Roy Schestowitz wrote:
> Vista Irritations
>
> ,----[ Quote ]
> | According to this Slashdot article, copying, moving and deleting
> | files is slower under Vista. At least now I know why extracting a
> | compressed file under Vista is like watching paint dry/grass grow
> | (I've only tried using Winzip 11).
> |
> | [...]
> |
> | Now we name our directory and it?s done right? Not quite, because
> | after typing your directory name and pressing enter, it's time
> | for yet more prompts...
> `----
>
> http://harrisben.wordpress.com/2007/03/29/vista-irritations/
>
This is exactly what I thought would happen with Vista's feeble attempt at
user security.
"When I installed Vista the first time I headed straight to the option that
would disable User Account Control (UAC). It was/is a pain in the arse"
So users will switch it off. Even though it probably had little value
anyway, it at least would give a warning if something unexpectedly wanted
admin access.
" ... and even if I was the type of user that would need it,"
What 'type' of user doesn't need user security? Is it the sort of user that
can spot behind the scenes installation or file change activity? Perhaps he
has a sixth sense that tells him when a bit of spyware or rogue code has
just came onboard. All the years I have been around computing and I know
that I need user security, this person must be a long way above me in
capabilities if he is the sort that doesn't need it.
" .. it provides very little detail on what operation it is prompting you
for."
That is true and a reason why many like this person will turn it off.
Messages that have little meaning to the user are simply a nuisance.
" ... How could an uninformed user possibly take the information UAC
provides and make an informed decision on whether or not the operation is a
valid one?"
That is why I am a firm believer that security should not be in the hands of
the user. For a way to do that from downloads then, for MS users, we
probably have to go the way MS wanted to go. In that only properly signed
software can load at all, all others are rejected. But I do not believe
that MS should be in control of that, I believe it is the job of a third
party and may well apply to Linux too in the future for software that is
loaded by a user I mean rather than directly by a root user.
I don't see it as difficult to implement, it isn't necessary for the
software to be tested to receive the signature. All that the signature
needs to ensure is that they is a path back to the orriginators, so that if
it is bad or nasty in any way they can be dragged over the coals and the
signature can be revoked, maybe including the ability for users to revoke
the signature of software already installed, effectively disabling it.
|
|
