Tuesday, April 25, 2006

Windows Vista


Boing Boing: VIsta's endless parade of warnings won't create security




I have heard a lot about Windows new Vista OS.  Most of what I hear makes me excited that Microsoft has finally changed the way that they produce operating systems.  Vista is designed to be modular following the Linux and MacOSX lead.  This is very exciting, in fact, when Microsoft declared that WinFS wouldn't ship but will be downloadable as an upgrade, you can thank modular design.

However, the biggest problem I have with Windows Vista is the constant barage of warning dialog boxes that will only train users to ignore dialog boxes and always accept the 'Yes' button.  I was hoping that Microsoft would use the 'sudo' type command that Linux and MacOSX use under their graphical frontends.




I've tried to explain to a fellow Windows Admin how 'sudo' is better than 'runas' but there is some type of disconnect until someone actually uses the tool.  RunAs allows a user to change thier security context and elevate their permissions.  The problem with RunAs is that you will need 2 accounts in order to run as a normal user and administer your machine.




Under sudo, when you attempt to change something that needs root/ admin permission, then you elevate your permissions for that instance of the application.  MacOSX does this even better than Linux by making it seemless.  Under Linux, you have to know what applications need root permission and then run that command with a prefix of 'sudo'.  Then you will be asked for your user password (no account change) then sudo will open the application as the administrator because your account was listed as an administrative account.  MacOSX does this even better by somehow integrating the failure based on permission to the password window.  It is possible that MacOSX just has every icon that needs admin priviledges linked to the sudo application but regardless, you get a smoother operation.


technorati tags: , , , ,