Friday, September 11, 2009

Things that concern me about Microsoft Live Mesh

While Microsoft Live Mesh looks to have potential (and a Googol orders of magnitude better interface than Groove or even SharePoint Workspace (which looks almost 100% exactly as crap as Groove looks), there are a few things that concern me greatly about it:

1. It installs as a limited user without asking for elevation

2. When you try and run the installer with elevated rights, you get the following error message:
     Live Mesh
     Product does not support running under an elevated account.
     This class is not configured to support Elevated activation.
     Get more help (Error: 80080017)

3. If you try and configure Remote Desktop access in Live Mesh, unless you're running as an Administrator with UAC turned off (OMG, who the hell would do this and still claim to be sane), you then get the following error:
     Live Mesh Beta
     Some updates were not configured
     Get more help (Error: 80010123)

Now, in addition to point 3, the help text for this error if you click on Get more help, offers this wisdom: "This error typically occurs if you have User Account Control turned on but you are not logged on to your computer as an administrator. Log off your computer and then log on again as an administrator." Yes, that's correct - this is after you enter the admin username/password at the elevation prompt.

Now, since when has being able to install and run software as a Limited User been acceptable? Definitely not since the XP days and for those savvy network administrators out there, long before then. It has been especially unsavory since the introduction of F^HVista. So WHY THE FUCK does Microsoft Live Mesh (and this is not the only one of their products that does this, by the way) refuse to install with admin rights and even worse, actually install as a limited user?

Does Microsoft WANT to encourage malware to be able to install and run as a Limited User?


As one of my favourite security conscious colleagues has mentioned, there's finally a Limited User Malware product on the loose. OK, he calls it Standard, I call it Limited. Whatever.

Thanks, Microsoft, for encouraging this with your inability to understand how security is meant to be employed. We security conscious network administrators really appreciate the additional workload you've given us. :( GGRRRRRRRRRRR...


The Outspoken Wookie

No comments: