I used to work for a (now-defunct) local computer sales and repair company and was constantly met with people who had — how can I put it nicely — royally screwed up their computer.
These people would install every web browser tool bar, every “purple gorilla who randomly cracks jokes,” and every “free” program available, then wonder why they got flooded with spam, porn, pop-ups, and why their computer was running extremely slowly.
The company offered a lifetime service guarantee, so whenever their computer got sick, they could bring it back to us and we’d fix it. For free. For life.
Sometimes these customers would get very upset that they’d have to bring their computer back every three to four months to have it cleaned, or wiped and re-imaged. A few of these customers inadvertently gave me carte-blanche to “just make sure it doesn’t happen again.” This was in the days of Windows XP, so I simply loaded up anti-virus software, anti-spyware software, and then set up all their user accounts for them — as LIMITED accounts (rather than the default, ADMINISTRATOR level account type). This meant they couldn’t install their programs, they didn’t have the necessary security permissions. Of course they’d call us, upset again, about why they couldn’t install their programs; my reply would be something like “you told me to make sure the problems don’t happen again, and the problems were caused by users installing bad programs on your computer, so the solution is to disallow these people from installing bad programs on your computer, so that’s what I did.” I did it to prove a point, people install things without knowing who they’re written by, and what they’re designed to do, just click through the install process and be done. This is a problem, and I wasn’t the only one to recognize it.
The solution is to put users in the proper security group, and limit their ability to do things that mess with the core OS.
User Account Control
According to Wikipedia, “User Account Control (UAC) is a technology and security infrastructure introduced with Microsoft‘s Windows Vista operating system. It aims to improve the security of Windows by limiting applications to standard user privileges until an administrator authorizes an increase in privilege level, in a manner very similar to that seen in Ubuntu Linux. In this way, only applications that the user trusts receive higher privileges, and malware is kept from receiving the privileges necessary to wreak havoc on the operating system.
“In other words, with UAC a user may have administrator privileges, but an application that the user runs does not unless it is approved beforehand or the user explicitly authorizes it to have higher privileges.
“UAC will usually prompt the user for additional privileges automatically, but the user can also right-click a program and click ‘Run as administrator’.”
Back to Square One
While this is a step in the right direction, it still returns us to square one, and the fact that most computer users are total idiots who don’t read what dialog boxes are asking them; they’re click-happy idiots. What’s worse? I’ve been guilty of doing the same thing from time to time.
What do we do? Let’s say a security levels are just that, numbers on a scale, and for simplicity let’s say there are 101 places on the scale, 0 – 100.
- 0 means no permissions at all, locked out
- 1 means the user is a guest with no system-level access
- 50 is the default assigned to any user, but must UAC to do anything “dangerous” and MUST read and understand the dialogs (which will be enforced by the UI)
- 100 is full administrator access (non-automated administrative actions are carried out without UAC prompting, automated/scripted administrative actions still requiring UAC)
When a user does something “smart” they get points added to their security access level; when they do things that aren’t smart (like not taking the time to read an EULA before simply accepting it, or not spending enough time to read a dialog box before clicking OK or NEXT) they get points taken away.
Dialog box content could be rendered differently depending on the security access level of the user, so a very technical explanation could be given to a user with a SAL of, say, 80, whereas a very simplistic explanation might be presented to a user with a SAL of, say, 20.