Hacker News new | past | comments | ask | show | jobs | submit login

How does Windows get it right? Windows has User Account Control for UI apps, which is a “security” feature that they refuse to fix bypasses in.



Which UAC bypasses have they refused to fix?


He's probably referring to [1], but he's wrong about UAC (note the sentence "UAC is not a security feature" on that post—the fact that he himself had to put quotes around "security" is itself telling), and moreover, I never claimed anything about UAC in the first place. He's ignoring my point and changing the topic, so I'm not inclined to reply.

[1] https://devblogs.microsoft.com/oldnewthing/20160816-00/?p=94...


I don't know why this reply is so hostile, but I was curious what part of Windows you were referring to if not UAC, because I don't know of anything else.

There is an almost comical list of bypasses in built-in AutoElevate programs that Microsoft does not triage as security bugs because as you note they don't call UAC a security feature. I think this is a rather silly deflection that users are unlikely to understand, for good reason.


I wasn't referring to a "part" at all. What I said Windows gets right was a very fundamental architectural design: the decision to not grant privileges to a process based on the file it's executing (the callee), but rather based on the caller's execution context.

Note, in particular, that there was nothing in my comment that depended on the existence of UAC. Had I written my comment before UAC even existed (say, in the XP era), it would've been exactly the same.

Yet somehow you managed to change the subject of discussion to a very specific feature UAC, a feature that was only introduced around the Vista era and which I had not even mentioned in my comment once. Then you bashed it based on a premise that you already knew was incorrect and therefore had to put in quotes, and then continued as if the point I had been making in my comment all along was to somehow endorse the use of this controversial feature I never mentioned for a purpose that it itself had not been intended. This is not a faithful representation of what I wrote.


I have no idea what he is referring to but being able to "Run as Administrator" as any user is sketchy.


I’m pretty sure only administrators can Run as Administrator?


Unless "user that was created with admin rights which were later taken away" counts as admin, then no. I always set up a separate admin account and hardly ever have to log into it to do admin stuff.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: