The Windows Vista Security Model

From Hugme.org

Contents 1 Pop-up windows 2 Your own army base 3 What are these popup windows really for? 4 So what do you suggest? 5 The damage they've done

Rant on Windows Vista Security Model

I just bought a new laptop and it doesn't run with anything EXCEPT Windows Vista. While I'm not happy about this it's another rant all together. I would like to talk about the security model defined by Microsoft in Windows Vista. What it actually is and does and it's problems.

Pop-up windows

Whenever you try to do anything in Windows Vista a pop-up Window appears from the security system asking if you really want to do what your about to do, warning of all these potential security risks. For a lot of people this makes them feel safe, and they think the system is doing it's job. This however is far from the truth. I've already written in length on how to disable each of these different type of popup window and how to uninstall OneCare the latest in security ideas by microsoft. Here are some of the examples of the Windows you might see:

• "Are you sure you want to run this file"
• "There are multiple security problems with your computer"
• "This program needs your permission to continue"
• "This program needs your permission to use the internet"

Your own army base

Lets say your an army base commander. You hire a security company to secure your base so that you can do important base commander type things. Lets call this security company Mike-Row-Sock with the acronym MRS. This security company posts a guard at your gate whose name is Poppy Upright, she is the one who is going to be securing your base. Poppy will call you every time someone comes to the gate. Lets see what happens.

Poppy calls and says "Someone with dark hair and brown eyes is at they gate. They could be a security risk, should I let them in?"

"A security risk?" you ask? "No, don't let them in"

Poppy calls and says "Someone with blonde hair and brown eyes is at the gate. They could be a security risk, should I let them in?"

"Another one? No, don't let them in."

Poppy calls and says "Someone with red hair and green eyes is at the gate. They could be a security risk, should I let them in?"

"That's three in one day. No, don't let them in."

You sit back and think "Wow, this security stuff is great!" The have kept three people out of my base and it's only been ten minutes. Suddenly you realize that none of your troops have arrived, and neither has the tank repair crew. Then you get a call from an angry wife screaming that some Poppy lady didn't let her in. You are soon to realize that Poppy considers everything that happens a security risk and your base won't function (along with you having to have a long discussion when you get home) without you letting people in.

Poppy calls and says "Someone with dark hair and brown eyes is at the gate. They could be a security risk, should I let them in"

"That must be the troops you say, let them in"

As it turns out it was Boris Badenoff. You have just lost Moose and Squirrel. Notice that Poppy gave you exactly the same "They could be a security risk" message no matter who was at the gate. There is really no way you can distinguish if the person at the gate really is who they seem from Poppy's message.

Now however you are really upset. See, you loved Moose and Squirrel making their disappearance very disconcerting. You are so upset in fact that you file a lawsuit against MRS. The response from MRS to this is simple: "but you told us to let them in, it's not our fault"

What are these popup windows really for?

I hope you caught that Poppy Upright is your popup windows. These pop-up Windows do nothing at all to secure your computer. There isn't anything in the file or software they check. There's no hash checking to make sure what you downloaded is the same as what received. Notice also that the information in the popup window is very limited. Just a very few things listed. There isn't any way for you to gather enough information though it to make an informed decision about whether or not you should or shouldn't doing this. Even if there was enough information there, for example an md5 check, 99% of the users who saw it wouldn't really know what it meant or what to do with it.

So what is the purpose of these Windows? Notice the last paragraph in the story. The windows are there to protect Microsoft. If users try's to blame them for lack of protection they can just fall back on "Well we asked you and you told us to."

So what do you suggest?

If you don't feel secure without the pop-up windows then by all means leave them on. The best security comes from you, the user. Know what your downloading and running; download only from sites you trust. If the site offers a checksum, use it. Any software you are unsure about, do some basic checks. Is it the correct name? Is it the correct size? Do you know who you received it from? Run a virus scan on the file, there are lots of websites who will do this for free. Make sure you stay up-to-date on patches.

If you really want to be secure then create two users, take all the rights to install or do anything away from one of the users. Make it a habit to log in as the controlled user. If you can't do anything on your machine, other things like viruses won't be able to either. This method is what I use and works better than any firewall or virus protection you will ever use.

The damage they've done

Microsoft has the wrecked the model of security by convincing people that good security is parallel to it's annoyance level. When the opposite is actually true. Security when implemented correctly should be as seamless as possible to the average person using it. It should allow privileges to those who deserve it without harassing them, and deny privileges to those with mal intent. Adding annoyances to a system are a way of covering up a lack of knowledge on how security really works.