Security Know-It-Alls Debate Windows UAC

Security pundits crave attention the same way Rod Blagojevich loves the camera. Latest case in point: Security experts are publicly complaining that User Account Control (UAC) in the Windows 7 beta can be taken over by hackers who can then gain elevated privileges. Microsoft counters that Windows 7 is perfectly safe, but it's making a couple of tweaks to make UAC safer.

I'm no expert on this debate, but I do know the new UAC is a lot less intrusive than in Vista. By default, Windows 7 only notifies you when a program is trying to make a change. Users can also set it to "never notify" or "notify always," which is the Vista default. This is a nice change indeed.

Alex to the Rescue
Twenty years, ago I first met Alex Eckelberry. At the time, I was the editor in chief of Amiga World magazine and Alex worked for Aegis Development, which sold high-end 3-D modeling and animation software. After launching Redmond magazine, I became reacquainted with Alex, who is now CEO of Sunbelt Software. Alex is a smart guy, a successful businessman -- and now an American hero.

Sunbelt is an expert in all things malware and understands that things aren't always as they seem. That was the case with substitute teacher Julie Amero.

Here's what went down, according to an article and a report from "Good Morning America." It seems that Amero checked her e-mail on a public computer at the school before class. Like so many of us have experienced, Amero was hit with bogus pop-ups and the machine was quickly infested with spyware. But Amero wasn't around to witness the destruction or the racy images that flew across the screen. Unfortunately, a couple of her students were.

After realizing that her students were enjoying the show, Amero tried to stop it. But like kids in an unruly classroom, the pop-ups popped up faster than they could be shut down. The immediate conclusion of the authorities was that Amero must have been cruising for porn, even though women are far less attracted to this form of entertainment than their male counterparts.

Days later the teacher was arrested for harming minors. The maximum time in the pokey? An astounding 40 years! The verdict? Guilty.

A similar thing happened to my son's computer when pop-ups carrying filth multiplied like bunnies. If I was a teacher, I may have been facing jail time, too.

Fortunately, experts like Eckelberry know that porn can take over a computer without our willing participation, and he decided to help. Eckelberry and other experts proved that Amero did nothing wrong and that malware was to blame for the entire episode. Now, that's a hero!

Mailbag: Six Is a Crowd for Windows 7, More
After Microsoft announced this week that it had six versions of Windows 7 planned, Doug asked readers if they felt that was too many. Most of you responded with a resounding "yes":

Six versions of Windows...again? Say it ain't so! Alas, Microsoft seems doomed to repeat past follies. Did it really sell enough of the mid-level versions of previous Windows incarnations to be worth the effort? Isn't the development and support of millions lines of code difficult enough in a target environment that already has an unfathomably large number of permutations of hardware and applications software? Why increase the magnitude of the task?

One version of Windows 7 is ideal. Two versions are plausible. Three versions is a step down the path to confusion. Six versions is folly.

I was really hoping that it was just going to stay at two versions. I started to get excited then kept reading your article to find that there would be six. I about cried. I'm so tired of trying to decipher which three to eight features are in some versions and not in other versions. Bleh!

Six versions of Windows 7? Sounds like Microsoft is making the same mistake twice. Having so many versions confuses most end users. Microsoft should have two versions at most of Windows, a Home and Business/Professional version. It could go the Apple route and just have one version with one price, but that may be a bit too simple for Microsoft to comprehend.

Six is four too many. Please tell Microsoft to get back to the Windows XP model and have TWO -- one for home and one for enterprise. Honestly, it makes us all look a bit silly when Mac has one version for everyone (yes, I understand Apple really doesn't have one for enterprise) but we have to help people decide which of the six to choose from.

I'm just asking Microsoft to use common sense: three versions of Windows 7 (i.e., Home, Business and Enterprise).

Microsoft has confused everyone with numerous versions of Vista, yet continues the madness with Windows 7. Microsoft claims that the market needs all these versions, but I maintain that a simplified lineup would be more cost-effective. At the most, three versions are needed: Basic, Home Premium, Professional. Purchasing and support would be greatly streamlined.

It is a support nightmare for Microsoft and the IT community -- and a a public relations mistake -- to have more than one version.

What was wrong with a Home version, a Professional version and -- for media freaks -- a Media version? Trying to give tech support and keep three XP versions, six Vista versions and now six Windows 7 versions clear when talking to a client that can't always successfully identify if he has Windows 98, Vista or me.

Let's start with one version that works like it was supposed to. Give me the basic Business one. I'd prefer not to deal with the Home version(s) at all. Our customers don't know the difference.

One thing I have always disliked is the plethora of versions offered by MS. I can understand Starter, but otherwise a simple Home edition and Enterprise edition would have been fine.

Beleive it or not, there are many companies out there that use varied styles of licensing and MS is driving apart the ability to manage Windows easily by making IT administrators support multiple flavors of Vista and now 7. The features in Enterprise would be welcome in Business (or Pro for 7) and I think MS should really reconsider splitting the market.

Microsoft should learn from past experiences. With Windows XP, it finally got it right. At the most, there should be three versions. One for consumers, one for businesses and then an ultimate version with all the options for gamers/PC enthusiasts/Windows geeks.

Six versions is way too many. Home, Small Business, Enterprise. Beyond that, even Windows 7 will find it hard to distinguish between the versions. Make it simple for businesses to choose (and use) Windows 7. Or is it the money for license upgrading that Microsoft is after?

For goodness sake! Customers would be willing to pay for one excellent version of the Windows 7 OS based on their level of proficiency. You may be wise to consider one version of Basic, Home Premium and Professional.

I think three versions are more than enough. When we had Window 98 and NT, two seemed to take care of the masses. Now we have gamers, so let's go with three: Home, Business and Gamers. Maybe it should be non-Internet, Internet and Ultra High-Performance with the emphasis on security. This nickel and dime stuff is silly. If people are going to complain about price, they will stay with their old computers or go to an alternative OS.

I suspect Microsoft wrote one OS and turned off features for less expensive versions so even though you bought the less expensive OS, it still takes up the same amount of space on your hard drive. If there is really only one OS, then you've got to wonder how Microsoft arrives at these price points. Small pieces of paper drawn out of a hat?

Oh, for the days when we had one OS! (Remember when there was one Amiga OS for everyone?) The general public -- and few Microsoft partners, I might add -- does not understand the need for all these versions of Windows, and all this version mess seems to complicate the licensing to the point where you have to engage a "licensing specialist" just to quote the product to your clients! It's time for Microsoft to streamline the product line.

How about only one version and using a license key to unlock the features? This would make upgrading to a higher version a snap. It would also keep service packs simple.

If Microsoft puts the Enterprise edition at a reasonable price, then I don't care how many different versions it has ahead of it, because I won't be buying those versions anyway. The difficult part is in defining "reasonable" based on the quality of the product. But I do think that too many versions just muddy the water.

One reader points out that Internet Explorer 8 isn't the only browser out there that has clickjacking protection:

I read your story about IE 8 and the feature to prevent clickjacking and I must make a correction. Yes, Firefox natively does not prevent clickjacking but it does have an add-on that does. It is called NoScript. I've been using it now for months and feel a lot safer on the Web.

The Joes share their thoughts on Microsoft's planned layoffs in the middle of an economic maelstrom:

I just read the Mailbag item from Gerry that laments Microsoft's decision to lay off 5,000 people in tough economic times and not show compassion. Do I feel compassion for the people and their families? Absolutely, and I bet the managers at MS feel really bad about it as well.

However, our country is founded on free enterprise. The fact that a person from a disadvantaged economic background can work hard, excel and achieve great things is the cornerstone of this. However, that opportunity does not mean that a company should give someone a job because the person needs it, hard times or not. Microsoft would be doing a disservice to its stockholders if it kept people on the payroll that it can effectively do without. Why? Because it would no longer be striving to be the leanest, most profitable business that it can be.


It would be interesting to see the number of H-1B visa workers MS plans to cut in their firings. It is a joke that companies such as MS can import all of this talent from foreign lands under the premise that they can't find the talent here, when in actuality it is that they can't find the talent here at a low enough price. And after the these tech companies flood the U.S. job market with folks willing to work for much lower wages, they then wonder why fewer people are entering the field. It is a self-fulfilling prophecy.

Companies using the current economy to cut head counts while registering nice profits should be ashamed. Can't decide who is worse: MS cutting 5,000 employees with a $4.1 billion profit, IBM cutting folks while registering an 11 percent increase in profits, or NFL teams cutting employees while making obscene money.

And Gil doesn't share the Indian government's optimism about a $10 laptop:

Yeah, and I want a pony. Geez, come on. What are they thinking?

More letters on Windows 7 coming next week! Meanwhile, tell us what you think. Leave a comment below or send an e-mail to [email protected].

About the Author

Doug Barney is editor in chief of Redmond magazine and the VP, editorial director of Redmond Media Group.


comments powered by Disqus

Subscribe on YouTube