The random utterances of David Arno

Vista UAC isn’t just annoying and stupid; it’s insecure too!

One of the more annoying features of Vista is User Access/ Account Control (UAC). In theory, it’s a great idea: make the user aware of changes to the system to prevent malware taking hold. In practice it’s hideous. Even if your user account has local machine administrator rights, you still get the prompts and must select “Run as Administrator” (despite being so already) when you want want to do things like change the desktop font size (I kid you not!)

Vista needs your permission

As a consequence of being so annoying and difficult to work with, I – like many Vista users – just turn it off in frustration. This leaves us open to the charge of being irresponsible, due to making our machines insecure. A little utility – iReboot – looks set to rebuff that charge by showing that bypassing UAC is a very easy and so any protection it claims to offer is likely just smoke and mirrors. The makers of iReboot state that

…Windows Vista’s newly-implemented security limitations are artificial at best, easy to code around, and only there to give the impression of security. Any program that UAC blocks from starting up “for good security reasons” can be coded to work around these limitations with (relative) ease. The “architectural redesign” of Vista’s security framework isn’t so much a rebuilt system as much as it is a makeover, intended to give the false impression of a more secure OS…

They split their application in half. One half runs as a service (with full admin privileges), the other as a GUI with normal user privileges. The GUI talks to the service – bypassing UAC – and does what it wants with full, unrestricted access to the machine. And the whole lot installs and runs at start-up without a single UAC prompt (just the same request for an admin password as XP had). Nice one Microsoft!

Read the full details of how NeoSmart bypassed UCA to get their iRebbot product working with Vista.

Share This Post...
2 comments so far, click here to read them or add another

2 Comments so far

  1. online payday advance May 5th, 2009 21:18

    I hate it when computer programs are extremely ostinant. we use these programs to help make our life easier, not hARDER

  2. mw November 9th, 2010 22:50

    Bingo… another fabulous MSoft fail …