Neowin.net

Me: Anti-UAC Articles Designed To 'Annoy Readers'

So "Run As" annoys you?

It annoys me too. I think UAC is much better.

Agreed!

Also I really have no issues with UAC, after the initial setup I rarely get prompted.

+1

Because as we all know, just like wearing seat-belts and not using mobile phones when driving, not running with Admin privileges saves countless lives each year. Come on, if you're going to clutch to an analogy, make it vaguely similar at least. But hey, let's sail along on HMS crap analogy for a little while longer....

Ever wondered why, despite all the laws and the fines, people still don't wear their seat-belts and still drive along chatting to their friend on their phone? It's because fines and laws don't change the belief system. By their very nature, they are only useful after the event. I can bully you into saying what I believe to be true. That does not mean, however, that I have converted you to believe what I believe.

All Microsoft have accomplished is to irritate many of those who have switched to Vista, and give those who haven't yet switched another reason not to.

I agree with this move by Microsoft because otherwise application developers were going to continue doing what they did wrong. Personally I don't have UAC enabled. That is because some software I use requires it to be disabled during install, plus it blocks software at startup without the option of an exclusion list. It's quicker and easier for me to simply disable it all together - the silent mode in TweakUAC is no use to me.

I think that the seat belt law had more to do with law/medical officials tired of scraping a person off of the pavement and less to do with concern about everyones safety.

It's actually a pretty valid analogy. When seatbelt laws began, people bitched and moaned (just like the way idiots whine about UAC now). Now, it's accepted and second-nature to buckle your seatbelt the minute you get into a car. We're that much safer because of it, and now it's a habbit because it's accepted. It just took a decade!

I don't have any issues with it either because the first thing that I did was disabled after I installed Vista.

is a correct analogy but the fact that UAC is the same to put on your seatbelt in every stop, so sooner or later you will ask automatically yes for everything or you will disable UAC.

So, if we are keeping with the car analogy, the first thing you do when you buy a new car is to cut out those annyoing seatbelts? "I don't need to wear them, I'll be safe"

+1

Generally speaking if you are smart enough to disable UAC then you don't need it. It was designed for the idiots who don't understand that they are installing programs.

If it didn't do that, another app could grant itself admin rights....which is what UAC is intended to stop.

O? yeah... its still windows LOL

Last edited by CoolBits on 11 Apr 2008 - 12:48

It has been explained before. It asserts control of the session, and the display by dimming is a less "shocking" way to transition than a sudden change in the entire screen. My Ubuntu Linux does the same thing. It is better than having the screen blank with just a prompt box shown. God, imagine the complaints about that!

lol, maybe you should read up on the subject before adding your input. 1) gain a basic understanding of what it is you are criticizing

Why do you need a whole screen dimmed for one app? You just need a password prompt window with explanation of which app needs privileges... you can still use other apps before entering password for this app.
Have you ever used OSX?

yes and the OSX version is insecure just because of this, by allowing other apps to function at the same desktop/user level as the elevation prompt you make it possible to let other apps "click" on the I agree button. The windows and linux versions don't have this flaw as they operate in a secure desktop. (the faded out windows you see are actually just a screenshot of the screen before the prompt used as wallpaper of the secure desktop)

It is because if the prompt were in the same desktop session as other applications, malware might send messages to the prompt window emulating a click on the allow button. Thats why it is generated in a separate desktop session where other applications cannot send any message and the system can be sure the response came from you.

So malware apps can enter your password too? Didnt know that ufff LOL
Anyway this is only possible in windows (if it is)... in OSX ONLY the app that asks elevation GETS elevation...

You could easily use Automator to click the OK button on the OSX admin elevation prompt.

Ever heard of a keylogger?

And secondly, are you even thinking about what you're saying? In Linux and Windows only the App that prompted gets elevated otherwise the whole system would be rendered pointless.

Out of Linux/Windows/OS X, OS X has to be the most insecure. The only reason there are so few vunerabilities/viruses for OS X is because of it's relatively (To Windows) tiny market share.


You're digging yourself a large hole with this discussion, i suggest you quit before it gets any deeper.

I swear in OSX you have to enter your password to 'unlock' the lock. So unless you use Automator or equivalent to steal the user's password, what need is there to blank out the entire screen?

Only Vista has continue/cancel. But even then, you could shut off Secure Desktop and make admins in Admin Approval mode be prompted for credentials. That will be similar to OSX. (except there's no permanent 'sticky' unlock mode)

I just said that its pointless to dimm the whole screen for 1 app that need elevated privileges and nothing else...
BTW keylogger would also need elevated privileges to run + in OSX you ALWAYS need to enter password... there is no cancel - allow like in windows.

It's funny, because you're entirely correct. OS X has probably the most insecure option.
However, developments on the GNOME front will make PolicyKit the default elevation method instead of gksudo, and it seems that PolicyKit is remarkably similar to OS X's prompts

PolicyKit
OS X Authentication

And, just for reference:
GKSudo
User Account Control (UAC)

On another note, compared with all three system's i've used (UAC, OS X Auth, and GKSudo), UAC is the most annoying. Can't really say why, because UAC is very similar.

I think it's just considerably more jarring, even moreso than GKSudo. It takes a few seconds to go from blanking the screen to displaying a prompt, and the darkness of the fade-out really takes you away from what you were doing... Maybe that was their intention, maybe not, but It IS the most annoying in it's presentation.

you just prooved that you have no idea what you are talking about and didn't even read the answers to your ignorant accusations

You were trying to say that windows has two desktops (secure and insecure) or what? I just said that ist pointless to have secure desktop (to dimm it) if the default desktop is secure...
When there will be an app that will steal your password, enter that password in prompt and click ok... then NO system is secure... not even vista with "secure" desktop

When you start arguing over dictionary word meanings of a marketing-named feature, it shows that there is no longer a reason to discuss things any further.

Yeah but the difference with Linux and OSX are that you only need elevated priveledges to change core system settings, not for deleting shortcuts, etc... I know you're talking about entering a password here but the topic is about UAC and MS thinks it is necessary to teach users good habits, but a lot of people don't have the problems that UAC is supposed to solve in other OSes.

You are such an idiot. Because the elevation prompt is on the same desktop as the ordinary user is OS X, a keylogger can just log the password in as you type it in (since it is running on the USER desktop, not an ADMIN SECURE desktop) for a different valid program that you need to run as admin.
In Windows, the user desktop is "deactivated" and any apps running as user can not log the keyboard and mouse anymore. The Secure desktop is completely separate, anything not running as admin has NO POWER in the secure desktop. A key logger would need to be run as admin to work in the secure desktop (where you enter the password) to get your password, but UAC makes sure it doesn't run as admin. If the keylogger were to run without admin, it can not log and UAC passwords.

And yes, UAC doesn't ask for password normally, but only when the user is not an "admin account". Even the UAC prompts that don't ask for a password are secure, because they still run on a secure desktop. Any user program (such as a macro program designed to click "continue" will NOT WORK in secure desktop.

If you need more explanation, without a secure desktop there can be a 2 part virus. The destructive part needs to be run as admin, and the other part is just a macro program. The virus first launches the macro program which waits until a UAC prompt comes up. The part that requires admin is then run, and the UAC prompt comes up. Since the prompt is not in a secure desktop, the macro program will click continue and the virus does the damage.

How would these keyloggers etc get on if the desktop were secure? So this is just trying to seal off damage when exploits already exist?

The Secure Desktop in Vista is isolated from the session that you're running.

I can launch an app right now, and it'll run with user privileges. That means it can log my keypresses as I type this. It can move the mouse, do whatever.

However, the UAC prompt forces the computer to switch to something called the Secure Desktop. That application I launched earlier doesn't even know that this desktop exists. It can't see it. It can't log my keypresses so long as I'm on it. It certainly can't interact with the prompt on it.

The only conceivable way that you could log keypresses on the Secure Desktop is that you at some point launched something as an Admin which totally screwed over your system's security. But since you had to manually allow that, it's not Windows' fault.

No, there is a secure desktop MODE. When UAC takes over it dims everything except the prompt to let you know it's not active and the OS will not accept any input except from the mouse and keyboard. Although I haven't used it yet under Vista, I suspect that you cannot confirm a UAC prompt while working with a standard remote assistance request either. I would guess the local user would have to approve them for you.

Many people don't set passwords for their computers. In those cases it only requires clicking the Accept/OK button.

Isn't this the same as just creating a different user account in a different user group and launching an application with their credentials?

On a side note, I wonder if they ever plan on using .NET for IE development.

Last edited by HalcyonX12 on 12 Apr 2008 - 23:54

Nope.

Yup, sounds that way to me. This is a local-only session, from what I am told (I guess I could try to VNC into my kid's Vista PC and attempt an action that would trigger UAC to make sure). Meaning that it is a system display (session/account/whatever) that is tied into localdisplay and local keyboard/mouse input.

Thanks for the helpful reply

The big deal is that features like this are installed on your PC and eventually add up to 16GB. Add to this Vista's habit to index and backup everything imaginable and you have a Windows installation that continues to grow the more you use it. Eventually, it will collapse under it's own bloat and corruption, then you have to reinstall.

This is a deeply flawed designed, and just one of many reasons why people say that VISTA SUCKS.

Perhaps Vista was designed to suck?

Thank you for proving you don't have the slightest clue on what you're talking about.

Because if you did, you would realise you can disable the Volume Shadow Copy service and that Indexer only indexes 3 folders by default. (Users, Start Menu and Offline files.)

But i suppose facts are a waste of time in this discussion, because afterall you are throughly attatched to the VISTA $UCKZ bandwagon.

Last edited by Athernar on 13 Apr 2008 - 12:24

You also didn't realize that most of the size of vista is due to the huge amount of drivers it supports out of the box and has nothing to do with active processes...

But it's cool to hate, so right on.

He is actually more silly.
First: even the dumbest user wouldn't get 16Gb size. More like 8-10.
Second: It's funny how this smartass doesn't know about the harrd links. About half of so-called Vista size are from hard linked files. So all dumb people count gigs of files twice and yell about size. Subtracting free space from the total space is too hard for them.

If that's the case, how is UAC going to help? Clicking "Allow" will become as repetitive and mundane as clicking "I agree" or "Next", if a user doesn't know why they should click "Allow" or "Cancel" then they'll probably just end up having the same problems as before. The only thing UAC changes is that now MS tech support can say "Well you clicked Allow so it's your fault"... the user still won't know what happened or know how to tell what actions are good and what aren't, unless it's just trial and error, which is not a good approach to security.

a truly power user has UAC enabled.

Last edited by franzon on 11 Apr 2008 - 15:26

+1

My works laptop wasn't touched between when my predecessor left and I joined. First thing I did was to re-enable UAC.

Rather have IE running in a sandboxed mode rather than with admin rights thanks.

Being a true power user meaning that they know exactly what they're doing and not doing. Thus, features like UAC, System Restore, and Security Center, etc aren't even necessary. Worst case scenario, a 5-minute restore back to clean state.

But you just said we don't need System Restore - how are we supposed to restore then?

I don't use Internet Explorer at home, and I don't use Vista at work.

People who know what they're doing also have knowledge of the resources available to them. UAC provides enhanced security. System Restore provides a simple quick way to back out system changes without re-imaging the computer. Security center allows a one-glance way to monitor the condition of security-related software. Yes, you do have the option of not using any of it, but if you're basing that decision solely on the idea that it isn't necessary because you're so elite, then you're already suffering from arrogance and complacence - common problems in end-users.

Wrong. A true Power User will know *why* such security features are in place, and will work alongside them as necessary *without* having to deactivate them (because he/she did the due-dilligence and researched them). The very fact that you *still* want to let applications engage in the very unsafe behavior that's a security risk in the first place (and thus why UAC was created) shows you have not learned the very lesson that UAC was supposed to teach with the annoying reminders.

How did it stop them from installing programs, you get a prompt and they click "Allow" or "Cancel" thats it.

No, if you're logged in as a standard (non-adminsitrative) as a part of intelligent computing, then you'd get a "To continue, type an administrator password and then click OK." dialog. Administrator accounts get the Allow/Deny options by default, but it can thankfully be turned off with Local Security Policy.

No you don't. If it never asks you for elevation and automatically gives it, that is the same thing as running as admin by default. You are not getting ANY part of "the world" of UAC, you might as well disable it.

This is just a guess (I'm still on XP) - but wouldn't UAC's quiet mode still give you the sandboxed mode in IE7 etc?

ya really lol

besides i didnt know this was up fort debate..
i thought it "goes without saying" that obviously it was designed to irratate users
kinda like saying "hey seatbelts are designed to save you" here i thought they were a fashion statement

i still think Vista sucks, bandwagon or no bandwagon
and UAC is poorley implemented but i think but its ok for Mom, Grandma, your girlfriend etc..
you know the people i mean, the Toolbar collectors

there aint much to debate here as usual with security related talk user desicions are the most important factor
and all the security software and features are an aid, and not the solution.

when i tried vista i disabled UAC cause if i wanted to get nagged i would get married or something
it makes installing cracked/pirated software difficult and impedes my efforts at crackin stuff myself
what self respecting hacker or cracker is gonna wanna use Vista as his/her OS of choice ? lol

although i see why MS put it in and i think its a good idea for the general public.. just not for me thx

guess thats one more reason to buy the business or ultimate edition...

Ok, go ahead and explain what UAC does and why it is so worthless.

Because you know, a web browser (any) needs full access to a computer, right? (for one example) Because Zero day exploits will only happen on IE, right?

Auto-accept for UAC is the same thing as turning it off.

Because if it's in auto accept, you've just introduced a rediculously obvious security hole: Any applications can now spawn another process at any privilege level it wants. This effectively neutralizes a large portion of the benefit that you get from having an OS that follows LUA.

While this would mitigate exploits that do things like redirect a file i/o operation, or something, if you had one that allowed for any kind of arbitrary code execution, you're absolutely screwed with a system like the one you suggest.

Not only that, but an option to "auto approve" an app means the OS would have to keep a list of the approved apps somewhere. Malware could then be added to that list via some other exploit.

That could be protected by requiring Admin access to write to. The only 'real' problem comes from the fact that it basically allows anything to do anything it wants, so long as it can take the time to spawn another process.

If you are seriously getting UAC prompts copying a file then something is wrong with your settings on the folders. Enable your user full control of them. PEBKAC not OS problem. If this was truely an issue why can I copy from any partition just fine and to/from usb keys, cdroms, and network shares without the same problem? Oh, that's because it isn't a problem with uac.

As xsilver said, the ACLs on the other partition are obviously wrong if it's giving you problems.

Either give "users" or your user account Full Control of the partition. (Note: Don't do this to your system drive. You'll just be asking for trouble.)

:o it worked!!!! gabazooba! armadillo yams! thanks!

Why's that? I used Vista on my girlfriend's computer once (I've only used Vista a few times btw) and it prompted me all the time while I tried to move files and folders and install a few things (and no, we weren't watching porn). It was such a nuisance; I was instantly annoyed and thought to myself "omg, if this was my computer, this would be the first thing that I would disable!"

Like some posts above mentioned, it's the permission settings.

Files from XP may (or rather, most likely) be tagged as owned by an administrator.

I've moved and copied thousands of files on my PC with no prompts.

+1
never had to reinstall a system cause of malware or crap tbh...

Glassed Silver:mac

You know what you are doing? Because I found out a bunch of programs crapping in my system folders. Do you like piles of crap laying around?

Amen - I'm picking up a laptop Monday, and after I make sure all the components work, off comes Vista, and on goes XP. If I had a choice, there'd be no OS (or malware) on the damn thing.

Hey MS exec? It's annoying all right - so much so that market share is decreasing. Good job?

I only really found it annoying when I was doing a fresh install of Vista and had to install all of my usual applications and organise my start menu, but after that it wasn't that obtrusive.