Gordon Haff has an interesting take on usability over at Illuminata Perspectives called "Security Vs. Usability. An interesting topic - especially where he points out some new features in Windows Vista (User Account Control) that he says will help reduce malware, prevent rootkits, and so on. Since I did find this so interesting, I did a deep-dive on this - starting with the link Gordon provided to the overview of User Account Control and then to the developer-centric material on MSDN. After reading the nitty-gritty, I'm not sure it's all that.
The goal is to have it so that users don't have to be administrator, right? To do this, they've changed which functionality requires Administrator access - now your average Joe can set the time, create a VPN connection, and change the power settings. Seems to me like this should have been something laptop users should have been able to do since day one. So all that's probably good. However, I don't think this feature will drastically change the number of people who have admin access on their laptops. Desktops, maybe. But not laptops. The reason for why not is what I call the "Nancy Drew factor." Here's the logic:
You still need to be Admin to install software, right? So I can tell you that I need Administrator privs on my laptop since I have a legitimate business need to install software; if pressed, I can go into great detail about the specific business-appropriate situations where I might be required to install software and how a system admin won't be around to do it for me. I can go into all kinds of dire financial consequences for the firm if these things should happen. However, the truth is that I'm highly incented to come up with these justifications because I *want* the ability to be able to install software on the laptop - specifically game software like "Nancy Drew: Danger by Design" or "Disciples 2" (both of which were played on this laptop last weekend.) Look, if I'm going to be taking this laptop on the road, the least it can do for me is let me play the occassional murder mystery, role playing epic, or strategy game, right? And call me cynical, but somehow I think I'm not alone on this one. on the whole, it seems to me that as long as installing games requires administrator privlidges that employees will continue to come up with business-legitimate justifications for why they require administrator access. Or maybe it's just me...
On the plus side, they've also changed it so that processes with lower priviledge can't send messages to processes with higher privs, which could help with shatter attacks. I'm not entirely clear on how users will communicate with dialog boxes from system-level processes (like AV and spyware-scanner windows) but Microsoft says we shouldn't have been doing that anyway so I guess it's all good.
Posted by Ed at July 28, 2006 08:59 AM | TrackBack