Comment by Dalewyn

Comment by Dalewyn 10 months ago

15 replies

View on Hacker News

>Windows still let you root a machine by 1 line in powershell? What the @$$%&%&#$?

You say it's a problem, I say it is a virtue.

We can "root" Windows because we are root, specifically a user in the Administrators group because the first user account configured by Windows Setup is always an administrator account.

This is a virtue. We can do whatever we want with the computer we own and use. This is freedom par excellence that literally every other operating system family today wishes they could do without getting shouted down.

In an era of increasingly locked down operating systems that prevent us from truly owning our computers, administering them, Windows just lets us do that. I hope to god this never changes.

AdieuToLogic 10 months ago

>>Windows still let you root a machine by 1 line in powershell? What the @$$%&%&#$?

> We can do whatever we want with the computer we own and use.

There is a difference between what an owner of a computer can and should be able to do, verses what an arbitrary actor can do to a computer they do not own through subterfuge. It is the responsibility of an Operating System to facilitate the former and guard against the latter.

MS Windows has a poor history of being able to do either.

Reply View 10 replies
  • Dalewyn 10 months ago

    Remember the old saying: With great power comes great responsibility.

    Windows just lets us do anything and everything, and it's up to us how we want to secure it if at all.

    Every other operating system family tries to realize security by straight up locking the user, the administrator, out of his own computer. They still get compromised, by the way.

    Windows has absolutely succeeded and continues to succeed in enabling the user, including security if he so desires. This is the reason Windows became the dominant desktop OS. The others? Nope on both counts. The Linux world in particular always screams about user freedom, yet ironically it's Windows and its community that actually makes that freedom a reality.

    Once more: I hope to god this never changes.

    Reply View 9 replies
    • nativeit 10 months ago

      This is a wild take. Would you mind expanding a bit on the oppressive, locked down ecosystem that’s choking the free expression of Linux users?

      Reply View 6 replies
      • Dalewyn 10 months ago

        For starters it's security theater, given everyone and their dog prefixes sudo to all commands without much thinking. There are also some who just smash in sudo -i as the first thing they ever do upon boot (guilty as charged) because they suffer RSI from typing sudo a trillion times.

        There's also this impression that the operating system is just secure and you as the user are just protected like it's a law of physics. Spoiler alert, you are not and it's not a law of physics either. It's still your responsibility to secure the computer if you so desire and otherwise not do dumb shit like copypasta'ing commands from the internet.

        I'm not even going to get into the politics that are package managers and repos, that's just straight bullshit that has more to do with human nature than computer science.

        Speaking of politics, most of the FOSS community at large hates users using and administrators administering computers how they want. You must subscribe to the One Libre Way(tm) or you are a heathen doing it wrong. So much for freedom. The Windows community meanwhile is mostly composed of jaded engineers who are just happy to see others get stuff done and get through another day in one piece.

        Windows from the start places the user at the controls with mostly no child safety locks in place (and you can remove what is there easily, eg: UAC), and with that power you have to accept that if you end up hosing the system the problem is you because Windows doesn't even pretend to really protect you.

        Having the sheer power to hose Windows with a single Powershell line is what freedom is. Freedom is both delightful and horrifying.

        Reply View 5 replies
    • [removed] 10 months ago
      [deleted]
      Reply View 0 replies
    • [removed] 10 months ago
      [deleted]
      Reply View 0 replies
darby_nine 10 months ago

> This is a virtue. We can do whatever we want with the computer we own and use.

You certainly don't need to do it with a single line of powershell though. At least, not without intentionally opting into it. For the most part on a daily basis I just want to use my computer, not modify it.

Anyway, at the very least most functionality should be sandboxed so that if someone does something without your consent, it can't do much damage. Though this wasn't the original intention, leveraging user privileges and sandboxing applications by user is an effective way to do this.

Besides what kind of moron would choose proprietary software if they wanted control of their machine? It's inherently a contradictory impulse.

Reply View 3 replies
  • lyu07282 10 months ago

    > At least, not without intentionally opting into it.

    just to clarify in Windows, users with administrative privileges will in theory still ask the user to opt-in every time before any process is elevated to administrative rights. Its just that Windows security is so awful that people have found many different creative ways around it over the years, but those are (sometimes) getting patched by Microsoft so they are considered "bugs".

    For example a process stores its executable path in memory writable by itself, so you could start a process that replaces its executable string to "C:\Windows\explorer.exe" and it would (for whatever reason) bypass the "ask for administrative rights" dialog popup. This is the sort of "security" that Windows is built around to its very core.

    https://github.com/hfiref0x/UACME

    > "This tool shows ONLY popular UAC bypass method used by malware, and re-implement some of them in a different way improving original concepts. *There are different, not yet known to the general public, methods. Be aware of this;*"

    (also i think you are responding to a troll btw)

    Reply View 2 replies
    • Dalewyn 10 months ago

      >(also i think you are responding to a troll btw)

      You would be wrong.

      Reply View 1 reply
      • lyu07282 10 months ago

        thats exactly what a troll would say though :p

        Reply View 0 replies