If you disabled UAC

[ANova]

You implicitly trust every application you run on your PC to be bug free? Wow, what kind of fantasy world do you live in?

The chances of an application being vulnerable to a flaw that allows a system wide hijack is slim and a hacker knowing you have that program and specifically attacking you is even slimmer. Of course, alot of that has to do with using a little common sense like I've said. Installing a program you downloaded from a questionable site with lots of popups is bound to get you in trouble. The fact is most junk enters through the browser or emails, have a secure browser, a correctly configured system and a firewall and your chances of getting something plummet. I mean, all the proof I need to believe it works is what I have experienced, which are exactly no problems.

The point of this argument was to make known Vista's lack of power user friendliness and now it's obvious why, Microsoft obviously thinks it knows best and everyone else doesn't know anything. So as far as I'm concerned you can believe, whatever it is you want to believe.

[Brandon Live Veteran]

The chances of an application being vulnerable to a flaw that allows a system wide hijack is slim and a hacker knowing you have that program and specifically attacking you is even slimmer.

If you're running as a non-admin or with UAC? Yeah I'd agree, it's reasonably unlikely that a combined remote code execution vulnerability and an EoP vulnerability would be discovered and exploited simultaneously with any kind of widespread success. However, an application running with admin privileges that falls victim to a remote code exploit isn't exactly a new thing... It's happened several times in the past on very large scales, and happens all the time on smaller ones. Fortunately with Vista, most users won't be running with admin privileges, so the chances of remotely injected code harming / hijacking the system are much less likely.

Of course, alot of that has to do with using a little common sense like I've said. Installing a program you downloaded from a questionable site with lots of popups is bound to get you in trouble. The fact is most junk enters through the browser or emails, have a secure browser, a correctly configured system and a firewall and your chances of getting something plummet. I mean, all the proof I need to believe it works is what I have experienced, which are exactly no problems.

There's no such thing as a "secure browser." The browser is also not the only attack vector, not even close. There have been plenty of attacks against AIM and other internet-facing applications besides browsers, and there will only be more in the future. Protected Mode IE is huge, but it might just shift attackers' attention to other common programs like AIM or Messenger.

I've never had a single security problem either, but I've achieved that (and an extremely high level of confidence) because I understand security and have always taken a defense-in-depth approach and never relying on one measure of security to be infallible (like a hardware firewall, there have been way too many exploits in those to consider them your only line of defense).

The point of this argument was to make known Vista's lack of power user friendliness and now it's obvious why, Microsoft obviously thinks it knows best and everyone else doesn't know anything. So as far as I'm concerned you can believe, whatever it is you want to believe.

I don't even have a clue what you're talking about. Running applications with only the system privileges that they need is smart. That's a fact. You can smash your head in the sand and whine about change, but the fact is that in the modern computing world you cannot implicity trust all software to be both benign and unexploitable. It's just not realistic.

[Brandon Live Veteran]

1. Absurd? You referred to bugs in software. A little help from MS would help software developers would it not?

What does that mean? Like a charity service where we go around fixing other people's code for free? I really don't understand what you're getting at... We do help software developers a ton with technology like DEP, UAC, tools like FxCop, hardened libraries and safe versions of standard data access and manipulation routines. But those latter measures won't help developers that are using their own routines or using cross-platform libraries like GAIM. Everything they're running is their own code. It's not Microsoft's job to police the world's software developers.

2. 5 years, yes. Was it ready to be released? No.

By what measure? Vista was absolutely 100% ready to be released. More than ready. It's the highest quality release of Windows ever. Sure you could keep developing any piece of software forever, and never release it, and then no one would benefit from all the work and advances you've done over years or decades. That's like saying Toyota shouldn't release be releasing hybrid cars because they know in 5 years they'll be able to make them even better.

3. We're talking Windows not Linux. Comparing apples to oranges. (no pun)

We're talking about OSes. Why is it okay for every other OS (like Linux, OS X) to be working on updates and service packs within months of a new release - but it's not okay for Windows?

Are you saying that you could write a better OS than all the other ones on the market? That you have some magical development system that no one else has access to? Why don't you go do the world a favor and write it then?

I wasn't talking about the ENTIRE source.

Umm, you do realize that all relevant parts of the OS are available or so well documented that they might as well be, right? Heck you can even download debug symbols for it.

The only benefits to releasing the rest of the Windows source would be to hackers, people that want the OS for free, or to people trying to clone it. None of those is of interest to Microsoft or the average user.

[RaisinCain]

^ I don't think hackers have a problem with Windows- either with or without the source. ;)

Microsoft shoved Vista out the door just to please the vast majority of vendors. It was not ready. Do some research oround the internet and read the various articles by noteworthy people saying that it isn't ready.

[xsliver]

You are a piece of work Raisin. Go back to your small network and ignore reality.

So typical of a crappy college IT head.

[RaisinCain]

^ Oh & what do you do jerk***? This conversation doesn't include your stupid ass so but out.

BTW, the things that I have mentioned disabling in this thread ar on MY PERSONAL PC AT HOME!!!

We have strict rules her at the school.

And I follow them to a T. My whole point is that I have ran my personal PC the way I have for years & I have NEVER gotten infected or exploited. Next time read the whole thread genius.

[rtk]

Only according to your obviously limited and close minded viewpoint.

At least two others that claim to be in IT and agree with me have posted in this thread as well. Of course I'm sure anybody that agrees with me is automatically not considered an expert by your standard.

I'm the closed minded one? That's rich...

Anyone that thinks running as admin/root is a good idea is not an expert, you're right there. That's just obvious.

[rtk]

^ I don't think hackers have a problem with Windows- either with or without the source. ;)

Doesn't help that people like yourself enjoy handing them the keys.

Microsoft shoved Vista out the door just to please the vast majority of vendors. It was not ready.

Have you even installed Vista? I'm starting to doubt your intentions...

Do some research oround the internet and read the various articles by noteworthy people saying that it isn't ready.

Who, like Forbes? You might as well suggest I get my news from Fox.

^ Oh & what do you do jerk***? This conversation doesn't include your stupid ass so but out.

If you want to hold private discussions, there's a PM function. This is a forum, everyone's welcome, even you.

I do not disable ANYTHING on the computers at my place of employment. I am talking about my personal PC.... We have strict rules her at the school.... And I follow them to a T.

Well, it's good to know you have a steering committee guiding your actions at work. I'd suggest avoiding discussing your knowledge of security if you want to be promoted.

[Chad]

Wow. Just.....wow