Microsoft Plans Smartphone-Style Permission Prompts for Windows 11 Apps (bleepingcomputer.com) 69
Microsoft is planning to bring smartphone-style app permission prompts to Windows 11, requiring apps to get explicit user consent before they can access sensitive resources like the file system, camera and microphone. The company's Windows Platform engineer Logan Iyer said the move was prompted by applications increasingly overriding user settings, installing unwanted software, and modifying core Windows experiences without permission.
A separate initiative called Windows Baseline Security Mode will enforce runtime integrity safeguards by default, allowing only properly signed apps, services, and drivers to run. Both changes will roll out in phases as part of Microsoft's Secure Future Initiative, which the company launched in November 2023 after a federal review board called its security culture "inadequate."
A separate initiative called Windows Baseline Security Mode will enforce runtime integrity safeguards by default, allowing only properly signed apps, services, and drivers to run. Both changes will roll out in phases as part of Microsoft's Secure Future Initiative, which the company launched in November 2023 after a federal review board called its security culture "inadequate."
Pot, Meet Kettle (Score:5, Insightful)
The company's Windows Platform engineer Logan Iyer said the move was prompted by applications increasingly overriding user settings, installing unwanted software, and modifying core Windows experiences without permission.
Excuese me, but aren't these behaviors already baked right into Windows 11?
Re:Pot, Meet Kettle (Score:4, Insightful)
The company's Windows Platform engineer Logan Iyer said the move was prompted by applications increasingly overriding user settings, installing unwanted software, and modifying core Windows experiences without permission.
Excuese me, but aren't these behaviors already baked right into Windows 11?
Oh, they won't be warning users about the settings Windows updates change. The 'core Windows experiences' thing there is basically them whining that sometimes other software gives the users the chance to change default egregious Windows behavior for a more user-friendly setting. I'm guessing anything where an app currently changes Windows defaults, you'll get the choice in the app, then after changing the setting there, it'll pop-up an annoy nag screen to warn you you are breaking security, destroying your computer's integrity, and probably enabling the beating of puppies and kittens somewhere by switching a Windows setting from what Microsoft wants you to use. Seems to fit the MO of current day Microsoft.
This is after they started discussing trying to give people what they actually want, instead of forcing things on them, so I expect it to be even more outrageous than what they've done in the past.
Re: (Score:2)
Re: (Score:2)
But keep in mind that there will be conflicts. Making what you want easier might make what a lot of other people want a lot harder or might make the computer far more vulnerable. Maybe there's a good reason to be warned about the possible consequences of changing a setting. Maybe you want to be notified if something is changing the default file associations for http and html. Maybe you aren'
Re: (Score:2)
Okay, that raises an interesting question - What do people "actually want" from their OS? Not what they don't.
But keep in mind that there will be conflicts. Making what you want easier might make what a lot of other people want a lot harder or might make the computer far more vulnerable. Maybe there's a good reason to be warned about the possible consequences of changing a setting. Maybe you want to be notified if something is changing the default file associations for http and html. Maybe you aren't concerned about that for yourself, but you know your mom has a bad habit of installing whatever a website tells her to.
They need to make warnings like that universal if they implement them correctly. Not selective based on whether or not the OS sponsor happens to be the one changing the settings.
This isn't exactly straightforward, and I haven't even gotten to what I think people might want from an OS. The only universal there I can think of is "for it to work and run the things I want to run." And I have no idea what an engineering team is supposed to do with just that.
Most people want an OS to just *BE* an OS. Boot up, allow launching of applications, provide some minimal interface for launch / close / minimize / maximize and otherwise stay the hell out of the way. I would think that should be fairly universal, though some would argue the UI and the OS don't necessarily have to be intimately tied
Re: (Score:2)
What you describe might as well be Windows 3.0. It wasn't enough though. People started needing computers that talked to each other, and didn't want to buy something extra for it. So, they needed to handle credentials, without buying something extra. They needed more security. Then they needed to get on the internet, without buying something extra. Then the original
Re: (Score:2)
Damn you, you beat me to it! ;-) Even to the point where the quote you chose was already in my clipboard before I read your post...
Re: Pot, Meet Kettle (Score:1)
Re: (Score:2)
Excuese me, but aren't these behaviors already baked right into Windows 11?
Sounds like he's a Lyer.....
Good idea but..... (Score:5, Insightful)
Re: (Score:3)
For what it's worth, I do see Teams asking for OS location, camera, and mic permissions, but not other Office programs.
Re: Good idea but..... (Score:2)
Re: (Score:1)
For what it's worth, I do see Teams asking for OS location, camera, and mic permissions, but not other Office programs.
The last time I looked, Teams was installed by default in Windows 11. Has that changed?
Re: (Score:2)
Not sure, I can only speak from corporate experience. It may be installed by default, but it asks for permissions on first run.
Re: (Score:2)
Why do Excel/Word/Outlook need access to your location/camera/mic? Are you sure they're not asking for permission because they aren't using them?
Re: (Score:2)
They don't need that access and they don't ask as far as I'm aware. I think they're not asking because they're not using them.
Re: Good idea but..... (Score:4, Informative)
Re: (Score:2)
Re: (Score:2)
So far as I know.
Re: (Score:3)
Yeah, when are we getting the OS level override to tell any app that its DRM can fuck right off? Computing has lost its way when companies providing software have more control over our devices than the owner of the devices. Just because software comes from Microsoft, Adobe or any other major software provider doesn't mean it isn't malware. When a device is designed in a way that its security model treats the owner as an untrusted threat actor, software enforcing that model functions as malware with respect
Re: (Score:2)
Making a computer not run programs and not play media isn't the best strategy. Just be glad you don't need a hardware dongle just to watch Netflix or open Photoshop. It could be far worse.
Avoiding DRM is just something you'll have to do on your own.
Re: (Score:2)
In your normal, reasonable world it's a good idea. By the time MS have run it through their product manglers, it'll be anything but good. In short order, something as mundane as Solitaire will ask for "network access" - why? Because that's how it gets its ads and how CrapPilot integrates with it. Before you know it, just about everything you have installed has a whole raft of really broad permissions and so the whole thing becomes utterly pointless.
I'll bet my lunch that when this is implemented, the requir
Nope (Score:5, Interesting)
Nope, I would rather have an OS for a PC, not a smart phone. You've lost your way Microslop.
Re: (Score:1)
I wish desktop apps could work more like Android apps. Sure, some of them need to hook into the system a bit deeper, but a lot could be fully sandboxed. No need to install into the real filesystem, all files kept cleanly in one place and removed when the app is uninstalled. No permissions at all without explicit confirmation from the user.
You can do it with the tech Windows has already, but it's a pain.
Re: (Score:2)
It's odd because Android and iOS has all this sandboxing and yet it's pretty much recognized by everyone that apps on both operating systems, even with the sandboxing, are bigger threats to your privacy than the average Windows, GNU/Linux, or Mac OS X application.
I'm not saying there's no reason to add some sandboxing to desktop applications, but it seems as if desktops do not have the same level of danger. And that's probably a good thing because the far more advanced nature of desktop applications, that a
Re: (Score:3)
The reason for the privacy threat on mobile is the kind of data people keep on those devices, and the fact that they have cameras and microphones. However, the actual controls to protect the data are much better than on Windows.
It's also a question of simply making app installs self contained and clean. On Android if you remove and app, it removes all of it, no left over registry entries or other random crap floating around the filesystem.
Re: (Score:3)
> The reason for the privacy threat on mobile is the kind of data people keep on those devices, and the fact that they have cameras and microphones. However, the actual controls to protect the data are much better than on Windows.
Mobile users rarely have any data on their devices beyond saved game states, older people like me have music, and recent photos.
Modern PCs have cameras and microphones.
So that's not it.
My honest belief is the main reason is that most people have become more tech-stupid in the la
Re: (Score:2)
A typical phone has your contact list, personal photos, chat messages and copies of encryption keys, and are logged in to cloud storage accounts, email, and more.
Re: (Score:2)
It's easy to overlook just how much of our lives ends up on a phone. I know a guy whose phone was stolen by a pickpocket just after he put it away, before it re-locked. Worse, he was on vacation at the time. They robbed the hell out of him. Who did the credit card company call? The thief.
Re: (Score:2)
Re: (Score:2)
Sandboxing sounds great, but then someone can't print and it becomes an ordeal. And God forbid their LOB applications can't reach the SQL server due to a nearly hidden permission setting.
Re: (Score:3)
App permissions are not a smartphone thing. They are a software thing. Smartphones were just quicker to deal with the problem of unwanted app behaviors, because they didn't have the decades of historical software that had to keep working.
I'd like to see Microsoft expand this further, to all Windows software, not just App Store software.
App developers these days have ZERO regard for honoring the wishes of users.
Re:Nope (Score:4, Insightful)
Smartphones were just quicker to deal with the problem of unwanted app behaviors, because they didn't have the decades of historical software that had to keep working.
Nope. Smartphones are just as willing to violate the user's wishes as PCs. It was Custom ROMs that offered permissions managers first. Google was forced to provide it in the stock Android OS by inertia, and even then not fully. (Lots of apps from Google and the device manufacturer get a special pass that the user can't override without rooting, or using xposed. Worse some of those apps get access to things that no other app is allowed to even go near. Like accessing the audio of other apps.) It was only after Google realized they could use "permissions" as whitewashing for their blatant abuse that they really started pushing it. Hence all of the endless permissions for basic crap that people get tired of. That's intentional so that people get used to clicking "Allow" on reflex, so their apps can harvest anything they want with the user's "blessing."
I have no desire to see such crap in Windows, or any PC OS for that matter. It's no different than all of the popups we get for cookies. More opportunities for them to throw up shrinkwrap you have to click through in order to get to the thing you need done, all the while forfeiting your legal rights, to major annoyance, and disruption at every turn.
App developers these days have ZERO regard for honoring the wishes of users.
They have you by the balls. Of course, they don't give a shit about you. You're an ATM to be only withdrawn from and nothing more. Until your governments start bringing them to heel over their behavior that is.
Re: (Score:2)
Well, you started with "nope" but then proceeded to agree with me, as far as I can tell. OK, I'll take it.
The only thing I think we disagree about is whether we _want_ app permissions to be present.
As untrustworthy as Google or Apple might be with our data, they're both still more trustworthy than a random app developer you've never heard of. If permissions only apply to those sketchy developers, it's better than nothing, in my view.
Re: (Score:2)
App permissions are not a smartphone thing. They are a software thing. Smartphones were just quicker to deal with the problem of unwanted app behaviors, because they didn't have the decades of historical software that had to keep working.
What differentiated the smartphone from PCs is the app store. Bad actors get to leverage app infrastructure to globally cheaply publish low effort malware. Everyone else has to compete with "free" so everything becomes hostile to user interests. The whole system would completely collapse absent jails and permissions.
I'd like to see Microsoft expand this further, to all Windows software, not just App Store software.
App developers these days have ZERO regard for honoring the wishes of users.
Permissions are hostile to user interests. So long as software can normalize, retaliate or nag users to capitulate permission systems fail to deliver on honoring wishes of users. Instead th
Re: (Score:2)
What differentiated the smartphone from PCs is the app store
No, I don't think so. Windows has an app store, and indeed, this article is talking specifically about Windows App Store apps. It's not talking about side-loaded apps, which for decades was the only way to install on Windows.
What was different for phones, was a managed install process, really from the beginning. In the traditional Windows and Mac worlds, installers could do literally anything they wanted with the system, including replacing core operating system files. In the phone world, installers can onl
Again? (Score:2)
Re: (Score:1, Troll)
Re: (Score:3)
Also, no. Linux doesn't intentionally go out of it's way to engage in security theater. UAC is nothing more than an elevation prompt that was made mandatory because Microsoft wanted to kick people out of "their" directories and force app developers to use different (read: newer) APIs. A ploy that didn't even work all that well, BTW. As there's still plenty of apps made today that don't behave properly when their di
Re: (Score:3)
To me the critical feature this is missing in access control like, know location, access a calendar etc, Is no but lie, most people just grant access because they want run the app they will say yes to anything. Just think of license agreements.
It will fail (Score:5, Insightful)
Like all the other things Microsoft recently tried to implement; it'll be implemented badly and will eventually be rolled back because it's broken state.
Re: It will fail (Score:2)
Re: It will fail (Score:4, Insightful)
What permission groups do these cover? (Score:3)
This sounds nice, and macOS is pretty good at this, but I do wonder if there are ways to get around this. For example, accessing a photos repository via the filesystem and not a photos API, or accessing contact files directly as opposed to a contact API. Even with these permissions fairly tight, if the app can scoot around add/modify stuff, it can do ransomware, Trojans, or data exfiltration.
What many developers will do is just not bother with code signing and demand the user do some overrides, or do something similar to Macs, and force allowing "full disk access" for the program to run. Maybe even force the user to turn off the prompts, just like in the Vista days where users were told to turn off UAC.
Re: (Score:2)
Now granted malware etc can evade that, but typically only by exploiting a loaded signed driver... no chance anything doing that doe
Re: (Score:2)
Re: (Score:2)
I don't want anything else to work that way.
Bring back (Score:4, Funny)
Abort, Retry, Fail?_
Bring it back Microsoft, that was super intuitive. Since this is the AI era, have Bob and Clippy ask it.
Re: (Score:2)
And be sure to ask "Are you sure?" before looping back to Abort, Retry, Fail?_.
Re: (Score:2)
Abort, Retry, Fail?_
Bring it back Microsoft, that was super intuitive. Since this is the AI era, have Bob and Clippy ask it.
Since this is the AI era, have Clippy ask Bob to do it.
Re: (Score:2)
Well, kind of intuitive.
My question was always, "What's the difference between "Fail" and "Abort"?
Re: (Score:3)
Fail: permanent failure / unexpected problems. No expected change in result if request is repeated.
Re: (Score:2)
That's your interpretation, but there are plenty of developers who didn't know those rules when they wrote the code that responded to A, R, or F.
Details devil... (Score:2)
Microsoft itself biggest privacy threat (Score:3)
Re: (Score:2)
Well sure, but are you suggesting that Google and Apple are any different?
Ahem (Score:1)
...the move was prompted by applications increasingly overriding user settings, installing unwanted software, and modifying core Windows experiences without permission.
You mean like every Microsoft application ever? Whenever people figure out how to control some aspect of a Microsoft application through Registry or policy settings Microsoft releases an update that changes or removes that control.
Current user interfaces are in free-fall. (Score:2)
Just one more nail in their coffin (Score:4, Insightful)
Free your self from all this irritating crap and ditch Microsoft. You all know the alternative.
Security Theater (Score:3)
This is UAC all over again. It just results in more pop-up blindness.
Yet another "This application wants to blah blah blah..." Click Accept
There's a reason "windows uac disable" is the first suggested search result when you type in windows uac.