not more efficient, I fail to see the reason why Microsoft did it.

In all the MS GUI's I've used, I've come to this conclusion.

XP > 2000 > 7 > NT4 > 98 > 95 > Vista > 8 > 3.1

Say what you will, but I challenge any of you not to FLY through Windows XP or 2000 with ease. Everything else since then has added more layers.

I don't understand. What exactly did Vista do to the GUI that made it so unusable, in your opinion? It's basically just XP with Aero Peek. Windows 95 didn't even have a "Show Desktop" icon/button until its first Service Pack.

 

[Dogs]

In all the MS GUI's I've used, I've come to this conclusion.

XP > 2000 > 7 > NT4 > 98 > 95 > Vista > 8 > 3.1

Say what you will, but I challenge any of you not to FLY through Windows XP or 2000 with ease. Everything else since then has added more layers.

If the XP GUI is faster for you, it means you're not using the indexed search, which means you're doing things very, very slowly. Indexed searching is probably the biggest productivity feature ever to happen in Windows.

 

[Ur_Mom]

If the XP GUI is faster for you, it means you're not using the indexed search, which means you're doing things very, very slowly. Indexed searching is probably the biggest productivity feature ever to happen in Windows.

I rarely use the search function in XP, 7 or 8. I still find myself flying through things in various UI's. I don't search for basic UI functions. Only if I need to find an app or file.

Even then, I still use dir *.xls /s to find things at times. Just because I may have lost the file somewhere on the drive, and I don't want to add the whole drive to the indexed folders. Rarely do I search, though.