Saturday, 14 January 2012

Do you have too much Authority?

When Windows Vista was launch, I was amazed at the amount of people that were asking the question "How do I disable to UAC ?" (User Account Control). What was this mysterious new development on Windows and WHY had Microsoft included it?

Interestingly, it's own own personal habits that made Microsoft bring in the UAC.  The annoying little window that keeps popping up every time you try and install some software, asking if you're REALLY sure that it's OK to do so.

So lets look into what it's really there for and why it was introduced, and it might be time to ask ourselves if we have all given ourselves too much power.

When you first install Windows, or purchase a pre-installed copy, one of the first questions we are asked is the name of the Administrator.  Being rather smug, we put our own name in and a password and feel rather proud as we subsequently add other members names, dedicating our partner's account to have the rather odd looking frog icon.  After which, we sign into our Administrators account and from that point forward we start installing the software we want.

Now while that's rather handy, we've already caused ourselves a problem.  Have you ever noticed software installed on your system that you swear you didn't install yourself?  Have you ever experienced your Web Browser starting at a different home page, and regardless how many times you try and change it, it keeps coming back?

Viruses and Trojan software exploits the fact that you've signed in as Administrator, and with your "access all areas" account, it merrily will install software without you knowing anything about it.

My father experienced this issue, when he received "a call on behalf of Microsoft" in which the caller told him he needed to turn on his computer because he was experiencing problems and they would be able to remotely access his machine and fix it for him.  Yeah, that's right. out of the billions of computers with Microsoft software, they took the time to call my 80+ year old father to fix it for him. How sweet.

It wasn't Microsoft (of course) and after charging him for the service, he also found his computer was doing rather odd things after.  Namely Trojans and software designed for them to log in again whenever they wanted.

So, I changed the way his system worked.  We set up a new user account and restricted it to USER only.  If he wanted to install or remove software, he would have to type in the administrators password. EACH TIME.  Annoying? Yes. Safer? DEFINITELY. Has he had problems since? NO.  Will a Virus install itself without his intervention? UNLIKELY.

It's time to switch back on the UAC.  The annoying pop up window that was put in place because Microsoft realised everybody was running their machines in Administrator level.

It's time to reduce the amount of automatic access we have on our own machines and start being more aware about what's happening behind the scenes.  And gradually the control of the computer will return back to us.

No comments:

Post a Comment