Infosys Microsoft Alliance and Solutions blog

« WPF - Assigning Icon to Image control | Main | LINQ and its linkage to new features in .NET Framework 3.5 – Part I,,, »

Vista Security - Paranoid, but Indispensable

One argument why some consider Linux to be more secure than Windows is that – hacking attempts on Linux are far lesser than Windows. Well, you are only true, until you are proved otherwise. And there is nothing in this world as “Completely Secure”. Everything is only secure until it is broken.

So I was just playing around with the February release of the DSL Toolkit on my Vista machine, and was getting more excited as I created my first little meta model. My excitement was short-lived when I realized my solution wouldn’t even build. And it gave me some strange messages.

"gacutil.exe" exited with code 1.
The specified task executable could not be run. The requested operation requires elevation

Apparently, the build process is doing some bad things, and Vista doesn’t like it. And that’s when the word “Elevation” rang a bell. After fiddling with the Local Security Policy trying to elevate my privileges, it finally got on to me and I decided to disable UAC altogether. It worked!

That brings me to an interesting question. Do we need so much security? After all, isn’t Vista just a client machine? I mean, the OS comes with so many security features, but to accomplish many of our basic stuff (even something as measly as building a solution) we have to disable security. And we effectively end up working with a lesser-secure OS. Big deal, huh?

Having said that, I guess it’s the case of a classic developer psychology (yeah, a developer always likes to think he can outsmart his admin). Cracking through the machines and coding away to glory on a daily basis, it becomes rather annoying if that little window pops up every now and then asking you if you are really sure you know what you are doing (of course I do, dummy!).  I’d rather get rid of it.

But in a large organization with thousands of users accessing daily services, it’s an enormous ask on the administrators to keep a tab on every possible action the user does that could result in any vulnerability. And this is probably the foremost idea behind security being beefed up as much as it has been, in Vista.

It’s a nuisance that developers have to live with. At least for sake of those poor administrators, who spend a lifetime scanning with their eagle eyes across thousands of machines across the globe. Security is one thing you can never take a chance with.

But as they say, a Lock is for gentlemen. If you wanna steal, you’d rather break in.

Posted by Kishore Gopalan on April 19, 2007 06:29 AM |

TrackBack

TrackBack URL for this entry:
http://www.infosysblogs.com/microsoft-mt/mt-tb.fcgi/89

Comments

Client OS security isn't something new. In past on Windows, we have had the concept of administrators and stardard users. However it was easy to become an administrator on local machine and do what ever you like. With Vista, this isn't as simple as it used to be earlier and hence all this debate on security and paranoia. Check this for some more details on Vista Security - http://zone.ni.com/devzone/cda/tut/p/id/5538

There is also this Channel 9 video that explains the what, how and why of UAC - http://channel9.msdn.com/showpost.aspx?postid=288259

Posted by: Atul Gupta | April 19, 2007 11:58 AM

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)