App Review Playing with UAC

[simmerskool]

You can throw ChromeOS flex in Vmware.

Spoiler: Flex

ChromeOS Flex: Our Cloud-Based Operating System - ChromeOS

Upgrade to ChromeOS Flex, our cloud-based, easy-to-manage, and secure operating system that's compatible with both PCs and Macs.

chromeos.google

There are ChromeOS desktops called Chromebox, a couple examples:

Spoiler: Asus

ASUS Chromebox 5｜Mini PCs｜ASUS USA

With full support for Android apps from Google Play, ASUS Chromebox series gives you the ability to run your favorite mobile apps with the power of a mini PC.

www.asus.com

Spoiler: Acer

Acer Chromebox Enterprise CXI5 | Chromebox for Business | Acer United States

Acer Chromebox Enterprise CXI5 comes with the business capabilities of ChromeOS already unlocked, letting you streamline your business and optimize your space.

www.acer.com

Thanks, I'll read more deeply about ChromeOS flex, I vaguely recall something about it from too remote past that I forget. The Asus ChromeOS mini looks nice, but see prices vary lots depending on CPU, etc, so more to do... but looks like maybe a good option for me...

 

[vtqhtr413]

A lot of people do not know this, but my disappointment in Microsoft’s implementation of UAC was a huge reason VoodooShield was created in the first place.

I remember it well, UAC on steroids, you've taken that idea and created something to be very proud of and rich from, I hope.

Thanks, I'll read more deeply about ChromeOS flex, I vaguely recall something about it from too remote past that I forget.

The Flex version of ChromeOS is a different animal, a striped down version to lighten the load of older hardware, I tried it on a 7yr old LT and it was just fine, but it honestly didn't feel any faster than Win 10, it did install in 6 min and boots slightly faster than windows.

Technology - Google: Can't run Windows 11 on your PC? Make it a Chromebook

Microsoft will stop supporting Windows 10 in October 2025, leaving the millions of PCs that can't run Windows 11 with an outdated and insecure operating system. Google wants people to try something different: install ChromeOS and turn the PC into a Chromebook. Google has offered Chrome OS Flex...

malwaretips.com

 

[wat0114]

Apparently before UAC was included with the release of Windows Vista, Micrososft never claimed it was a security feature, but rather a convenience feature, and their well known software engineer Mark Russinovich explains this in a lengthy UAC article back in the day:

As we've stated since before the launch of Windows Vista, the primary purpose of elevation is not security, though, it's convenience: if users had to switch accounts to perform administrative operations, either by logging into or Fast User Switching to an administrative account, most users would switch once and not switch back.

User Account Control: Inside Windows 7 User Account Control

learn.microsoft.com

That's not to say they couldn't have made it a robust security feature, just that it apparently was not designed to be a security feature in the first place.

 

[Jonny Quest]

Apparently before UAC was included with the release of Windows Vista, Micrososft never claimed it was a security feature, but rather a convenience feature, and their well known software engineer Mark Russinovich explains this in a lengthy UAC article back in the day:

As we've stated since before the launch of Windows Vista, the primary purpose of elevation is not security, though, it's convenience: if users had to switch accounts to perform administrative operations, either by logging into or Fast User Switching to an administrative account, most users would switch once and not switch back.

User Account Control: Inside Windows 7 User Account Control

learn.microsoft.com

That's not to say they couldn't have made it a robust security feature, just that it apparently was not designed to be a security feature in the first place.


Nice link, excellent read, and just to add to your quote:

Elevations and Malware Security

The primary goal of UAC is to enable more users to run with standard user rights. However, one of UAC's technologies looks and smells like a security feature: the consent prompt. Many people believed that the fact that software has to ask the user to grant it administrative rights means that they can prevent malware from gaining administrative rights. Besides the visual implication that a prompt is a gateway to administrative rights for just the operation it describes, the switch to a different desktop for the elevation dialog and the use of the Windows Integrity Mechanism, including User Interface Privilege Isolation (UIPI), seem to reinforce that belief.

As we've stated since before the launch of Windows Vista, the primary purpose of elevation is not security, though, it's convenience: if users had to switch accounts to perform administrative operations, either by logging into or Fast User Switching to an administrative account, most users would switch once and not switch back. There would be no progress changing the environment that application developers design for. So what are the secure desktop and Windows Integrity Mechanism for?

Apologies @wat0114 but when I quoted your post, one of the quotes didn't come through and my repair job only made things worse.

 

[wat0114]

The main issue with UAC is that it requires the end-user to make a binary decision on the spot, and even worse, the UAC affirmative user prompt provides little or no file insight or user recommendation to the end-user so they can make an informed decision. The end result is that the end-user almost always simply clicks "Yes".

In reality, however, the majority of those on the spot decisions don't have to be agonized over, because mostly they are made to elevate common Windows functions, tools or features of already installed and trusted 3rd-party programs that require elevation to access them. Although I haven't used Windows much in recent months, here is a list of Windows tasks, tools and 3rd-party installed Program features I have recently elevated with UAC prompts on Windows 11:

Windows Defender Firewall
Task Scheduler
Disk Cleanup
Command prompt
Group Policy
Bitlocker
Local Security Policy
Computer Management

OSArmor
Andy Ful's WHHL and Configure Defender
Hardware Monitor App

Every UAC prompt for the above is obviously an automatic, no-brainer "Yes" after credentials are entered, because they are known and trusted and I know for certain they require elevation either because I choose to do so or I know beforehand the program requires it. I think most people realize this. Unless Microsoft beefs UAC up with some features to enhance security, it's probably best to not count on it to protect in some or many cases, although as Andy points out a few posts above "How to use the stone tool" it can sometimes be useful to some when something unexpected occurs and hopefully a UAC bypass is not in the works when it happens.

 

[danb]

In reality, however, the majority of those on the spot decisions don't have to be agonized over, because mostly they are made to elevate common Windows functions, tools or features of already installed and trusted 3rd-party programs that require elevation to access them. Although I haven't used Windows much in recent months, here is a list of Windows tasks, tools and 3rd-party installed Program features I have recently elevated with UAC prompts on Windows 11:

Windows Defender Firewall
Task Scheduler
Disk Cleanup
Command prompt
Group Policy
Bitlocker
Local Security Policy
Computer Management

OSArmor
Andy Ful's WHHL and Configure Defender
Hardware Monitor App

Every UAC prompt for the above is obviously an automatic, no-brainer "Yes" after credentials are entered, because they are known and trusted and I know for certain they require elevation either because I choose to do so or I know beforehand the program requires it. I think most people realize this. Unless Microsoft beefs UAC up with some features to enhance security, it's probably best to not count on it to protect in some or many cases, although as Andy points out a few posts above "How to use the stone tool" it can sometimes be useful to some when something unexpected occurs and hopefully a UAC bypass is not in the works when it happens.

In my opinion, the issue is not whether the decisions have to be agonized over or not, the issue is that the user is forced to make a decision.

But you also bring up another major issue with UAC, which is that for all of the events you listed (along with every other UAC event), you are prompted over and over and over again for the exact same event.

Both of these issues only increases the chance the end-user will automatically click “Yes” when it really matters.

 

[Practical Response]

In my opinion, the issue is not whether the decisions have to be agonized over or not, the issue is that the user is forced to make a decision.

But you also bring up another major issue with UAC, which is that for all of the events you listed (along with every other UAC event), you are prompted over and over and over again for the exact same event.

Both of these issues only increases the chance the end-user will automatically click “Yes” when it really matters.

The whole UAC is flawed from top to bottom. Average users have no idea why an application would need permission to write to this file system or that, even if you spell it out for them in a prompt it's all "Greek" to them.

Initiation is the closest to understanding most user will have of this, such as "did I execute a file that caused this prompt" if so it must be safe so an "always click yes" will follow. If they did not or it's a warning that jolts them from their task at hand a no may be followed but understanding will still not take place.

Even if simplified and a warning system were in place upon execution that executing this application will mean making changes to the file system do you agree or not, will not matter, all that matters to the end user at that point is installing an app they may want to use.

No amount of information pushed forward will help average users, they don't understand or don't care to understand, they just want to use their computer.

 

[danb]

The whole UAC is flawed from top to bottom. Average users have no idea why an application would need permission to write to this file system or that, even if you spell it out for them in a prompt it's all "Greek" to them.

Initiation is the closest to understanding most user will have of this, such as "did I execute a file that caused this prompt" if so it must be safe so an "always click yes" will follow. If they did not or it's a warning that jolts them from their task at hand a no may be followed but understanding will still not take place.

Even if simplified and a warning system were in place upon execution that executing this application will mean making changes to the file system do you agree or not, will not matter, all that matters to the end user at that point is installing an app they may want to use.

No amount of information pushed forward will help average users, they don't understand or don't care to understand, they just want to use their computer.

Absolutely… the whole UAC is flawed from top to bottom.

Keep in mind, I have worked directly with end-users for 25 years, and I can promise you that a red prompt that does not require an affirmative response, displays UNSAFE, with a graph that displays UNSAFE, with a specific recommended button, with a detailed user recommendation, and a final question (if they click Allow) to ask them if they realized that if they click Yes, their computer might become infected, is extremely effective in ensuring the computer is not infected.

In fact, I log in to a computers all the time that I have not touched for 3-5 years, and not only is it not infected, but there are pretty much no extra apps installed on the system… it is clean as a whistle. This happens ALL the time.

Average users and complete novices are much more capable than some people imagine. They just have to be provided the right tools.

 

[Practical Response]

Absolutely… the whole UAC is flawed from top to bottom.

Keep in mind, I have worked directly with end-users for 25 years, and I can promise you that a red prompt that does not require an affirmative response, displays UNSAFE, with a graph that displays UNSAFE, with a specific recommended button, with a detailed user recommendation, and a final question (if they click Allow) to ask them if they realized that if they click Yes, their computer might become infected, is extremely effective in ensuring the computer is not infected.

In fact, I log in to a computers all the time that I have not touched for 3-5 years, and not only is it not infected, but there are pretty much no extra apps installed on the system… it is clean as a whistle. This happens ALL the time.

Average users and complete novices are much more capable than some people imagine. They just have to be provided the right tools.

The real problem is the operating system and design such as UAC. Average users/ novice users have no idea this website exists, let alone any software is available that could replace UAC and be helpful in any way. I like many was an average user at one time, and remember that I had no idea many things existed, nor did I care to learn at first, I just wanted to use the computer for what I intended too.

This said, users should not have to buy security software to do the job of the operating system they already paid for. The awareness of this flaw should lie in the hands of the original software and be fixed, its not like a great amount of time has gone by and they have not seen its ineffectiveness. Its time for Microsoft to step up an change things.

 

[danb]

The real problem is the operating system and design such as UAC. Average users/ novice users have no idea this website exists, let alone any software is available that could replace UAC and be helpful in any way. I like many was an average user at one time, and remember that I had no idea many things existed, nor did I care to learn at first, I just wanted to use the computer for what I intended too.

This said, users should not have to buy security software to do the job of the operating system they already paid for. The awareness of this flaw should lie in the hands of the original software and be fixed, its not like a great amount of time has gone by and they have not seen its ineffectiveness. Its time for Microsoft to step up an change things.

I totally agree! This is not a hard problem to solve, especially since most of the hard work has been completed the last decade or so by several different security vendors, who each have unique tech that can contribute to solving this problem. Until this is done, malware will only continue to thrive.

 

[wat0114]

This said, users should not have to buy security software to do the job of the operating system they already paid for. The awareness of this flaw should lie in the hands of the original software and be fixed, its not like a great amount of time has gone by and they have not seen its ineffectiveness. Its time for Microsoft to step up an change things.

The Windows OS code is far too complex for black hats not to be able to poke holes in it almost at will. Security software is required, especially for those who don't know how to secure it with native built-in OS features.

Edit

btw, UAC is only a very small piece of the Windows security puzzle. Mostly it's a convenient way to elevate tasks, OS tools and program functions - especially when expected - when required. No more, no less. Unfortunately some Microsoft-endorsed articles have screwed up touting it as security when really it isn't providing much of that at all. So now people are up in arms as to why it isn't better than it should be.

 

[Practical Response]

The Windows OS code is far too complex for black hats not to be able to poke holes in it almost at will. Security software is required, especially for those who don't know how to secure it with native built-in OS features.

Edit

btw, UAC is only a very small piece of the Windows security puzzle. Mostly it's a convenient way to elevate tasks, OS tools and program functions - especially when expected - when required. No more, no less.

Ever notice how almost all 3rd party suites are presented with minimal protection enabled with advanced settings for tightening, because it's geared towards protection/usability for average users out of the box, the very same way windows is designed?

 

[wat0114]

Ever notice how almost all 3rd party suites are presented with minimal protection enabled with advanced settings for tightening, because it's geared towards protection/usability for average users out of the box, the very same way windows is designed?

What else can these vendors do? They have to strike a delicate balance between reasonable, default security out-of-the box for those who don't have the initiative to learn or care about advanced features so that they aren't griping about why something doesn't work as expected or is broken because additional security is enforced by default, thereby ensuring common Windows and program functionality is preserved while providing some security above that of which the basic Windows OS provides.

 

[Practical Response]

What else can these vendors do? They have to strike a delicate balance between reasonable, default security out-of-the box for those who don't have the initiative to learn or care about advanced features so that they aren't griping about why something doesn't work as expected or is broken because additional security is enforced by default, thereby ensuring common Windows and program functionality is preserved while providing some security above that of which the basic Windows OS provides.

Oh I understand completely, it's my point I'm trying to make. Introducing 3rd party software that is no different by default then how windows is set up does two things mostly. It introduces a wider attack avenue with new bugs to exploit, and generally provides a false sense of security at default settings. It's not really a fix.

Hence why I stated above Microsoft needs to step up their game, patching, plugging holes, tightening security while maintaining usability. It's not like they are not aware after this amount of time and problems.

 

[wat0114]

Hence why I stated above Microsoft needs to step up their game, patching, plugging holes, tightening security while maintaining usability. It's not like they are not aware after this amount of time and problems.

Maybe some assumed hand-shake agreement or collusion with these security vendors, especially the big players, that we don't even know about. At the end of the day I think profits control and influence how MS develops their OS, rather than a genuine concern for the security of their end users, especially home users of their OS products.