New Norton Vista tool trades UAC for online feedback

The latest freeware tool from Norton Labs offers to do Vista users a favor by turning off many of those annoying User Access Control prompts. If you're wondering what Symantec wants in return...so were we.

Though User Access Control may have struck a measurable blow against malicious programs' ability to gain elevated rights in Windows Vista, it has actually become one of users' least liked features because of how annoying it can become. For everything that could possibly have a negative impact on the system if it's done unintentionally, UAC can suspend Vista's normal operation momentarily, while it asks the user to Continue the operation that's about to be performed, even if it's the user himself who requested it.

Running with limited or diminished privileges is something the typical, non-malicious Windows user has had difficulty growing accustomed to. Now, a new freeware tool from the experimental security arm of Symantec called Norton Labs can give this prompt a feature similar to what you might see on a software firewall like ZoneAlarm: a way to say, for individual applications that often require administrator privileges, "Yes, I permit it, but don't ask me this again."

In short, the Norton tool does not turn off or replace UAC (you can actually turn it off yourself from the System Registry if you're so inclined). Rather, it leaves the system turned on but refrains from asking you for permission to elevate privilege for programs that appear on the tool's ongoing whitelist. It replaces the usual UAC panel with one that is certainly "Vista-ish," but which looks different from the one Microsoft supplies. It lets you know it's from Norton Labs. And it gives you the prominent option, "Don't ask me again," beside a check box, which you can check before you click on Allow.

In BetaNews tests, we had some difficulty installing this on our 32-bit Vista virtual machine (the tool does not work on 64-bit Vista, which uses a very different secure kernel). We soon discovered the reason: In Local Security Policy, there's an option to turn up the heat whenever the UAC panel comes on, so that it asks the user to supply the administrator password rather than just click on Continue. We had that option turned on; and you may be thinking toward our general direction, "You're crazy!" Yes, but we've been experimenting with some different security options in Vista, and in my own personal opinion, I'm no more bothered with entering a password than I am with clicking on a button.

Once we tweaked the Registry so that policy was set to the default for Vista (just showing the Continue and Cancel buttons, we got the Norton UAC tool to work. During the installation process, the first thing we saw was a rather austere dialog box, which offered the sole option, "Yes, Enable Submission on UAC prompts," without any explanation.

Submission? Yes, the answer to the question, "What does Symantec get out of this?" is that everything you enter onto your whitelist gets shared over the Internet with a Norton Labs database. We assume this information isn't transmitted in the clear, though we don't know that for sure.

There's no warning ahead of time, so this opportunity to opt out may be meaningless for most users. But if you have the foresight to have checked Norton Labs' Web site beforehand, you'll come across an FAQ page which reads the following: "Each time you see a prompt, the Norton Labs UAC Replacement sends meta information about what caused the prompt, and why, to our server. This data will be used, in aggregate, to help Norton Labs build a white list that can be shipped with the UAC replacement and LiveUpdated [sic] as needed."

So the whole premise of Norton Labs' UAC tool essentially boils down to the following: Are you willing to introduce two security risks into your system in order to avoid being annoyed by something that's, on the larger scale of things, less annoying than the current financial crisis or the remake of Knight Rider? Because if you think about it, the whole point of UAC is that it enables a system stop whenever something that can potentially change the system's status, can occur. It's designed to be a roadblock, especially for the programs that administrators use frequently (REGEDIT comes to mind); why remove the roadblock for those frequently used tools and leave it in place for the less used or unused ones?

Then comes security policy quandary #2: Do you really want to tell Symantec -- or anyone else on the other side of the Internet from you, for that matter -- what programs you run every day? To me, information security is about removing the likelihood of accidental or unwarranted disclosure. How can anyone be certain that a malicious user, perhaps in tribute to Kirk Douglas' immortal role, doesn't rise to the occasion in a spoofing attempt to say, "I am Symantec!"

In other words, with which are you more comfortable: being possibly insecure or being definitely annoyed?