Windows Vista. And Security

With HIPS being limited with Vista. My main question, Do you basically get the same protection on Vista. Is the operating system more secure even with limited HIPS ? Or has Microsoft limited its own OS when it comes to security.



This was purely added to make you laugh and think.

 

Since UAC is basically a HIPS anyway (just has a bad memory, lol) I do not see any need for added HIPS.

As far as security goes I have gone 21 months without any kind of infection. I couldn't say the same with the same amount of time on XP.

 

UAC is designed to protect the user and not to protect the system.
windows defender in advanced mode in a HIPS.
but quite alot of antivirus and antispyware software disable windows defender.
they should make there app compatible with it.
windows defender is part of the OS. so if a program cannot work with windows defender on vista they shouldnt release the program until it can work along side windows defender. it has signiture detection which is updated daily and it is a HIPS if you put it in advanced mode.

64bit vista has extra secuirty. such as stopping programs from changing the kernal.

 

I think of it as more of UAC protecting the system from the user

 

Windows Vista is more secure than XP, but that doesn't make it invincible.
You still need HIPS because:

1) MS Vista is basically like Cheese and has lots of holes. Vulnerabilities and exploits exist and one needs HIPS to detect suspicious behavior and prevent disaster.
2) UAC and Vista are only as good as the user. Have a inept/malicious user and all blocks will be useless.
3) User can be fooled to let down their guard, a good configured HIPS can't. It is not tempted to play games or lusted for that dialer. It blocks threats regardless.
4) Malware writers are now atleast 4-5 steps ahead of Windows. So waiting for MS to correct via a Service Pack , is too long a wait.

Ultimately there is no substitute for luck and common sense. You can have a system with Win98 and a user with luck and common sense, will still keep it threat free.

With Vista + Limited HIPS -luck = high probability of disaster.

Now add common sense to the equation and it will become almost zero probability. Now this common sense can be from a human or from a sw called full-fledged HIPS.

 

Very true, vijayind. I did not think about the people who do not understand "elevated privileges" and only think UAC as a "are you sure?" annoyance to be turned off. I will have to amend what I said that the more knowledgeable Vista users do not need extra HIPS (but that can really be said for any OS).

 

UAC needs a REMEMBER THIS action. I admit I shut it off because my vista computer is used so much I get sick of chain clicking UAC over and over again.

The problem with UAC is what UAC considers "Elevated Privileges" I change one piece of code in a program I get a nice UAC prompt. when frankly debugging it you are just chain clicking your life away. Almost coded a program to click accept for me.

 

You may be interested to know that Symantec has a program (currently in beta) called Norton UAC Tool that has a "remember" option just like a firewall or HIPS permissions pop-up. It isn't standalone though, it requires NIS 2009.

 

I've been using Vista x64 for over 2 months now and don't mind the occasional UAC prompt. So far it's been fine for me. If you are installing and messing with that many things, then it may annoy you I guess.. but any other HIPS would be even worse I would think.

I don't think you need anything more than what comes with Vista x64 now. Just a decent AV, and Defender, that's about it.

 

QFT!!

 

You do not have to shut it complete off, just run it in silent mode (TweakUAC) or search for my posts on UAC. I first qualified UAC as 90 year old retarded HIPS who gets forgetting who I am, but done some testing in practise on Vista64 andmust say it is quite good.

Also Windows Defender can be easily defeated when something is changed, but the "needs your permission to start" will come up at next boot when a startup entry is added.

All and all Vista's UAC, new architecture, default FW, Defensder's startup protection and IE7's protected mode are pretty good.


Note: Norton Tool is very interesting. I have done some tweaking with Comodo (allowing all programs to run except internals taking care of elevaton) to alert on elevation requests, it seemed to work only in some instances I blew my image big time (events when UAC would require elevation confirmation even when running in quiet mode).

 

ZA Pro has fully working HIPS in VISTA 32bit.
Or do you refer to 64bit version?

Cheers,
Fax