eh, it's a beta, so can't fault MS on this one. :)

But, question: since that was the first thing I disabled when I got a vista account on my wife's laptop, and I EVERYONE I've talked to in person who's used vista disabled that, isn't the malware kinda moot? I mean, it took some searching to turn it off, couldn't this be a feature????

>>Those are the same people that invested in Madoff's hedge fund.

That's pretty funny!

I heard there's a new video game out: Grand Theft Madoff

:O)

go directly to jail, do not pass go, do collect $80 billion.

eh, it's a beta, so can't fault MS on this one.
===================
Reading the description of the security breach it sounds like amateur night at the circus. So yeah, I can fault Microsoft on this one.

John

Meh; anyone with sufficient malware protection has nothing to worry about. What kind of goof runs only UAC with no supplemental security suite?

Personally, I disable UAC from the start anyhow and then run something competent alongside it, such as Trend or AVG, because that way the system's less bogged-down from UAC's filtering antics. I don't even install the firewalls included in the security suites, in fact, because Vista/7's Advanced Firewall is more than sufficient and also better integrated into the OS.

But what do I know; I'm just a tech of 15 years? :-)

Steve

I use Trend Micro also, this is good to have to avoid viruses etc. that Trend has been made aware of and that they have developed solutions for.

Since virus detection is in this case based on pattern recognition, all the malware developer has to do to avoid discovery is to slightly change the code for each instance sent out. That gives him from days to weeks until antivirus companies send out updated virus definitions, and at that time there will be another slight code change to completely eliminate detection in the field until it's too late.

AV is no substitute for other security practices such as not visiting web sites that aren't known to be OK, and not opening goofy e-mails (and having proper settings in your e-mail software).

The risk is clearly elevated if any malware writer can get total admin access to your machine, because then you can be totally pwned without knowing it.

Many people think NAT provides complete protection against remote access, but alas this was not to be either.

Security is as much a user education effort as a tool effort, frankly even more so.

But what do I know; I'm just a computer tech of 38 years? :-)

Actually I find that more experience isn't always helpful, it depends on how open people's minds are, and on how well they are able to recognize classical attacks in new forms.

The problem of pwning computers goes back to the mainframe era. We had an IBM 360/65 at our school, and students unknown hacked the OS so that the console wouldn't show what they did on the system.
How did the perps get in, and how were they able to access the password-protected source code files? Through password guessing, just like the Twitter administrator hack a few weeks ago.

And then it was found that, as suspected, the administrator-supplied passwords were generated algorithmically from the account number with a single prime number multiplication, so 15 minutes after fresh passwords were provided at the beginning of each term, our computer society's RCA Spectra 70 4-bit mainframe could spit out the password for any account.

The mainframe administrators caught on after a while, because of the increase in CPU use. They hooked up monitors to trace the terminal traffic to a wiring closet on the first floor in another building, with a red-and-white cable going up a conduit to the wiring closet on the floor above. They traced the red-and-white cable to... a dean's office, a dean with a carefully locked office, and provable ignorance of computers.

Perhaps surprisingly, they never figured out that just because a red-and-white cable goes up a conduit and a red-and-white cable comes out of the other end of the conduit on the floor above, that's not proof that the two are connected :O).

(Halfway up the conduit, the red-and-white cable from below was spliced to a green-and-blue cable above, and vice versa.)

Soon after that, I was hired to design and build a hardware access control box for the computer center, and that was never cracked.

Reading the description of the security breach it sounds like amateur night at the circus. So yeah, I can fault Microsoft on this one.

I would normally agree, but it's a beta. It's not a release, people (should) get betas to catch stuff like this.

IMHO, it's comparable to client tearing us apart for showing a rough cut video to a client.

Hey, I'm not saying security software is the end-all be-all of protection. But if you know what you're doing, coupling that with a competent security suite is perfectly effective. I haven't once been infected by a virus in all of my computing over the past decade or so, so I think that says a lot.

Also, you have to take into account heuristics and behavioral scanning, which are actually massively effective. It's pretty rock-solid protection as long as you keep it updated and use your head. I do a lot of beta testing for security companies and my number one task in tech support is disinfection, for which I have not yet to date had to perform a reformatting of a drive. It's quite simply my specialty, so I'm no pushover myself. :-)

All told, however, UAC, to me, for anyone who's even remotely competent with their computing, just seems excessive.

Steve

Reading the description of the security breach it sounds like amateur night at the circus. So yeah, I can fault Microsoft on this one.
------------------------------
I would normally agree, but it's a beta. It's not a release, people (should) get betas to catch stuff like this.
-----------------------------
Apparently the TG Daily article you cited agrees with my assessment as well. They opened the article with:

An almost "unbelievable" flaw in Windows 7 beta......................

Beta or not.

John

I know it agrees, it's being overblown.

Except for those using the Beta for production work...

I also can't even remember when I last had a virus or anything else on any of the machines that I use exclusively.

But non-technical staff, how do they get their machines so incredibly messed up?

I'm glad to not have had to do a bare metal reinstall ever, but I've heard from other highly skilled IT;ers who were
not so lucky, even with all tools and long experience.

Except for those using the Beta for production work...

But it's a windows BETA and most of our stuff has issues working in non-beta vista! :D

I'm glad to not have had to do a bare metal reinstall ever, but I've heard from other highly skilled IT;ers who were not so lucky, even with all tools and long experience.

honestly, only thing that's ever made me do a complete format & resinstall is MS updates really really really really breaking something. That's it: i've been just deleting my windows folder/copying all my stuff to a new drive that had a fresh install since um.... 2003 or 4 I think.

"But it's a windows BETA "

I quite agree. I'm not sure what the big stink is about. Betas are designed to seek out issues

People who take the leap of faith and use a Beta "live" deserve what they get and get what they deserve.

I would think the words "free" and "Beta" in the same sentence concerning an OS from MS would be like trying to catch a pissed off skunk with your bare hands! ;-) You're going to suffer, one way or the other. '-)

I hate to jump in with more subjective deviance, but WIndows 7 is actually about as stable as Vista/XP already. It's actually fantastic, even in beta form.

Anyone with any breadth of technical knowledge would likely find it liberating, in fact! :-)

Steve

Apologizing for Microsoft seems to be contagious.

The UAC was highly criticized by reviewers and users alike in Windows Vista as being too intrusive and annoying to have to keep clicking away at the nagging.
Look:

That combined with administrator credentials being required to install things prompted Microsoft to give full control over the nags in Windows Beta 7. It seems like an amateurish way to go about it because now anyone at all can defeat it with some simple Visual Basic scripts. Then almost any trojan or other malware can be launched when you reboot. No password required or anything.

After this many years of combating security flaws Microsoft should know better than to follow up their failed Vista OS with something so amateurish and stupid even in a Beta. What's the argument here? That possibly losing all your personal information is the risk you take if you choose to test a retarded Beta OS created by a company that either cares less about your security or is now hiring 5 year olds to save money?

Someone even wrote a simple VB Script and posted it that demonstrates how simple it is to turn off UAC remotely and make the same point I did.

John

MS sure does love to leave open doors (or Windows?...) for viruses with new "features" don't they? I'm thinking back to the entirely new class of viruses they spawned with the Macro feature of Word. Surely this "feature" is really only used by a small niche of folks & hardly worth all the trouble it caused.

Security is definitely a mindset, though. Kills me how my father, who religiously secures his house/has a safe & doesn't trust anything from any branch/level of the government, will click on every link & piece of trash file sent to him without a thought! Geez, Dad ...

Kills me how my father, who religiously secures his house/has a safe & doesn't trust anything from any branch/level of the government, will click on every link & piece of trash file sent to him without a thought! Geez, Dad ...

I had the same problem with my father, until we were able to persuade him to get a Mac. That solved the problem 100% for him.

He died not long ago, missing out on the Mac experience in Windows 7.

W7's dock at the bottom of the screen is now even more totally Mac-like than Vista's dock, thanks to bigger dock icons.

And MS even thought to imitate Apple's commercials, the sincerest form of flattery.

There are some signs that there is a revolution brewing under the surface at MS. Let's hope this leads to a new user-centric thinking, I'd hate to see any company have a monopoly on that.

had the same problem with my father, until we were able to persuade him to get a Mac. That solved the problem 100% for him.

He died not long ago, missing out on the Mac experience in Windows 7.
===============
Really sorry to hear that Bjorn. I know how painful that is.

Regards,

John

I actually can't stand the "dock" at the bottom of the W7 screen. It just seems so cluttered and disorganized. It's the first thing I changed, in fact--but I still left some of its features intact. Now I have it set up to behave more like the traditional Windows Vista/XP taskbar, but with stationed icons here and there as well. The windows don't group quite as quickly under my setup (I really hate when they do that after you open just two windows for instance) and word descriptions are shown beside the icons. I also shrunk the entire thing down to the single-line height of Vista.

That's probably, in my opinion, the single worst change MS has made with W7. I like their borrowing of other Apple concepts, such as the increased flexibility of desktop gadgets and the overall simplification of the interface, but the OSX-like docking taskbar I just don't get.

Steve