News
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
A key security feature of Windows Vista, User Account Control (UAC) is still nearly unusable, Symantec has said.
At a press presentation last week, Symantec vice president of engineering Rowan Trollope said Symantec's customers had found the feature so "chatty", that it was a burden on users, potentially creating new help-desk calls.
He said that personally he had found the feature so distracting he had finally turned it off -- not a good sign for companies intending to use UAC to protect systems.
UAC allows administrators to create user accounts that have limited privileges, correcting what security experts perceive as a major weakness in previous versions of Windows. Previously, all Windows users were administrators, something nearly unheard of in the Linux/Unix world.
The change is designed to limit the damage malicious attacks can cause, and to put a damper on attacks that take over large numbers of systems. But it can only be effective if UAC is enabled on a large proportion of Windows systems.
The feature attracted criticism during the beta-testing process, from respected analysts among others, and Microsoft said it fine-tuned UAC.
Symantec does have a vested interest here -- the company plans to sell products that smooth out UAC's alleged faults -- but the company's findings could be evidence of spell additional headaches for system administrators considering Vista.
Symantec's idea is somewhat different; Trollope said the company is proposing to add an extra layer of "intelligence" on top of UAC which would make it easier to use. Such a plan will involve Microsoft's cooperation, Symantec acknowledged, but Microsoft security executives said the company was not yet aware of what Symantec has in mind.
Following Symantec's comments, Microsoft stood by its work. "If the user decides they do not want to run UAC and they would rather run a third-party solution that provides similar functionality, they do have the choice to disable it," Microsoft said in a statement.
Over recent months Microsoft has been moving toward bringing many basic security features under its own roof, providing its own firewall, antivirus and anti-spyware software, for example.
Symantec said users shouldn't get the idea that Vista no longer needs third-party security products -- which, it admitted, would be a disaster for Symantec's own business.
So far, however, industry analysts have largely agreed with Symantec, saying Microsoft has yet to prove itself as a security provider, particularly at the enterprise level.
Computerworld Member Login
Realise Your VMware Vision: Storage Consolidation and Virtualization for Small to Medium Businesses
10:30 - 11am (EST, Sydney, Australia)
Wednesday, 4th June 2008
Screening live at your PC
Join Computerworld and our expert speakers:
- Jean-Marc Annonier, Research Manager, IT Spending, IDC
- Howard Porter, SMB Channels Manager, VMware
- Clive Gold, Product Marketing Manager Australia/New Zealand, EMC Corporation
to learn about the various virtualization technologies available today and what factors are driving it in small to medium businesses. Discover use cases and technologies that allow successful virtualization and storage consolidation for a more flexible IT infrastructure.
- +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future. - +
Data Management Edition #9: Data centre makeover 24/04/2008 07:43:06
This week CW Live looks at the death of the old style data centre which is undergoing its first makeover in more than 30 years. - +
IT Security Edition #9: Inside the bug trade. 16/04/2008 09:08:12
This week guidelines are released for the mandatory reporting of security breaches and we go inside the black market bug trade.
TechnologyOne wins new federal government, local council and commercial contracts for software and services 2008-05-12 16:05:00+10
North East Water to deploy Gentrack Velocity upgrade 2008-05-12 09:54:00+10
Kroll Ontrack Launches Hardware Erasure Solution 2008-05-09 08:42:00+10
Mitel Releases New Cordless Technologies for IP Phones 2008-05-08 18:11:00+10
Citect earns recertification under the prestigious Service Capability and Performance (SCP) Standards 2008-05-08 14:07:00+10
Extending Business Solutions across the Organisation
It is difficult for companies to overcome business challenges when employees are not connected to their business management solution. Discover Microsoft Dynamics Client for Microsoft® Office and SharePoint® Server and connect Microsoft Dynamics more closely with personal productivity solutions and much more.
