×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft To Disable Autorun

timothy posted more than 4 years ago | from the mounting-is-fine-but-opening-is-obnoxious dept.

Windows 429

jchrisos writes "Microsoft is planning to disable autorun in the next Release Candidate of Windows 7 and future updates to Windows XP and Vista. In order to maintain a 'balance between security and usability,' non-writable media will maintain its current behavior however. In any case, if it means no more autorun on flash drives, removable hard drives and network shares, that is definitely a step in the right direction. Will be interesting to see what malware creators do to get around this ..."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

429 comments

Erm.....What the hell? (5, Insightful)

Sj0 (472011) | more than 4 years ago | (#27764655)

Why wasn't this the default to begin with? There's no good reason to automatically run anything on media like hard disks or flash drives. It's an obvious virus vector.

Re:Erm.....What the hell? (4, Interesting)

Moryath (553296) | more than 4 years ago | (#27764719)

Has to do with crap like this [tomshardware.com] - the theory goes that you may WANT to have an autorun from them for legit reasons (movie on a "read only" flash disk, or a "plug this hard drive in and automatically launch Program X" setup).

Hell, without this, those "U3 Enabled" flash drives (yeah I know, gag puke awful crap software) are even harder to use too. They use a single partition with the U3 software, autoboot it, check for you entering your "password", and only they will it decrypt the OTHER partition on the drive for you.

See where this is going?

Re:Erm.....What the hell? (3, Insightful)

Sj0 (472011) | more than 4 years ago | (#27764755)

The risk is too obvious and too stupid to take.

A menu pops up with this stuff anyway: "Hey, want to open this folder?", so it's not like you're doing anything more than adding exactly one step.

Re:Erm.....What the hell? (5, Insightful)

Feanturi (99866) | more than 4 years ago | (#27765089)

That's only if there isn't an autorun.inf pointing to an executable. If there is, it runs that instead of showing the "What do you want to do?" dialog. Only having autorun disabled will protect you from that. What would be good is if it was disabled by default, but could be turned on for select "trusted" flash drives. Or, just a thought, maybe people could learn a bit about how to use a computer and not have to have it do all the driving. Nothing wrong with learning to open an Explorer window, then navigating to a drive to access something on it. What a concept, actually knowing what's on your media. All this "ease of use" and accessibility crap is just making users dumber and dumber.

Re:Erm.....What the hell? (5, Insightful)

EvanED (569694) | more than 4 years ago | (#27765143)

Or, just a thought, maybe people could learn a bit about how to use a computer and not have to have it do all the driving. Nothing wrong with learning to open an Explorer window, then navigating to a drive to access something on it. What a concept, actually knowing what's on your media. All this "ease of use" and accessibility crap is just making users dumber and dumber.

As someone who likes autorun, my reaction to this is "yeah, because I like doing work myself that a computer is good at".

I think Vista's "always autoplay, never autorun" (if I got those names right) scheme works really well.

Re:Erm.....What the hell? (4, Insightful)

thePowerOfGrayskull (905905) | more than 4 years ago | (#27765263)

hat a concept, actually knowing what's on your media. All this "ease of use" and accessibility crap is just making users dumber and dumber.

Why should those people who are using computers as tools (in the same way they would use a car, lawnmower, or vibrator) have to know anything at all about how it works, where content is stored, etc?

The best system is one that just does what you want it to do, without distracting you from your task by making you think about it. That holds equally true for computers, windshield wipers, and toilet paper.

Re:Erm.....What the hell? (5, Insightful)

Happler (895924) | more than 4 years ago | (#27765351)

I have met people who do not think about toilet paper and they stink. I am a firm believer that people should have at least a basic understanding of what tools they are using. Knowing the basics of windshield wipers means that you can purchase and change them yourself (and pay less in the long run). Knowing the basics of computers means that you will, at least, help minimize the amount of damage you do to your computer via virus, malware, stupid user tricks, etc. I have worked too much tech support to encourage systems that do everything for the user. It just creates more problems then it is worth.

Re:Erm.....What the hell? (4, Informative)

supernova_hq (1014429) | more than 4 years ago | (#27765301)

Those U3 enabled flash drives will STILL autorun. The second partition is made to appear to be a cdrom to windows, which means that windows will still autorun the crap they put on there.

Not only that, but this will give sandisk a semi-legit reason to partitions those bloody things. To this day, the ONLY way to get rid of that damn partition is using a windows utility, and that doesn't even work half the time!

Re:Erm.....What the hell? (3, Insightful)

Anonymous Coward | more than 4 years ago | (#27764723)

Microsoft wanted a computer to be an appliance. The person operating it didn't have to know much. When it got older, you bought a new one Want your new camera to work? Plug it in and insert cd. Want an external hard drive you just plug in and it backs up your stuff? You got it. Want to watch tv on your computer? Plug it in the usb slot, plop the cd in the drive and you're good to go. Good idea. However, the real world doesn't play with good ideas very well.

Re:Erm.....What the hell? (0, Troll)

Anonymous Coward | more than 4 years ago | (#27764989)

Apple, on the other hand, pretty well embodies this idea.

Re:Erm.....What the hell? (0)

Anonymous Coward | more than 4 years ago | (#27765321)

And as someone who owns both and works on both... Apple comes much closer to that reality (but that's 'cause they make the hardware & the software).

Re:Erm.....What the hell? (4, Insightful)

Midnight Thunder (17205) | more than 4 years ago | (#27764827)

Why wasn't this the default to begin with? There's no good reason to automatically run anything on media like hard disks or flash drives. It's an obvious virus vector.

A compromise would have been to ask the user, but disabling is completely is probably better, since it will avoid stuff like the Sony Root kit, being installed by a clueless user. After all:

Computer: "Do you want to do xyz? It may break you computer."
User: clicky, clicky "Why yes of course"

Re:Erm.....What the hell? (4, Informative)

Sj0 (472011) | more than 4 years ago | (#27764857)

CD is read-only, thus not applicable.

Re:Erm.....What the hell? (2, Interesting)

Bert64 (520050) | more than 4 years ago | (#27765307)

Modern systems come with cd/dvd recorders by default...
A piece of malware could hijack your burning apps and add itself to any optical media you burn.

Re:Erm.....What the hell? (1)

jabithew (1340853) | more than 4 years ago | (#27765363)

Maybe the system will draw a distinction between a CD/DVD-ROM and a CD/DVD-Anything else.

Re:Erm.....What the hell? (4, Informative)

RzUpAnmsCwrds (262647) | more than 4 years ago | (#27765167)

A compromise would have been to ask the user

This is exactly what Vista does. The problem is that you can customize the icon for the "run" operation, and malware authors got clever and used the folder icon. If you weren't paying attention, you might click the wrong option and install the malware (although there's also a UAC prompt to get through on Vista).

Re:Erm.....What the hell? (1, Funny)

Anonymous Coward | more than 4 years ago | (#27764839)

Why don't you jump into your time machine and go tell that to Microsoft at its first implementation?

"You can't make this happen. It'll introduce another security hole vector. Yes in the future you'll be riddled with security problems. Yes. Also, as a sacrifice you'll have to appear not as 'user friendly' which will cut into your billions of dollars of revenue. See you in the future! Thanks!"

Re:Erm.....What the hell? (1)

Sj0 (472011) | more than 4 years ago | (#27764891)

I don't believe for a second that limiting autorun to read-only media would be even remotely damaging to Microsoft. Frankly, I expected only CD-ROM drives to be able to do that.

Re:Erm.....What the hell? (5, Funny)

Red Flayer (890720) | more than 4 years ago | (#27764877)

Why wasn't this the default to begin with?

In the beginning, there was a User.

This User did not possess the special knowledge of the Priests of the Cult of Computers.

This User was granted divine Manna from heaven in the form of a shining disc with an outer shell of a transparent horn-like material.

"Lo!" said he, "I have found the Sacred Tablet of AOL!"

And he put the Tablet in the Slot of Curious Whirrings, and nothing happened. And this was Good.

But the User was unhappy, and complained to the Disciples of AOL, that the sacred disc of AOL was defective.

And so the Disciples of AOL conferred with the Disciples of Borg.

Now, the Disciples discipled for a while, and determined that the User could never be trusted grok the mysteries of "Drive D". The Disciples agreed, also it was bothersome and unholy, to be summoned each time a Tablet was delivered by divine provenance to another User. And so Autorun was created.

Verily, the User could place the Sacred Tablet of AOL in the Slot of Curious Whirrings, and without any further discipling by the Disciples, could run AOL.

And thus were the Demons of AOL unleashed upon the world together with the Lord of PC Plague and Pestilence, he-who-should-not-be-named-but-nevertheless-I-will, Autorun.

Re:Erm.....What the hell? (0)

Anonymous Coward | more than 4 years ago | (#27765097)

Masterful.

Re:Erm.....What the hell? (1)

steelfood (895457) | more than 4 years ago | (#27764879)

In general, there's no good reason for computers to execute code you did not explicitly ask it to execute.

Malware can still be distributed through sneakernet. And remember the Sony rootkit fiasco? That's no better or worse than something you might catch from popping a pirated CD or DVD (the ones you buy for $1 off the streets).

Computer security is about control. It's about controlling what enters and leaves the computer, and what executes on the computer. Anything that causes execution on read automatically implies a complete loss of control.

Re:Erm.....What the hell? (4, Insightful)

Darkness404 (1287218) | more than 4 years ago | (#27765291)

And remember the Sony rootkit fiasco? That's no better or worse than something you might catch from popping a pirated CD or DVD (the ones you buy for $1 off the streets).

Except for the fact the Antivirus you paid $80 for will catch the malware that came off the CDs and DVDs but believes that the Sony Rootkit is "legitimate" and leaves it alone.

Re:Erm.....What the hell? (3, Insightful)

Twillerror (536681) | more than 4 years ago | (#27764895)

Not entirely true. When I plug in my camera and a little popup comes up I really like that. Why...because it's not exactly what program I'd like to launch. Most of the time I just want to get at the file system and copy and paste over the files.

Then there is my wife who would be completely lost without the auto run that cameras present users with.

When USB drives plugin sometimes they auto run management software which could include faster drivers or encryption utilities. I'd don't want the option for this lost.

The problem to me is not that it auto runs, but that it doesn't require any sort of user involvement. I like auto run cds...except when I don't want it. I know I can hold down shift to get around it, but if I forget or my arms are to short to do both at the same time I'm boned.

If there is a use case (even if you don't see the need) for this then we need to try to continue to support it. My guess is someone though of a GOOD user for it. I don't want my entire computer expierence to be dictated by virus writers and boring programers. It's like saying we can't fly on jets because someone could fly them into buildings...figure out how to stop people from flying into buildings...not stop flying.

Re:Erm.....What the hell? (1)

PitaBred (632671) | more than 4 years ago | (#27765005)

There should be a minimum level of expertise required to operate certain equipment. You don't get cars that automatically put their turn indicators on, because that would just cause more problems than it solves, and it would enable people to be even stupider. Same thing with Autorun. Autorun should NEVER be there. Let the machine say "What do you want to do with this?" like you're suggesting, but it shouldn't ever just choose something by default.

Re:Erm.....What the hell? (1, Insightful)

Anonymous Coward | more than 4 years ago | (#27765039)

While I agree with your point about boring programmers, your analogy would fall flat if 1/10 airplanes were smashed into a building within an hour of takeoff.

Re:Erm.....What the hell? (1)

Bert64 (520050) | more than 4 years ago | (#27765355)

A very small number of people are qualified to operate jet planes.
Being a passenger on a plane is a massive difference from flying it yourself...

Re:Erm.....What the hell? (1)

Yaksha42 (856623) | more than 4 years ago | (#27764991)

I have a thumb drive I want to automatically back up every time I plug it in. I want it to back up to C:\backup\{datetimestamp}

I had to get a program called Autorun USB to get it to work, but with this and a .bat file I was able to get immediate automatic backing up of my thumb drive every time I plugged it in.

Re:Erm.....What the hell? (1)

interkin3tic (1469267) | more than 4 years ago | (#27764995)

Why wasn't this the default to begin with? There's no good reason to automatically run anything on media like hard disks or flash drives. It's an obvious virus vector.

Man, I'm WAY too busy to double click on my flash drive, I gotta have those pictures of the kegger last weekend NOW! Thanks a lot, micro$oft, selling out to the "anti-kegger pictures immediately" lobby!

Yay (1)

ejdmoo (193585) | more than 4 years ago | (#27764691)

Yay!

But now how will people figure out how to play Video Professor or install AOL?

Oh well...

Re:Yay (1, Informative)

Anonymous Coward | more than 4 years ago | (#27764715)

non-writable media will maintain its current behavior however

Heads Up Tech Support (1)

naubol (566278) | more than 4 years ago | (#27764695)

Queue new top 10 Microsoft support complaint...

"My cdrom is broke" "It doesn't know there is a cd in there anymore!"

N

Re:Heads Up Tech Support (3, Informative)

Sj0 (472011) | more than 4 years ago | (#27764711)

CD is read-only, thus not applicable. RTFS.

Re:Heads Up Tech Support (1)

jonbryce (703250) | more than 4 years ago | (#27764805)

And unfortunately the virtual CD drive in U3 flash drives is also read only.

Re:Heads Up Tech Support (1)

Sj0 (472011) | more than 4 years ago | (#27764907)

It's only read only if you activate the software, creating the virtual CD drive.

Re:Heads Up Tech Support (1)

jonbryce (703250) | more than 4 years ago | (#27765023)

I haven't checked the U3 drives myself, but I have a USB wireless (cellphone) modem which comes with a virtual CD drive containing the drivers for it. The CD drive appears until you activate the software, which makes the computer ignore it and use the modem instead. So it is certainly possible to have a USB virtual CD drive that doesn't require drivers to operate.

Re:Heads Up Tech Support (2, Informative)

adolf (21054) | more than 4 years ago | (#27765257)

Activate? The...software?

Eh?

On my U3 drives (both of them), the following would happen upon insertion:

Loading drivers
Found USB hub!
Loading drivers
Found USB mass storage device!
Loading drivers
Found USB CD-ROM!

The drives that appear are as follows:

A regular read/write USB flash drive, empty except for whatever I've put into it
A read-only CD-ROM

After the drivers all load (automatically and without intervention, under most Windowses), it would autorun the virtual CD drive as configured in windows.

Of course, I now have U3 disabled (more because I find no need for it, than because it is somehow evil), but that's how it worked for me.

Almost, but not quite (3, Insightful)

sqlrob (173498) | more than 4 years ago | (#27764703)

Since non-writable media such as CD-ROMs generally aren't avenues for malicious software propagation

Because no that's infected ever burns a CD, nope, never.

Re:Almost, but not quite (1)

icebike (68054) | more than 4 years ago | (#27764859)

Since non-writable media such as CD-ROMs generally aren't avenues for malicious software propagation

Because no that's infected ever burns a CD, nope, never.

Its been my general observation that most people capable of burning an auto-run CD are capable of installing a virus scanner.

Admittedly, that STILL leaves those with malicious intent such as Sony [wikipedia.org] and the purveyors of hoards of CDs full of crapware found in so many Asian street markets.

Re:Almost, but not quite (2, Insightful)

77Punker (673758) | more than 4 years ago | (#27764913)

What about someone who intentionally creates a malicious autorun and distributes a CD-R? How about a virus that adds its own autorun to every disc burned by its host system?

It's still a huge problem and the fact that they removed it from other media demonstrates that they don't understand all of the attack vectors.

One more thing: virus scanners are a joke.

Re:Almost, but not quite (1)

Bert64 (520050) | more than 4 years ago | (#27765413)

You don't intentionally burn an autorun cd...

Someone will try to burn a cd for whatever purpose, on an infected machine. The malware will hijack the burning process and add itself before it burns whatever content you were trying to burn.

Re:Almost, but not quite (1)

CajunArson (465943) | more than 4 years ago | (#27764867)

Greetings, you fail 4th grade reading comprehension. Let's take a look at that quote again:

Since non-writable media such as CD-ROMs generally aren't avenues for malicious software propagation

The generally bit is the important part, and the quote is 100% accurate, particularly in the age of Bittorrent when burned CDs are used far less frequently for transporting questionable software. If you disagree with that, then I'm sure you will be the first person to stand up and scream at the top of your lungs when somebody says it is generally more difficult to root a Linux server compared to a Windows server, when there are plenty of cases where Linux servers have been rooted... I'm totally sure you would be that objective.... completely....

Re:Almost, but not quite (2, Interesting)

petermgreen (876956) | more than 4 years ago | (#27764983)

But flash sticks are a good vector for spreading malware and an annoying proportion of the flash sticks I see are sandisk U3 devices. How long will it be until malware manages to insert itself into the "CD emulation" section of a U3 device?

Sony CD (4, Insightful)

cant_get_a_good_nick (172131) | more than 4 years ago | (#27764901)

Didn't Sony install rootkits as part of CD insertion/autoRun? CD-ROMs are a vector for malware.

Also, I remember some website getting sued because they mentioned how to disable autorun, effectively disabling their anti-copy rubbish. So will Microsoft be sued for removing this?

Re:Almost, but not quite (1)

EvilIdler (21087) | more than 4 years ago | (#27764997)

Yes, the writable status of the source of an infection does not fucking matter! It's the rest of the system which gets it, anyway.

get around this? (4, Interesting)

BigBuckHunter (722855) | more than 4 years ago | (#27764707)

@ Will be interesting to see what malware creators do to get around this ..."

Attrib -w? Flip the Writeprotect dword in StorageDevicePolicies?

BBH

Re:get around this? (1)

Urd.Yggdrasil (1127899) | more than 4 years ago | (#27764741)

Wouldn't the malware have to already be running on the computer to do that?

Re:get around this? (0)

Anonymous Coward | more than 4 years ago | (#27764831)

Shhhhhh...

Finally (2, Insightful)

Capt.DrumkenBum (1173011) | more than 4 years ago | (#27764727)

It is about bloody time too.
It only took Microsoft 14 years to fix this massive security hole.

Re:Finally (1, Funny)

Anonymous Coward | more than 4 years ago | (#27764803)

You're sitting on the other massive security hole.

Work around in 3..2...1.... (1)

MasseKid (1294554) | more than 4 years ago | (#27764749)

Ok, so I'll just convince Windows 7 my writeable media is notwriteable and it'll autorun my viruses right? Hell, if I can get admin rights to an unopened e-mail, how hard should it be to disguise one media type as another?

Re:Work around in 3..2...1.... (1)

Ceiynt (993620) | more than 4 years ago | (#27764785)

I'll give you my DVD+/-RW drive, half the time it thinks the blank DVD+R I put in is not writable.

Re:Work around in 3..2...1.... (2, Informative)

PitaBred (632671) | more than 4 years ago | (#27765253)

Pay $0.03 more per disc and most of that stops. I've found that there are quite a few discs out there that are too cheap, they just don't work.

Getting around this will be difficult? (3, Insightful)

gringofrijolero (1489395) | more than 4 years ago | (#27764771)

I don't think so. Just tell the user to double click the setup.exe icon if it doesn't run automatically. Gotta turn off autorun in the user's brain.

Re:Getting around this will be difficult? (1)

Archangel Michael (180766) | more than 4 years ago | (#27764953)

"all I see is the drive, where is the setup.exe icon?"

"but I have two CD Drives"

(you obviously have a much higher view of users than me)

No option to change? (0)

Anonymous Coward | more than 4 years ago | (#27764799)

Say what you like but I kinda like being able to plug in my digi cam and it automatically pops up the application I use.

Oh well.

It's done right in Ubuntu (5, Insightful)

Benanov (583592) | more than 4 years ago | (#27764845)

Not sure exactly what's doing it, but in my Ubuntu and gNewSense installs:

If I insert a CD with autorun files on it or it has an autorun folder, I am prompted that this disc has software on it designed to run automatically, and I am asked what I would like to do about it.

Seemed to be pretty sensible really. I mean *I* inserted the CD, so I expect something to happen.

Re:It's done right in Ubuntu (5, Informative)

EvanED (569694) | more than 4 years ago | (#27764915)

If I insert a CD with autorun files on it or it has an autorun folder, I am prompted that this disc has software on it designed to run automatically, and I am asked what I would like to do about it.

That's what Vista does too... I actually really like that behavior. It's almost as convenient as autoplay is, but without the security risk. (Well, for good users.)

Re:It's done right in Ubuntu (1)

chis101 (754167) | more than 4 years ago | (#27764949)

Windows XP does this for me too, by default (although it annoys me so I turned it off.)

I put in a CD, flash drive, etc, it scans it and pops up a message saying "You just inserted removable media. What would you like to do with it?"

Re:It's done right in Ubuntu (2, Insightful)

Tetsujin (103070) | more than 4 years ago | (#27765011)

Not sure exactly what's doing it, but in my Ubuntu and gNewSense installs:

If I insert a CD with autorun files on it or it has an autorun folder, I am prompted that this disc has software on it designed to run automatically, and I am asked what I would like to do about it.

Seemed to be pretty sensible really. I mean *I* inserted the CD, so I expect something to happen.

This kind of thing always drove me crazy, and still does. Like sometimes I'll take a CD out of the drive to put another one in - and then when I'm done with the second one I'll put the first one back in 'cause I don't know where the case is. The fact that I put that first CD back in the drive doesn't mean I want to run it...

Re:It's done right in Ubuntu (5, Insightful)

Anonymous Coward | more than 4 years ago | (#27765337)

The fact that you're using a CD drive as a jewel case pretty much invalidates any opinion you may have on this matter.

Re:It's done right in Ubuntu (1)

microbee (682094) | more than 4 years ago | (#27765051)

And you don't read TFA to put a proper comment.

Windows does this too, but it is deem

In other news... (4, Funny)

MachineShedFred (621896) | more than 4 years ago | (#27764853)

Sony Music has announced a lawsuit against Microsoft using the DMCA, claiming that the new software patch circumvents horribly inadequate copyright protection.

FTFA: (4, Funny)

V!NCENT (1105021) | more than 4 years ago | (#27764881)

In any case, if it means no more autorun on flash drives, removable hard drives and network shares, that is definitely a step in the right direction.

Whoa...! Wait... they had autorun there too?!?! Dear god...

Re:FTFA: (1)

Yaksha42 (856623) | more than 4 years ago | (#27765025)

I'm not so sure about this. I explored this option a while ago and in order to get autorun to work on a flash drive, you need an application installed like "Autorun USB."

Next release candidate of Windows 7... (0)

Anonymous Coward | more than 4 years ago | (#27764929)

Hmm, are we talking about the upcoming RC on May 5th or will there be more RC for the public? :)

In Vista, we call this feature "auto-walk" (1, Funny)

Anonymous Coward | more than 4 years ago | (#27764933)

Because Vista is so slow, Microsoft has graciously renamed this feature "auto-walk"

Autorun is the first thing I disable (1)

JO_DIE_THE_STAR_F*** (1163877) | more than 4 years ago | (#27764947)

for optical drives. But they don't plan on changing the default autoplay anyway. So why make the change? Security? Come on. malicious software uses autorun because it is currently the easiest way to do this but it will take all of 10 nano seconds before a new way to do this is used.
Not to be a MS basher but all their talk about security is only lip service.
OK fine I do mean to be a MS basher.

If I were a Malware Author (1)

braek (224106) | more than 4 years ago | (#27764955)

Step 1. Create Malware that will tempt people with free Viagra if they re-enable autorun
Step 2. ????
Step 3. Profit!

Uhhhh (1, Insightful)

Idiomatick (976696) | more than 4 years ago | (#27764981)

I don't see the problem so many people are having. In XP+ when you put in a CD/flash/w/e you get a windows menu popup saying do you want to open in the browser or play in your media player or w/e. This seems perfectly reasonable. No code is being executed off the disk so no security hole. If you want the CD to run a splash or w/e it is one click. If you want to browse it one click. And it can be set to remember your answer for different devices. I completely fail to see the problem with that.

If this does mean that they are breaking U3 drives I'm happy for the change mind you.

Re:Uhhhh (1)

Ractive (679038) | more than 4 years ago | (#27765055)

I don't see the problem so many people are having.

The problem is that in spite of your logic, computers with said OSs DO get infected by means of this "feature".

Re:Uhhhh (1)

palindrome (34830) | more than 4 years ago | (#27765233)

That's annoying (and it never seems to respect my "never do this again" check) but it's not auto run - you know when the CD just boots and doesn't give you any options?

Vista already asks permission (0)

Anonymous Coward | more than 4 years ago | (#27764987)

Vista already prompts users for the desired course of action when removable media is inserted. And yet, users click on the unsafe option anyways. How big a difference will this actually be? Users will have to make a couple extra clicks to open the drive, but chances are once they learn to do that they'll continue making the wrong choice.

Enable it (1)

NoobixCube (1133473) | more than 4 years ago | (#27765003)

Malware authors will just enable it again. If the functionality is still there for non-writable media, then it's probably just a hidden setting away from being there for writable media too.

clue wagon just rolled into Redmond? (1)

Locutus (9039) | more than 4 years ago | (#27765013)

All I can say is WTF, they are just now realizing it's a security risk and instead of disabling it in existing OS's, they're doing it in a beta of the next OS?

Sounds like they're not too sure about it being a risk or not. It's like having 3 sons ages 18, 16, and 14 and realizing condoms might be valuable but then only giving them to the 14 year old.

Security is probably job #10 at Microsoft as marketing rules the day on One Microsoft Way.

LoB

yeyey (0)

Anonymous Coward | more than 4 years ago | (#27765021)

The only time I used autorun when I insert media is to open an explorer folder. Typically in the past on Win95/98/2K I would always disable autorun for CD's & DVDs.

any USB plug-in device is insecure, period (4, Interesting)

evangellydonut (203778) | more than 4 years ago | (#27765031)

take any USB controller, have it emulate a Human Interface Device (aka keyboard), use it for the keystrokes of "windows, up, up, up, enter, virus-website, enter" and it's game over. you can do the same on Mac, just a tad more difficult.

Play button (4, Interesting)

fishizzle (901375) | more than 4 years ago | (#27765187)

CD-ROMs could have kept the common "Play button" interface from the beginning. Everyone knew this procedure. You insert a VHS into a VCR, you press play. You insert a cassette tape into a Walkman, you press play. CD into a CD player, press play. When the CD-ROM came out, wouldn't it logically follow to insert the CD-ROM, then press the "Play button" to execute any "autorun" functionality? That way it's a user-initiated event, but one that your entire target audience is already going to be familiar with. And the users who weren't intended on "playing" the CD-ROM don't press they play button and can go about, uninterrupted, copying it or navigating the file system as they intended. It's not a huge deal, but I just find it odd that Microsoft's implementation of "Autorun" was the solution to this "problem" back in the day.

sandisk? (1)

visible.frylock (965768) | more than 4 years ago | (#27765203)

Wonder how sandisk will take this? (U3)

Don't get me wrong, I have a sansa fuze and love it. (FYI, it has native vorbis and flac support, albeit with taking a hit on battery life.) But U3 pissed me off to no end.

Re:sandisk? (1)

UltimApe (991552) | more than 4 years ago | (#27765317)

sandisk internally emulates a cd-rom drive to my knowledge. I'd imagine that it is considers to be a read only media.

moD Up (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#27765217)

numbers. The loos Gains market share

Anonymous coward (0)

Anonymous Coward | more than 4 years ago | (#27765255)

Now they need to clear up the processes a bit and it may be decent.

I for own, applaud them... (1)

hipifreq (1323407) | more than 4 years ago | (#27765309)

for finally doing the obvious. I was infected twice (I know, shame on me right?) by taking my flash drive to get photos printed at a kiosk. I finally placed a read-only, hidden, blank autorun file of my own on all my flash drives to avoid further infections.

Of course, it's only a matter of time before the next virus I run into undoes the read-only status and overwrites...

What I always wondered was why disabling autorun for "all drives" in Windows XP doesn't stop flash drives from autorunning, only the CD/DVD drive.

Responsible use of Windows (1)

dontmakemethink (1186169) | more than 4 years ago | (#27765327)

Granted the typical user won't even know this can be done, but the first thing I do when installing Windows is disable/uninstall autorun, MSN, IE, system restore, drive indexing, and pretty much any other M$ shyte I can. After that, XP is suite stable and very useable.

Autorun blows (1)

EXrider (756168) | more than 4 years ago | (#27765339)

I've always despised this feature. Here's one example: when you eject a piece of read-only media, and Windows starts screaming at you relentlessly because a program was auto-running in the background from the media you just removed... hate that shit.

realestatesky.net (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#27765381)

real estate sky [realestatesky.net]

real estate [realestatesky.net]

buy [realestatesky.net]

rent [realestatesky.net]

sell [realestatesky.net]

property [realestatesky.net]

ÙÙØÙSØ [realestatesky.net]

ÙÙØÙSØØر [realestatesky.net]

ØرØØ [realestatesky.net]

ØÙSØ [realestatesky.net]

ØÙSØØر [realestatesky.net]

ÙÙÙ [realestatesky.net]

ØØØÙØÙSÙ [realestatesky.net]

ØÙØ© [realestatesky.net]

ØÙÙ [realestatesky.net]

Ù...ÙfØØ [realestatesky.net]

Ù...ÙfØØØ [realestatesky.net]

ØÙSØ [realestatesky.net]

ØØ±Ø [realestatesky.net]

ØرØØÙS [realestatesky.net]

ÙÙSÙØ [realestatesky.net]

Ù...ØÙØØ [realestatesky.net]

Ù...ØÙ [realestatesky.net]

ØÙØرØØ [realestatesky.net]

ØÙØرØØ [realestatesky.net]

ØÙØر [realestatesky.net]

ØÙØرØØ ØÙØÙ...ØرØØ [realestatesky.net]

ØÙØرØØ Ø£ØÙ ØØÙS [realestatesky.net]

ØÙØرØØ ØØÙS [realestatesky.net]

ØÙØرØØ ØÙØØرÙØ© [realestatesky.net]

ØÙØرØØ ØØÙ...ØÙ [realestatesky.net]

ØÙØرØØ Ø£Ù... ØÙÙÙSÙÙSÙ [realestatesky.net]

ØÙØرØØ Ø±Ø£Ø ØÙØ®ÙSÙ...Ø© [realestatesky.net]

ØÙØرØØ ØÙÙØÙSرة [realestatesky.net]

ØÙØرØØ Ù...ØÙSÙØ© ØÙØÙSÙ [realestatesky.net]

Ù...ÙØØÙ ØÙÙ...ÙØÙÙØØ ØÙØØÙ...Ø© ÙØÙØØØØØرØØ ØÙÙÙØØÙSØ© [realestatesky.net]

Ù...ÙØØÙ Ù...ÙØØ ØÙØÙØØ [realestatesky.net]

Ù...ÙØØÙ ØÙÙ...ÙØØ ØÙØØÙSØ© ÙØÙÙfÙرØØئÙSØ© [realestatesky.net]

Ù...ÙØØÙ ØÙØØÙ...ÙSÙ... ÙØÙØÙSÙfÙر [realestatesky.net]

ØÙØرØØ Ù...Ù...ÙÙfØ© ØÙØرØÙSØ© ØÙØØÙØÙSØ© [realestatesky.net]

ØÙØرØØ ØÙرÙSØØ [realestatesky.net]

ØÙØرØØ ØÙØ®Ø±Ø [realestatesky.net]

ØÙØرØØ ØÙÙØÙSÙ... [realestatesky.net]

ØÙØرØØ ØØئ٠[realestatesky.net]

ØÙØرØØ ØØÙÙS ØÙÙ...ØÙ ØØÙÙØØÙ [realestatesky.net]

ØÙØرØØ ØØØ© [realestatesky.net]

ØÙØرØØ Ù...ÙfØ© ØÙÙ...ÙfرÙ...Ø© [realestatesky.net]

ØÙØرØØ ØÙÙ...ØÙSÙØ© ØÙÙ...ÙÙرة [realestatesky.net]

ØÙØرØØ ØÙØØئ٠[realestatesky.net]

ØÙØرØØ ÙSÙØØ [realestatesky.net]

ØÙØرØØ ØØÙÙS ØÙÙ...ØÙ ØØÙØرØÙSØ© [realestatesky.net]

ØÙØرØØ ØÙØÙ...ØÙ... [realestatesky.net]

ØÙØرØØ ØÙØÙرØÙ [realestatesky.net]

ØÙØرØØ ØÙØ®Øر [realestatesky.net]

ØÙØرØØ ØÙÙØÙSÙ [realestatesky.net]

ØÙØرØØ ØÙØ£ØØØØ [realestatesky.net]

ØÙØرØØ ØÙØØÙSÙ [realestatesky.net]

ØÙØرØØ ØÙر ØÙØØØÙ [realestatesky.net]

ØÙØرØØ ØØÙÙS ØÙÙ...ØÙ ØØÙØرÙÙSØ© [realestatesky.net]

ØÙØرØØ Ù...ÙØÙØ© ØØÙÙf [realestatesky.net]

ØÙØرØØ Ù...ÙØÙØ© ØÙØÙÙ [realestatesky.net]

ØÙØرØØ Ù...ÙØÙØ© ØÙØØÙØ ØÙØÙ...ØÙÙSØ© [realestatesky.net]

ØÙØرØØ Ø£ØÙØ [realestatesky.net]

ØÙØرØØ ØÙØØØØ© [realestatesky.net]

ØÙØرØØ ØØØØÙ [realestatesky.net]

ØÙØرØØ ÙØرØÙ [realestatesky.net]

ØÙØرØØ ØØÙÙS ØÙÙ...ØÙ ØÙØÙÙØÙSØ© [realestatesky.net]

ØÙØرØØ ØÙØÙÙ ØÙØ®ÙÙSØ [realestatesky.net]

ØÙØرØØ ØÙÙfÙÙSØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙÙfÙÙSØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØÙرØØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØØÙ...ØÙS [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙÙرÙØÙÙSØ© [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙÙÙS [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© Ù...ØØرÙf ØÙÙfØÙSر [realestatesky.net]

ØÙØرØØ ØÙØÙØ© ØÙ...ØÙ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© Ù...ØÙØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© Ù...ØÙØÙ... [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØر [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØرÙSÙ...ÙS [realestatesky.net]

ØÙØرØØ Ù...ÙØÙØ© ØÙØØØÙØ© [realestatesky.net]

ØÙØرØØ Ù...ÙØÙØ© ØÙØØÙرة [realestatesky.net]

ØÙØرØØ ØÙÙ...ÙØÙØ© ØÙØØØ®ÙÙSØ© [realestatesky.net]

ØÙØرØØ ØÙÙ...ÙØÙØ© ØÙØرÙÙSØ© [realestatesky.net]

ØÙØرØØ ØÙÙ...ÙØÙØ© ØÙÙØØÙ [realestatesky.net]

ØÙØرØØ ÙØر [realestatesky.net]

ØÙØرØØ ØÙØÙØØ© [realestatesky.net]

ØÙØرØØ ØÙرÙSØÙ [realestatesky.net]

ØÙØرØØ ØÙØ®Ùر [realestatesky.net]

ØÙØرØØ ØÙÙÙfرة [realestatesky.net]

ØÙØرØØ ØÙØÙ...ØÙ [realestatesky.net]

ØÙØرØØ Ù...Øر [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙÙØÙرة [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØÙSØØ© [realestatesky.net]

ØÙØرØØ ØÙØ¥ØÙfÙØرÙSØ© ÙØÙØØØÙ ØÙØÙ...ØÙÙ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØÙ ØÙ...ØÙ ÙØÙÙØ ØÙSÙØØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØØ Ù...ØÙ ØÙÙÙØØ© [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØØ ÙØÙ ØØر٠[realestatesky.net]

ØÙØرØØ Ù...ØØÙØØØ ÙØÙ ÙØÙÙ [realestatesky.net]

ØÙØرØØ ØÙأرØÙ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙ...ØÙ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© Ù...ØØÙ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© Ù...ØØØØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© إرØØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØرÙØØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØØ±Ø [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØÙÙØØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙÙ...Ùر٠[realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØØÙÙÙ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙÙfرÙf [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØÙÙSÙØ© [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØÙØØ© [realestatesky.net]

Ù...ÙØØÙ ØÙÙ...ÙØÙÙØØ ØÙØØÙ...Ø© ÙØÙÙ...ÙØØ ØÙØÙØØئÙSØ© [realestatesky.net]

Ù...ÙØØÙ ØÙÙ...ÙØÙÙØØ ØÙØØÙ...Ø© ÙØÙØØØØØرØØ ØÙÙÙØØÙSØ© [realestatesky.net]

Ù...ÙØØÙ Ù...ÙØØ ØÙØÙØØ [realestatesky.net]

Ù...ÙØØÙ ØÙÙ...ÙØØ ØÙØØÙSØ© ÙØÙÙfÙرØØئÙSØ© [realestatesky.net]

Ù...ÙØØÙ ØÙØØÙ...ÙSÙ... ÙØÙØÙSÙfÙر [realestatesky.net]

ØÙØ£ÙØØÙ... ØÙÙرØÙSØ© : [ Ù...ÙØØÙ ØÙØØÙ... ] [realestatesky.net]

Ù...ÙØØÙ ØÙØÙØر Ù ØÙÙÙØØØØ ØÙØÙØرÙS [realestatesky.net]

Ù...ÙØØÙ ØÙØØØØÙ...Øر ÙØÙØÙ...ÙÙSÙ ØÙÙ...ØØÙS [realestatesky.net]

ØÙØرØØ ØÙرÙSØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙ...ØÙ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© رÙSÙ ØÙ...ØÙ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙÙÙÙSØرة [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØرØØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØÙÙSØØØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙ...Ø [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØرØÙØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙÙØØÙÙSØ© [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙ...ØØ© [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© Ø¥ØÙØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙرÙØ© [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙSر ØÙØÙر [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØØÙfØ© [realestatesky.net]

Ù...ÙØØÙ ØÙÙ...ÙØÙÙØØ ØÙØØÙ...Ø© ÙØÙÙ...ÙØØ ØÙØÙØØئÙSØ© [realestatesky.net]

Ù...ÙØØÙ ØÙÙ...ÙØÙÙØØ ØÙØØÙ...Ø© ÙØÙØØØØØرØØ ØÙÙÙØØÙSØ© [realestatesky.net]

Ù...ÙØØÙ Ù...ÙØØ ØÙØÙØØ [realestatesky.net]

Ù...ÙØØÙ ØÙÙ...ÙØØ ØÙØØÙSØ© ÙØÙÙfÙرØØئÙSØ© [realestatesky.net]

Ù...ÙØØÙ ØÙØØÙ...ÙSÙ... ÙØÙØÙSÙfÙر [realestatesky.net]

ØÙØ£ÙØØÙ... ØÙÙرØÙSØ© : [ Ù...ÙØØÙ ØÙØØÙ... ] [realestatesky.net]

Ù...ÙØØÙ ØÙØÙØر Ù ØÙÙÙØØØØ ØÙØÙØرÙS [realestatesky.net]

Ù...ÙØØÙ ØÙØØØØÙ...Øر ÙØÙØÙ...ÙÙSÙ ØÙÙ...ØØÙS [realestatesky.net]

ØÙØرØØ ØÙÙ...ØØ±Ø [realestatesky.net]

ØÙØرØØ ØÙرØØØ [realestatesky.net]

ØÙØرØØ ØÙØØرØÙØÙSØØØ ØÙÙfØر٠[realestatesky.net]

ØÙØرØØ ØÙØØÙÙSØ© [realestatesky.net]

ØÙØرØØ ØÙfØÙØ© Ù ØØØØ© [realestatesky.net]

ØÙØرØØ ÙØØ Ù ØÙÙÙ...ØÙ [realestatesky.net]

ØÙØرØØ Ù...ÙfÙØØ Ù ØØÙÙSÙØÙØ [realestatesky.net]

ØÙØرØØ ØÙØØ±Ø [realestatesky.net]

ØÙØرØØ ØÙØØ© Ù ØØÙØÙ [realestatesky.net]

ØÙØرØØ ØØØØ© Ù ØÙØØÙSÙ...Ø© [realestatesky.net]

ØÙØرØØ ØØØÙØ© Ù ØØÙSÙØÙ [realestatesky.net]

ØÙØرØØ ØÙØرÙÙSØ© [realestatesky.net]

ØÙØرØØ Ù...رØÙfØ Ù ØØÙØÙSÙØ [realestatesky.net]

ØÙØرØØ ØÙØ Ù Ù...ØØØ© [realestatesky.net]

ØÙØرØØ ÙfÙÙ...ÙSÙ... Ù ØÙØÙ...Øرة [realestatesky.net]

ØÙØرØØ ØÙØÙSÙÙ ØÙØØÙر [realestatesky.net]

ØÙØرØØ ÙØØÙS ØÙØÙØ Ù ØÙÙfÙÙSرة [realestatesky.net]

Ù...ÙØØÙ ØÙÙ...ÙØÙÙØØ ØÙØØÙ...Ø© ÙØÙÙ...ÙØØ ØÙØÙØØئÙSØ© [realestatesky.net]

Ù...ÙØØÙ ØÙÙ...ÙØÙÙØØ ØÙØØÙ...Ø© ÙØÙØØØØØرØØ ØÙÙÙØØÙSØ© [realestatesky.net]

Ù...ÙØØÙ Ù...ÙØØ ØÙØÙØØ [realestatesky.net]

Ù...ÙØØÙ ØÙÙ...ÙØØ ØÙØØÙSØ© ÙØÙÙfÙرØØئÙSØ© [realestatesky.net]

Ù...ÙØØÙ ØÙØØÙ...ÙSÙ... ÙØÙØÙSÙfÙر [realestatesky.net]

ØÙØ£ÙØØÙ... ØÙÙرØÙSØ© : [ Ù...ÙØØÙ ØÙØØÙ... ] [realestatesky.net]

Ù...ÙØØÙ ØÙØÙØر Ù ØÙÙÙØØØØ ØÙØÙØرÙS [realestatesky.net]

Ù...ÙØØÙ ØÙØØØØÙ...Øر ÙØÙØÙ...ÙÙSÙ ØÙÙ...ØØÙS [realestatesky.net]

ØÙØØ±Ø ØØÙÙS ØÙØÙÙ ØÙØرØÙSØ© [realestatesky.net]

ØÙØرØØ ØÙØÙØØÙ [realestatesky.net]

ØÙØرØØ ÙÙØÙSØ© ØÙخرØÙÙ... ÙÙ ØÙ... ØرÙ...ØÙ [realestatesky.net]

ØÙØرØØ ÙÙØÙSØ© ØÙØØر ØÙØ£ØÙ...ر [realestatesky.net]

ØÙØرØØ ØØÙÙS ØÙÙÙØÙSØØ ØÙØÙØØÙÙSØ© [realestatesky.net]

ØÙØ£ÙØØÙ... ØÙÙرØÙSØ© : [ Ù...ÙØØÙ ØÙØØÙ... ] [realestatesky.net]

Ù...ÙØØÙ ØÙØÙØر Ù ØÙÙÙØØØØ ØÙØÙØرÙS [realestatesky.net]

Ù...ÙØØÙ ØÙØØØØÙ...Øر ÙØÙØÙ...ÙÙSÙ ØÙÙ...ØØÙS [realestatesky.net]

ØÙØرØØ ÙØÙØÙ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙSرÙØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØØÙ ÙØÙØÙ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØÙ...ØÙ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØÙØØ [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙÙØØÙSØ© [realestatesky.net]

ØÙØرØØ Ù...ØØÙØØ© ØÙØÙÙØ [realestatesky.net]

ØÙØ£ÙØØÙ... ØÙÙرØÙSØ© : [ Ù...ÙØØÙ ØÙØØÙ... ] [realestatesky.net]

Ù...ÙØØ٠إØØرØØØ© ØÙØÙØرÙSÙSÙ [realestatesky.net]

Ù...ÙØØÙ ØÙØØØØÙ...Øر ÙØÙØÙ...ÙÙSÙ ØÙÙ...ØØÙS [realestatesky.net]

ØÙØØ±Ø ØØÙÙS ØÙØÙÙ ØÙØرØÙSØ© [realestatesky.net]

ØÙØØ±Ø ØØÙÙS ØÙØÙÙ [realestatesky.net]

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...