Vista 5472 - Great Improvement

[Robbie]

Vista build 5472 is a great improvement over 5384.
We tried an upgrade (just out of curiosity, I know you should always do
a clean install). It ran for about 2.5 hours and hung at the last step
of the install. There were many long delays during the upgrade during
which nothing appeared to be happening.
A subsequent clean install ran without problems. It is, however, a
painfully slow process. The progress bars aren't much help. They
frequently just sit in one place for an extended period of time. It
would be nice to have an optional verbose mode so that one would have
some real indication as to the progress of an install.
In contrast to build 5384, 5472 recognizes the Dell Power Edge 1800's
dual processor and did permit normal installation of the SIIG 4 channel
SATA controller.
It selects a default Radeon video driver which has limited screen
resolution capability. (The proper driver hasn't been installed as yet).
A number of the user interfaces have been improved and Vista is
generally running well.
We have taken the usual steps of disabling all of the annoying security
"features", sign on as the real administrator rather than as a user with
administrative privileges, and use Firefox and Thunderbird in place of
Internet Explorer.
I have to say that 5384 was very stable. We had no BSOD or major program
hangs. We have had no stability problems with 5472 and, with the
improvements in the user interfaces, Vista is now a pleasure to use.
Robbie

 

[Guest]

We have taken the usual steps of disabling all of the annoying security
"features", sign on as the real administrator rather than as a user with
administrative privileges

It's a stupid thing disable UAC. UAC allows you to operate as a standard
user with the least privileges, similar to Linux and Mac OS X operating
systems (such as it's a stupid idea using the root in linux and in mac).
UAC protects you when you start potentially dangerous activities and that
modify your system and *primarily* UAC protects you when external agents
start dangerous activities; for example if a virus or a trojan or a program
*without your interaction* start a dangerous command or modify important
settings then UAC will block it and you'll see the authorization request (how
many virus and trojans problems caused the administrator in windows XP ?).
UAC Manages also the file and the registry virtualization when using a
standard account and so it allows bad designed programs to work (how many
times you find a program in windows xp doesn't work as a limited account?).
And remember that the first user account is an administrator protected by
UAC, so it's highly recommended to create another true standard account.
Who disables the UAC didn't understand nothing about Windows Vista.

 

[Robbie]

Hi Bill,

I couldn't disagree more. Vista's "security" is nothing like that of
UNIX/Linux where, with the correct password, you can elevate a user to a
super user (su).
The real security risk in our circumstance is connection to the
Internet. This risk is best minimized through use of a good hardware
firewall, the disabling of externally initiated connections, and the
disabling of browser ActiveX, Java script, cookies and other similar
functions. We also try to disable any "call home" functionality.
Microsoft has a dismal record of providing secure software systems. I
give then credit for trying to improve the situation with Vista, but
there is little evidence that the current features do much other than to
harass the system users.
It is possible to like Vista, which I do, and to dislike the security
options.
Robbie

 

[Guest]

Vista's "security" is nothing like that of
UNIX/Linux where, with the correct password, you can elevate a user to a
super user (su).

Privilege elevations is controlled by UAC. When you're an administrator you
have to click "continue" in order to elevate, if you're a standard user you
have a password request.

 

[Kerry Brown]

Although you are right in one sense, security in Vista is different from
UNIX/Linux, you are wrong in your understanding of UNIX/Linux security. You
don't elevate a user to a super user. You run a task with elevated
privileges by using su. If you run Vista as a standard user a reasonably
close equivalent to su is run as administrator. There are big differences in
the way processes are handled but in the end they work much the same from a
user perspective. If you run Visa as an administrator then the security is
much different than running Linux as root. Vista is more secure from user
error because of UAC. It may be that Vista is also more secure from rogue or
malicious processes but this remains to be seen. As for Internet security if
you run IE7 as a standard user it would be very hard for malware to do
anything beyond the user profile. Of course there may be undiscovered bugs
that allow rogue processes to gain elevated privileges but this occurs in
all OS's. If Vista is any better or worse than other OS's concerning bugs
and exploits we won't know until it's been around for a while.

 

[Guest]

Indeed, have you noticed that SFC /scannow finally works now in Build 5472?

 

[jonah]

Hi Bill,

I couldn't disagree more. Vista's "security" is nothing like that of
UNIX/Linux where, with the correct password, you can elevate a user to a
super user (su).
The real security risk in our circumstance is connection to the
Internet. This risk is best minimized through use of a good hardware
firewall, the disabling of externally initiated connections, and the
disabling of browser ActiveX, Java script, cookies and other similar
functions. We also try to disable any "call home" functionality.
Microsoft has a dismal record of providing secure software systems. I
give then credit for trying to improve the situation with Vista, but
there is little evidence that the current features do much other than to
harass the system users.
It is possible to like Vista, which I do, and to dislike the security
options.
Robbie

Well yeah sort of but su in Linux is pretty much the same as UAC
elavation of priviledges in Vista (except Linux works better). If you
want full control of a Linux box to do some major tweaking you sign in
as "root" and use the full root account. Vista does not have this
option out of the box only the half assed admin account which is not
an admin account, you have to force a true admin account on startup as
you rightly pointed out.

This is whats wrong with the UAC thing, good in principle but badly
implemented and no easy or obvious way to gain full control. I can run
for days on SuSE and never need root access but UAC seems to pop up
everywhere I go, like you I got rid of it and all the rest of the
security bullcrap, I can look after my own PC thanks. UAC is great for
the inexperienced but a pain in the bum for the rest of us.

Browsers etc I am with you there, using a proper commercial hardware
firewall and good AV along with Firefox / Opera and Thunderbird are
the way to go for me also. I have not used IE for a long time and I am
not about to start using a beta version of IE any time soon either.

Jonah