Scott's Weblog The weblog of an IT pro specializing in cloud computing, virtualization, and networking, all with an open source view

Improving Windows Security

The article, titled “Five Ways to Get Vista’s Security Now,” discusses five options for getting the equivalent of Vista’s User Account Control (UAC) functionality on today’s Windows. UAC is one of the most widely touted new security features in Windows Vista because it eliminates the security hole that is created by needing to log in with an administrative-level user account (many applications won’t run properly without administrative permissions).

There’s nothing new here in terms of uncovering functionality that most security-conscious users didn’t already know about; the options included the following:

  • Logging in as a limited user (not really an option because so many things stop working);

  • Using “Run As” to run applications like the web browser and/or e-mail client as a limited user;

  • Using Process Explorer to run applications in a limited security context (does not require a separate limited user account); and

  • Using an application that automates the process of running applications with limited permissions (the article suggests DropMyRights).

These are all good options (except for the first one), but it’s option number 5 that makes me chuckle: Get a Mac.

The article has this to say about why getting a Mac and switching to Mac OS X is a good option:

If Vista’s UAC is a copy of Mac OS X’s approach, why not stare in the horse’s mouth?

Why not indeed? The introduction of Intel-based Macs and the rise of near-native speed virtualization options such as Parallels Desktop make this quite viable. In my opinion, it’s like having your cake and eating it, too.

Metadata and Navigation

Be social and share this post!