By Harry McCracken | Thursday, February 5, 2009 at 10:12 pm
Yesterday I wrote about the Windows 7 dust-up that involved a couple of security bloggers’ concern that malware could silently turn User Account Control off, and Microsoft’s seeming unwillingness to talk much about the issue other than to say it wasn’t really a problem. Today, Microsoft’s Jon DeVaan addressed the controversy on the Engineering Windows 7 blog. The gist of his 2100-word post: Microsoft appreciated the input, but UAC’s behavior wasn’t an issue, because malware could only fiddle with UAC settings after it had gotten on a PC, and Windows 7 is really good at warding off malware. And to change UAC’s default behavior to alert users when UAC settings changed would be inconsistent with the approach which Microsoft’s testing had shown that real people liked.
I make no claim to being a security expert (or even the intended audience for DeVaan’s post, which was aimed at developers). But like the rest of Microsoft’s response to this mini-firestorm to date, it was profoundly unsatisfying. No matter how strong Windows 7’s anti-malware protections are, some bad stuff is going to get on some PCs. Why not make it tough for it to perform one task which would unlock the ability for it to do further damage? Screwy but possibly appropriate metaphor: It’s like an apartment manager telling tenants that a presence of a burly doorman in the lobby meant that anyone found in the building changing the lock on a particular conso must be doing so with the owner’s permission.
That post went up at midnight. At 3pm, another one appeared–cosigned by DeVaan and Windows 7 honcho Steve Sinofsky. With reasonably good humor, it ate crow and said that Microsoft will change Windows 7’s behavior:
With this feedback and a lot more we are going to deliver two changes to the Release Candidate that we’ll all see. First, the UAC control panel will run in a high integrity process, which requires elevation. That was already in the works before this discussion and doing this prevents all the mechanics around SendKeys and the like from working. Second, changing the level of the UAC will also prompt for confirmation.
It’s startling that it took Microsoft so many false starts before they got this right: Even if Microsoft was right on some theoretical, technical level, the issue had snowballed into an argument the company simply couldn’t win, period. Nerds will be nerds, and nerds are often stubbon, prickly, and prone to falling victim to the hobgoblin of little minds. But good for Microsoft for (eventually) engaging in healthy, bloggy debate, and being willing to concede its mistakes and move on. Knowing when you’ve screwed up and being unafraid to admit it in public is very 2009.
More at Dwight Silverman’s TechBlog, Mary-Jo Foley’s All About Microsoft, and I Started Something by Long Zheng (one of the guys who raised the issue in the first place).
[…] Even if Microsoft did resist at first, it definitely deserves props for listening to users and making the changes in the end, even if on one level (absolute consistency) it was kind of right. [Engineering Windows 7 via Technologizer] […]
[…] Even if Microsoft did resist at first, it definitely deserves props for listening to users and making the changes in the end, even if on one level (absolute consistency) it was kind of right. [Engineering Windows 7 via Technologizer] […]
[…] Even if Microsoft did resist at first, it definitely deserves props for listening to users and making the changes in the end, even if on one level (absolute consistency) it was kind of right. [Engineering Windows 7 via Technologizer] […]
[…] Microsoft Bows to Critics, Will Change Windows 7 UAC Yesterday I wrote about the Windows 7 dust-up that involved a couple of security bloggers’ concern that malware […] […]
[…] [Link] Share and Enjoy: […]
February 6th, 2009 at 5:01 am
The whole UAC debate is very lame. Malware does not simply show up on the computer like magic. It is caused by users going to sites they have no business being on. Whether you’re talking pirated software, free porn or whatever. The vast majority of users will never have a problem with UAC in its current form. While I appreciate Microsoft addressing the issue, I hope they don’t shoot themselves in the foot by trying to take care of a small minority of users.
February 6th, 2009 at 5:38 am
@gmac: ummm… Malware on Windows affects more than a “small minority” of users, it’s a constant plague.
February 6th, 2009 at 5:44 am
@gmac: Don’t forget about legitimate web sites or web site hosting providers with poor security or who get victimized by a zero-day attack. Don’t forget about DNS spoofing. Don’t forget about companies with weak internal security: A coworker can get a virus and spread it easily throughout the LAN. Don’t forget about spoofed email from mom. Don’t forget about that USB stick you took to the public library.
February 6th, 2009 at 6:11 am
It’s kind of lame that tech journalists have been on Microsoft’s case the last 2 years about UAC and it notifying them of too many changes and now that MS has changed the behavior to what tech journalists wanted now they are complaining about it not warning them.
Now will people start complaining because they get an extra dialog box to confirm a UAC change? Will it cause them to turn it off and then become a real security threat? Only time will tell on this. I just think that tech journalists made a mountain out of a mole hill on this one. Way overhyped.