Recently a friend was complaining to me about the “screen flickering” that occurs whenever a User Account Control (UAC) prompt comes up in Vista and he wanted to know how to turn it off—not UAC, just the dimming and flickering effects. He said he already looked in the display settings and didn’t see anything there.

That, along with all the other complaints I have heard, made me realize that Microsoft spent so much time touting UAC and other security features to sell Vista, they neglected to sell the security features themselves. Because sometimes they really are annoying—but necessary.

With UAC there’s a lot more going on than just a flicker and a prompt. The reason you see the screen flicker is because it is actually switching to a secure desktop mode, similar to that used when you first log in to your computer. This prevents other programs from interacting with the user during the UAC prompt. Furthermore, Windows dims everything but the UAC prompt to prevent other applications from tricking the user into doing something they shouldn’t. Even if you already are an administrator, the UAC prompt appears, hopefully so that nothing happens on your system without you knowing about it. Yes it gets annoying but so is putting on a seatbelt. And it’s certainly less annoying than a system full of spyware.

But Vista security is more than just UAC. A lot of people have told me they are waiting on moving to Vista, even though they acknowledge “some security benefit” from doing so. But there’s really more than just “some security benefit.” Vista security improvements include services hardening features, BitLocker, Mandatory Integrity Control, Code Integrity protection, Crypto NextGen, IE7 Protected Mode, Kernel Patch Protection, Secure Startup, Boot Integrity, Address Space Randomization, PE header exception address embedding, XOR obfuscation of address pointers, better segregation of memory, improved DEP, user privilege interface isolation (UIPI), Windows Resource Protection, improved firewall, system services session isolation, Session 0 Isolation, NX support, User-Mode Driver Framework, Output Content Protection, better NTFS permissions, access token changes, etc.

As you can see, there is a lot more going on than a UAC prompt. Vista security was pretty well thought out and addresses many issues.

Of course, Vista security won’t solve everything and yes we’re still going to find holes. But if you were to study the security problems Windows has had in the last few years and were to suggest a fix, you’d end up with something a lot like Vista.

Related posts

• No related posts.