Remember UAC (User Account Control)? It is a part of Windows since Vista, but when it was first introduced, it caused quite a bad stir.
People did not like because it was way too annoying. It kept pestering users for everything that required system access and elevation of privileges.
Anyway, the now refined UAC, is a part of Windows and everyone seems to be fine with it, although its defaults can be changed from the Control Panel, if we so wish.
OK, here is my proposal. Lots of hacking tools and attacks are based on the fact that Windows computers automatically send their credentials (computername, username, Kerberos ticket, password hash, what have you) to servers, in order to seemingly access their services.
So, these hacking tools and attacks gather these credentials and then use them as they are or try to further crack them.
This problems gets worse because this behavior does not occur only inside the LAN.
To understand this last statement, please refer to:
Researchers show how to steal Windows Active Directory credentials from the Internet
Here is what I propose to Microsoft: stop the automatic behavior of credential sending. Or, rather, when Windows is about to send credentials, warn the user and pause the process until the user accepts.
This exactly how UAC behaves for things that mostly pertain to the computer. And, just as UAC permits the alteration of its behavior from the Control Panel, the same can happen to this “network UAC” that I propose.
And of course, as UAC became less annoying as time went by, the same will happen to the “network UAC”. For example, when a user logins, windows will know that the user has just input her credentials, so she knows she is about to access her logon server, so there is no need to block the process with a “network UAC” here.