I remember beta testing Windows 95 when it was code-named Chicago. Back then, I was running MS DOS 6.22 and running Microsoft Windows for Workgroups 3.11. I also beta tested numerous versions of Windows 98 when it was codenamed Memphis, Windows 2000, Windows XP, which brings us to this century where I beta tested so many versions of Microsoft Windows Vista (or, Longhorn) that I can’t even recall. I watched as Microsoft scrambled to try to meet the security disaster that were plaguing Windows XP. Some of you may not recall, but Windows XP was such a disaster in terms of security that it was rare to find a computer running a default copy of Windows XP, without a ridiculous infestation of spyware of some kind.
(my favorite screenshot of a spyware infestation)
Back in the DOS days, I rarely used Windows 3.11 for hardly anything. I would use DOS to copy files, defragment my computer, browse BBSs, send e-mails, write batch scripts, just about everything. In fact, even when I switched over to using Windows more often I would still go back to DOS to do simple copy commands because it was easier for me to just write out the commands longhand. I used a hex editor to check executables for viruses because I didn’t have any antivirus software at the time. I guess my point is that Microsoft has had more than enough time to make a working security model for Windows. The fact that they missed that opportunity, decided on UAC (User Account Control), made updates in service pack 1 (SP1) for Vista, and it still prompts me every single time I uninstall a program despite the fact that I may have uninstall the program dozens of times… is absurd. Why is there no option for me to check a box labeled simply “do not prompt me again.”? The lack of such a checkbox is what drives me to completely disable UAC.
For those of you who don’t know, to disable UAC simply open up the control panel type “UAC” in the upper right search box, click “Initial Turn User Account Control On or Off” uncheck the box and press OK, then reboot.
I read numerous articles by Paul Thurrott telling me to keep UAC enabled because it’s far more secure. I agree. It is more secure for a variety of reasons that operate under the hood, but I just can’t bring myself to do it. Simply the fact that Windows Vista comes with Windows Defender in many ways makes Windows so much more secure than XP particularly when combined with powerful anti-virus such as a Avast! That it seems unnecessary to piss off end users with UAC.
Obviously, on Microsoft’s decision to have every single user treated as a default administrator in Windows XP was a catastrophe. I know that I’m writing this article a little bit late, given that Microsoft is about to release Windows 7 in short order and they intend to fix UAC dramatically. However, I felt it necessary to explain why I still refuse to enable UAC on my computers.
Initially, I was very excited about UAC. Microsoft promised again and again (SP1 articles, but you get the idea) to make UAC less intrusive and less irritating in general. At the time of launch, however, it was still prompting far too frequently. None of this morning, in any way, is going to affect the type of people who actually need to be warned of their stupidity. The above linked articles discuss SP1, but it’s essentially the same thing, Microsoft said it before launch, and they said it again before SP1… it still pisses me off.
Simply put, UAC is a nice gesture and in some ways an improvement, but I just don’t see how it can practically prevent anything more than antivirus and anti-spyware solutions already provide. That is to say, I cannot imagine anybody actually clicking cancel and preventing something from loading. I just don’t expect the average computer user to know what should and should not be running. Isn’t that how Norton has gotten away with making millions off of people not knowing anything better? Average computer users don’t know what should be allowed to run, it is the job of anti-spyware and antivirus to figure this out for the average computer user. I was happy to hear that Microsoft has announced that they intend to offer free antivirus software (codename: “Morro”) for this exact reason. Maybe this will have the added benefit of finally getting rid of Symantec once and for all. Good riddance.
I get particularly bothered when UAC prompts me for things like disk defragmenter. How on earth can the disk defragmenter possibly have any sort of adverse effect on the entire system? What sort of malicious software would ever want to launch the disk defragmenter? And, if so, and worst-case scenario the disk defragmenter were maliciously launched, then what?
(scary disk defragmenter, UAC to the rescue!)
If you can think of any time that UAC has actually helped you prevent anything bad from happening, please let me know.
Related software: TweakUAC.
As always, e-mail me with questions: 
Norton Internet Security 2009
Friday, February 6th, 2009The Symantec Corporation, makers of the decades-old Norton Security/Productivity suite, has been around a long, long time. I happened across this advertisement for Norton 2009 in Time magazine:
(click for high resolution)
What struck me about this ad, was that Symantec seems to have finally admitted that their Norton suites wreaks of bloat. By stating: “Norton Internet Security 2009 is the fastest security suite anywhere…delivering fewer, faster, shorter scans” tells me that maybe Symantec has learned from their mistakes.
I’d like to think so, in reading a review, I came across two quotes of interest:
That right there sounds like the Symantec I know. However, this sounds like promise:
The Norton box is still rather uninspiring:
(the lackluster NIS 2009 retail box, click for high resolution)
For me, my distaste for the Symantec corporation goes back a really long time. For example, Acronis TrueImage displays incredible programming ingenuity by creating full hard disk images while Microsoft Windows is actively running whereas Norton Ghost has to reboot into an oldschool DOS era screen rendering the computer unusable for the duration of the “ghosting” process. This, obviously, isn’t a big deal, but it’s just another example of how I feel that Symantec’s Norton is the Yahoo of security tools, and it would take a lot of work to convince me otherwise after so many years of fighting to get Norton off of systems just to get them fast enough to open a web browser at a reasonable speed.
See, Symantec products are very much in the same realm as Yahoo. (One could also argue this for older products like AOL, RealNetworks, etc.) They are the default security software for nearly every new PC manufactured, the majority of PC users do not know how to deal with security, and Symantec uses tactics like these to coerce people into subscribing to their software:
(“Are you sure you want to exit? Your computer is not protected until you complete the process.”)
(“You will be unprotected against the latest viruses, identity theft and other threats. Are you sure you want to skip turning on Norton Internet Security now?”)
As a result, it’s no surprise that they are still in business. Only recently are they under renewed pressure to perform as a result of the integration of Microsoft’s Windows Defender in Vista, and the soon to be Anti-Virus solutions they’ve mentioned. Enough.
I could go on about Symantec products. I’ve had to restore MBR’s (Master Boot Record) of computers that have had failures due to people using the Norton GoBack (which is now Norton Ghost 14) utility which can cause serious low-level problems to a system. Fortunately, it’s a relatively simple task for an IT professional to restore an MBR, but for the average computer user? I don’t think so.
My hope is that Symantec finally gets it figured out, not for the sake of their business, but for the masses — the uninformed users they push their software on.
Tags: bloatware, firewall, internet, security, spyware, virus
Posted in Commentary | 1 Comment »