Monday, July 03, 2006

Security? Huh?

Bruce Schneier pointed to an article that talks about how Microsoft will yet again weaken security rather than fixing their OS. This time, they're making a way for ActiveX controls to be "pre-approved" so they can automatically be installed on "Standard User" machines without an admin password:
In an interview with eWEEK, Microsoft security chief Ben Fathi said the decision to add the ActiveX installer was a direct result of demands from beta testers. 'The feedback we get is that UAC is great but, in the enterprise, there is a legitimate need to install applications on Standard User systems. We had to create a way to safely preapprove applications without the need for an admin password,' Fathi explained.
What a boon to hackers and virus-writers: executable code that can be installed without the admin password prompt. And people wonder why Windows has so many viruses.


Mark said...

The ActiveX control sandbox has always allowed such abilities if the user was dumb enough to allow it. This is nothing new, nor is it something to be shocked over -- especially if you were to make yourself aware of the 9+ years of previous history ActiveX has enjoyed thanks to the spyware, virus-writing, and hacking communities.

CC said...

Yeah, I'm aware of the weak ActiveX "security" that's been there all along. But a lot of people aren't, and there's this myth that "Vista will be secure, Vista will solve all our Windows problems" that needs to be busted. The linked-to article is just evidence that Microsoft is still putting "don't reduce features" ahead of "don't make an insecure system". They could easily make ActiveX secure if they stuck it in a sandbox, but since users are used to having full access to the system via ActiveX, it would piss people off to remove that functionality. But until they take that step, ActiveX controls are going to remain a vector for attack, especially so long as they continue to make them auto-installable without admin privs.