Experts agree that Microsoft's Windows Vista is relatively well-protected, but its security features — such as User Account Control (UAC) — have been highlighted by security experts as one reason why the operating system is far less popular than its predecessor, Windows XP.According to Scott Charney, vice president of Microsoft's Trustworthy Computing Group, UAC was designed to give users more control over the applications they run and help them make better security decisions by providing them with more information. However, the main problem with Vista's UAC, according to Charney, is that it prompts the user far too often.
"Clearly there has to be work done on UAC user prompts, where users get prompts at times they don't necessarily expect it — and it's not intuitive. The challenge is — as with many of these things when we try to give users control — if you give people too many prompts in too many situations, they view it as an impediment," Charney told ZDNet.com.au yesterday at the AusCERT security conference on the Gold Coast.
View: Full Article @ ZDNet Australia
So why is it that microsoft does it know and they get bashed but everybody defends linux for it?
In vista as long as you dont do something that needs admin access then the prompts dont come up.
So why is it that microsoft does it know and they get bashed but everybody defends linux for it?
In vista as long as you dont do something that needs admin access then the prompts dont come up.
I agree. You dont get it every second like people seem to think. On a day-to-day basis I rarely get it. When I install something I get it like I SHOULD
People just complain about anything these days. I find linux's much worse
So why is it that microsoft does it know and they get bashed but everybody defends linux for it?
In vista as long as you dont do something that needs admin access then the prompts dont come up.
It differs in that if you authorize the action in Linux, you don't get prompted 10 seconds later because you've accidentally closed the window. You are authorized for 5 or 10 minutes. UAC asks you every single time, so there is a big enough difference to not complain at all.
No one has ever been able to give me a good answer to this:
What's to prevent something from hijacking the sudo grace period? Because I'm sure if Microsoft implemented it, with their market share, you'd have malware attacking it within seconds of its release.
You only need it to do certain things such as install software for everyone. You can still download and run software without requiring elevated privileges, but you have to give it permission to execute which doesn't require a password, it's just a button click on a popup or an attribute change (right-click, Properties, Permissions, allow execution) if you want it to be permanent. You need to provide a password to write in system areas, and change global settings such as which system services are running and their configurations. You don't need it to open, move, copy files, delete shortcuts, run programs, empty trash, etc.
You only need it to do certain things such as install software for everyone. You can still download and run software without requiring elevated privileges, but you have to give it permission to execute which doesn't require a password, it's just a button click on a popup or an attribute change (right-click, Properties, Permissions, allow execution) if you want it to be permanent. You need to provide a password to write in system areas, and change global settings such as which system services are running and their configurations. You don't need it to open, move, copy files, delete shortcuts, run programs, empty trash, etc.
Vista does the same thing. Try installing Google Talk.
Linux has a flaw, because in that way a malicious user or malware can compromise your system during that period of time.
In Fedora, for example, you would open a terminal, become root with su and then everything you do inside that terminal will be done as root, no questions asked, until you close/exit your single terminal you opened. Everything else in that login session is still regular user.
Ubuntu dispenses with root login, and uses 'sudo' instead. They have it set for a 10 minute or whatever timeout. That time is terminated immediately if the user, as above, closes the terminal session. It doesn't stay authorized forever.
In that case, it is much like running Vista with the equivalent permissions (where you are just prompted "OK/Cancel"
The biggest problem with UAC is the fact that too many applications are written is such a way that they require admin rights to run. I have a PC game designed for Windows XP. Every time I insert the CD I get a UAC prompt. That’s right; the silly little autorun splash screen app requires admin rights!? It is stupid things like that where UAC looks bad, but it is really the app's fault, no UAC.
I'm with you. This is really the point to come to Neowin, not just to scroll through endless posts of whining or ranting (for whatever reason, not just microsoft)
I must say that maybe, maybe, UAC is playing a major factor in the low infection rate that Vista has compared with XP. We need to say reports on this, though.
I have disable it because i install/uninstall software everyday and as a software developer, i enjoy not being prompted.
I also agree that software developers are the ones to fault when simple applications that don't requiere admin privileges aren't wrote properly and cause the UAC prompts.
That I've always wanted to know. Mind you, I like Ubuntu's implementation better. Also if that 'sticky UAC' seen in a test Windows 7 build makes it, it could solve headaches for people first configuring their fresh installs of Windows.
That I've always wanted to know. Mind you, I like Ubuntu's implementation better. Also if that 'sticky UAC' seen in a test Windows 7 build makes it, it could solve headaches for people first configuring their fresh installs of Windows.
Say I launch Update Manager and install an update. Ubuntu prompts me for my password, then installs an update and closes the window. A timeout exists for the next ten minutes, even without the presence of a terminal window with sudo (or if there is, it's hidden from the user). Is Ubuntu able to distinguish user-initiated tasks and autoelevate, such as running Synaptic, within that time period? Without being able to do so a background task could theoretically wait until such a timeout exists, then proceed to wreck havoc.
I'm guessing the former is true. Don't think the Ubuntu devs are that dumb enough to let something like this slip through.
Now Vista is trying to put the genie back in the bottle and all the poorly coded applications are being highlighted because of the increase in restrictions on a default user account.
Any Unix/Linux user know that you don't run as root unless you have to, and all applications are designed with this in mind. Unix got it right from the start, Vista now trying to fix the problem and running into all the problems.
UAC is working as it should, the Windows programs from the last 10 years are not.
If it's so much of a bother get Tweak UAC and activate quiet mode.
Let's say 2-3 times a day, and i'm a programmer so I expect to see them a lot more than normal users
I've learned myself to live with UAC from the beginning. I don't have a problem with it. And it rarely appears. For normal users, I don't think UAC is a big problem. Having said that, UAC still need som tweaking of course.
I've learned myself to live with UAC from the beginning. I don't have a problem with it. And it rarely appears. For normal users, I don't think UAC is a big problem. Having said that, UAC still need som tweaking of course.
Yes, they did.
And it was much more annoying during the betas.
What. Yeah, because they just threw it in at the last minute, didn't they?
What. Yeah, because they just threw it in at the last minute, didn't they?
Then which beta versions did you guys have? I can't remember having UAC in any of those I tried.
I dunno, build all of them?
Sorry, trying not to be overly sarcastic, but seriously UAC's a major feature that was in most all of the betas, definitely all of the public ones.
It prompts you when you delete a shortcut that's in the "All Users" start menu folder because it affects the entire computer. If it's a shortcut that's only visible to your account, no prompt.
It's not? What about installing a piece of software you don't want your boss to know about then deleting the icon from the start menu so people can't see it?
Agreed. Microsoft has publicly stated that the role of the UAC was not only implemented to help protect the user, but also to help change the way developers write applications to be more smarter. Unfortunately this means that legacy applications will trigger the UAC more than it should. In time, as applications are updated, this 'supposeded' problem with the UAC will be a non-issue.
This type of article/issue keeps being regurgitated by technology critics. There has to be better issues to worry about?....
MS needed to put UAC into Windows. But that's not the problem, the problem is that people generally are afraid of change, so when the average user moves from their older OS to Vista, they see prompts they didn't before, and take a dislike to it straight away (regardless of the reason behind those prompts).
Computers are complex things that most of the population don't have a clue how to use correctly (or to their full potential). How many people on here have had to look at a problem for their parents/siblings/other halves/friends etc because essentially, they don't actually know what they're doing? UAC was a good step towards undoing the mess that Windows had become by the time XP rolled around. One of the biggest mistakes MS made was failing to encourage the use of restricted accounts sooner (both to users, but developers too) than they did. Yes, it's there in XP but that's not the point, there was no incentive for them to be used, most people didn't (I said most, don't flame me with the "I did" comments).
The concept of restricted user accounts is great - when you setup an admin user, why on earth would you run your daily desktop as that user? How many people use root as their main user on Unix/Linux? It's just the implmentation - MS should have forced it home to lazy developers that apps need to work in x way, or else they wouldn't work when distributed. When you get the "setup your admin password now" prompt the first time you start your PC after a windows install, how difficult would it have been to insist upon a new user/pass being created following that step? Or to prevent that user from logging in ever unless the PC was booted into safe mode?
Instead, lazy developers were able to get though from Win 95 to Win XP without needing to really worry - almost everyone was a computer admin who was logged into their desktop (primarily I mean home users here, not people sat at work with an IT team watching over them, although they aren't off the hook entirely - I come across loads of issues everyday at my workplace that are essentially poor IT implementations, but that's their issue). All these admins, with no restrictions on what they could (or couldn't) do lead us to where we are now - Windows is a haven for malware. The article states that Windows is known as the "easy to use" OS but this same ease of use now means people don't like the odd prompt here and there - prompts that are there for their benefit.
UAC is great, I'm all for it. I don't think its inclusion in Vista has been a failure for MS. Maybe there are a few issues - like the time it took me nine prompts to delete a single file - but these will be worked out. In the long run, each person gets a more secure (and controllable) computing experience, which can only be a good thing.
MS need to somehow overcome the issue that word-of-mouth has led many people to believing that Vista is a waste of time and effort.
So yes, the inclusion of UAC in Vista is not a failure, but if you read between the lines of the article, what it is saying is that Vista with UAC is a marketing failure.
So yes, the inclusion of UAC in Vista is not a failure, but if you read between the lines of the article, what it is saying is that Vista with UAC is a marketing failure.
You dont udnerstand how uac works. UAC prompts you when a system area needs to be written to, something that needs admin rights, or if it effects the whole computer. IF programs where programmed correctly this wouldnt need to happen.
Example a third party notepad app should not need to write anything to a system area to be installed .
A lot of programs a programmed wrong and thus all the uac prompts.
Again we are talking, marketing failure.
Again we are talking, marketing failure.
How can you say "most people?" How many people area you? This is clearly a Foxism, not a factual statement.
Yeap, that's right, MOST PEOPLE.
If you haven't got that yet, it must be because you're playing the ostrich.
If you haven't got that yet, it must be because you're playing the ostrich.
HAHA most people. Cos you've surveyed most people in the world on Vista, have you? Oh wait...
If you haven't got that yet, it must be because you're playing the ostrich.
Please point me to where this data "most people" is. I'd love to read it. If you interviewed the world, you forgot our house.
I bet "most people" can understand a dialog box that says "Windows needs your permission to continue. If you started this action, continue." with an icon and the description of the program.
Gave me a break. You've been around here long enough. You know.
So you're problem with UAC is the wording for why it was prompted... the reason it was prompted to begin with... or the fact that Microsoft doesn't point out the fact the MOST programs designed for earlier versions of Windows are designed with the assumption that you have administrative rights to EVERYTHING and as such UAC will ask for permission?
Then you would have no administrator account, would you?
And if something goes wrong with your system and your a standard user, oh wait....
Understand now?
XP used to do this, with having a nice little account called Administrator. How many people made an administrator password, and how many security settings could be bypassed just by logging into safe mode and administrator...
This is what happens when a minority believes that they're better than the majority. To the majority of users Vista is highly flawed. That is a fact. It is only a very small minority that have had little to no problems with it. Change has nothing to do with it either. That is as lame as blaming the users' equipment as well.
and as much as you call it lame, most people who have problems with vista are the people who call it slow. yeah vista doesn't run that well on 1GB of ram. you NEED to have a good pc to run vista. of course this is only an issue for people that do anything complex, again for normal people 1GB is enough because it's fast enough for them.
This is what happens when a minority believes that they're better than the majority. To the majority of users Vista is highly flawed. That is a fact. It is only a very small minority that have had little to no problems with it. Change has nothing to do with it either. That is as lame as blaming the users' equipment as well.
A fact is it? Somehow I don't think so. If you can pull out cited reputable sources that show clearly that most people of the hundred millions-odd that have already bought Vista have clearly stated that it's flawed, then and only then is it fact.
Simply put, you are the minority! Isn't it amazing that the minority believes that they're better than the majority (as you said)?
Maybe you need to think about your statements before trying to pass opinion as fact.
Simply put, you are the minority! Isn't it amazing that the minority believes that they're better than the majority (as you said)?
"I'm Sparticus!"... I bought a high spec. laptop, and had no choice but to buy it with Vista. I wiped it and installed XP.
Simply put, you are the minority! Isn't it amazing that the minority believes that they're better than the majority (as you said)?
"I'm Sparticus!"... I bought a high spec. laptop, and had no choice but to buy it with Vista. I wiped it and installed XP.
Would you like a medal?
This is what happens when a minority believes that they're better than the majority. To the majority of users Vista is highly flawed. That is a fact. It is only a very small minority that have had little to no problems with it. Change has nothing to do with it either. That is as lame as blaming the users' equipment as well.
A fact is it? Somehow I don't think so. If you can pull out cited reputable sources that show clearly that most people of the hundred millions-odd that have already bought Vista have clearly stated that it's flawed, then and only then is it fact.
Simply put, you are the minority! Isn't it amazing that the minority believes that they're better than the majority (as you said)?
Maybe you need to think about your statements before trying to pass opinion as fact.
Yes you can keep pulling "reputable" sources out of your ass, all your so called reputable sources are just FUD. If you want real user experiences on Vista go to the Neowin forums.
Almost every article I've read on "reputable" sites about Vista have no idea what the technologies in Vista were designed for. UAC was DESIGNED to prevent privalege escalation, and when your a standard user it asks you to type in an admin password. Yet you go on sites and reviewers are like whats the point of UAC when it doesn't ask for admin passwords.
http://www.windowsdailynews.com/2008/05/19...t-flag/#more-22
http://www.windowsdailynews.com/2008/05/19...t-flag/#more-22
Except that report doesn't specify the app so for all we know it could be doing the same on XP, 2000 and whatever OS it can be installed on. In other words, it could very easily be the app itself that's the one honouring the "broadcast flag"!
Yep, the source is rubbish as it's devoid of details, so non-news really.
It a very well known fact that Vista is full of DRMs that Microsoft put in there at the pressure of the big media cartels.
http://www.windowsdailynews.com/2008/05/19...t-flag/#more-22
Except that report doesn't specify the app so for all we know it could be doing the same on XP, 2000 and whatever OS it can be installed on. In other words, it could very easily be the app itself that's the one honouring the "broadcast flag"!
Yep, the source is rubbish as it's devoid of details, so non-news really.
It's obviously Windows Media Center from the screenshot. We've heard about this flag for a while now, so this shouldn't come as a surprise. In addition to the relationships MS has to keep with its customers, it has relationships to maintain with partners and other industries- like entertainment. You can bet that no one at Microsoft wanted to do this. If you're not satisfied with what Microsoft provides with Vista, then try a Media Center alternative.
And, if you really want to record American Gladiators... Read a fsckin' book!
Same vein. Vista is a marketing failure.
http://www.windowsdailynews.com/2008/05/19...t-flag/#more-22
Except that report doesn't specify the app so for all we know it could be doing the same on XP, 2000 and whatever OS it can be installed on. In other words, it could very easily be the app itself that's the one honouring the "broadcast flag"!
Yep, the source is rubbish as it's devoid of details, so non-news really.
It's obviously Windows Media Center from the screenshot. We've heard about this flag for a while now, so this shouldn't come as a surprise. In addition to the relationships MS has to keep with its customers, it has relationships to maintain with partners and other industries- like entertainment. You can bet that no one at Microsoft wanted to do this. If you're not satisfied with what Microsoft provides with Vista, then try a Media Center alternative.
And, if you really want to record American Gladiators... Read a fsckin' book!
Ah I didn't see that, assumed it was an ad so skimmed over it (trust me speed-reading through it!
LOL. Or come spend a few hours on Neowin forum's. LOL
Same vein. Vista is a marketing failure.
For it to be a marketing failure, it would've failed to sell. Considering the usual reputable business analysts have put sales of Vista above XP at the same point in time, I don't think Vista can be considered a marketing failure.
Sales ? You got to be kidding me.
Sales have nothing to do with that, Vista is a marketing failure because most people don't like Vista. It's a marketing failure because most business (like GM) have not adopted it.
http://www.betanews.com/article/EFF_says_M...lags/1211217801
http://www.eff.org/deeplinks/2008/05/micro...-your-media-cen
Last edited by Captain555 on 20 May 2008 - 15:57
Sales ? You got to be kidding me.
Sales have nothing to do with that, Vista is a marketing failure because most people don't like Vista. It's a marketing failure because most business (like GM) have not adopted it.
Most people? You're speaking for the majority of users now? That's the first part of your comment exposed, cos you didn't do your research. Most businesses? Again, you been to most businesses and seen what OS they are using? You surveyed most businesses to find out if they are adopting Vista in the future? When did businesses ever rush to a new OS as soon as it came out? Just because GM won't move to Vista doesn't make it "most businesses". I think you'll find that businesses (who have thousands of PCs to consider) won't move to a new OS until it's time to upgrade their systems. GM simply stated that Vista at the moment doesn't fit into their timeframe for upgrades.
Most people? Most businesses You got to be kidding me. Please... try again with at least some sort of proper citation and research.
Sales ? You got to be kidding me.
Sales have nothing to do with that, Vista is a marketing failure because most people don't like Vista. It's a marketing failure because most business (like GM) have not adopted it.
Yeh right, because GM is a perfect example of how corporations work in today's world.
So if your beloved GM were using 98, according to your logic 2000, XP, Vista, were all failures yeh?
---
Corporations find it A LOT HARDER to upgrade software, because of the money needed. Also, as many corporations tend to buy the cheapest computers they can find, like ones that lag on xp, you can't blame it on Vista.
By the way I love Vista, but I totally understand why UAC is absolutely hated by the normal folk... and by normal I mean the majority of users who are not elitist meganerds.
I don't think it's hated by the 'normal' folk.
It's hated by the self-described power users who don't actually know what they're doing.
Brandon once pointed out in the forums that Microsoft's CEIP data shows that the vast majority of user sessions go by without a single UAC prompt.
By the way I love Vista, but I totally understand why UAC is absolutely hated by the normal folk... and by normal I mean the majority of users who are not elitist meganerds.
You are very right, but I still don't retract any portion of my comment. I wish Microsoft had trumpeted UAC as a fantastic new "friendly" feature mass-media commercials. The people who need it most don't understand it, and don't realize that it's their friend, and in the grand scheme of things, it's infrequent and not annoying. If it doesn't bother someone cranky like me, I don't see why it would bother anyone else so.
I don't think it's hated by the 'normal' folk.
It's hated by the self-described power users who don't actually know what they're doing.
Brandon once pointed out in the forums that Microsoft's CEIP data shows that the vast majority of user sessions go by without a single UAC prompt.
Single-handedly summing up the whole situation. Congrats!
I don't think it's hated by the 'normal' folk.
It's hated by the self-described power users who don't actually know what they're doing.
Brandon once pointed out in the forums that Microsoft's CEIP data shows that the vast majority of user sessions go by without a single UAC prompt.
THANK YOU sensible post! Backed up with, omg facts?!
That is assuming most users who use Vista agree to CEIP when it's advertised to them.
That is assuming most users who use Vista agree to CEIP when it's advertised to them.
Why would it? I'm sure it's a fair enough sample of users.
anyways, usually pron is video, audio and picture, hence install-less
Maybe it's just me, but UAC seems 100% logical to me. It comes up when I'm doing something that could change my computer. It stays quiet the 99% of the other time, when I'm working.
Ah, but there are those times when I run an app, literally just open a simple 3rd party app - and UAC asks me? GASP! I have to click a button! And this is Microsoft's fault? Are they the ones that wrote the aps that assume you need admin priviledges, the app that wants to write to your protected areas?
Sheesh!
All this is, is taking what was once a tecchie issue (local computer security) and allowing it to be part of a consumer OS. The two models still don't totally align 100% perfectly yet, so Microsoft have created a system that will accommodate both models as well as possible.
This was actually more annoying in XP, because all the stupid software that assumes it's got admin privileges would simply not run, or break. Now, when I attempt to launch a program requiring admin privileges in Vista instead of the UAC prompt I automatically get like a combination UAC & user/password prompt to launch the program with an admin user, so in that respect Vista's UAC setup actually works much better than how XP handled it.
In the grand scheme of things, having to launch something requiring UAC or admin privileges doesn't occur that often, besides that first week when you're installing all your software.
Thats true, but this is a good example of why first impressions are so important.
This was actually more annoying in XP, because all the stupid software that assumes it's got admin privileges would simply not run, or break. Now, when I attempt to launch a program requiring admin privileges in Vista instead of the UAC prompt I automatically get like a combination UAC & user/password prompt to launch the program with an admin user, so in that respect Vista's UAC setup actually works much better than how XP handled it.
In the grand scheme of things, having to launch something requiring UAC or admin privileges doesn't occur that often, besides that first week when you're installing all your software.
The main trouble is, even if you run with a limited account, viruses, spywares and many other "nasty-wares" runs on a high-level, even beyond admin rights. In linux happens the oposite, where a "backdoor" can runs without right (without account) and still be a headache.
It's not that the idea behind is bad, but the implementation is all wrong.
If MS wouldn't added an option, to allow you to run an app always (that you trust), at an elevated level, I think most of the UAC complains would disappear.
As it stands, everytime I turn on my desktop, I get prompts about me allowing RivaTuner and Boinc, and Defender won't allow me to make an exception for them at startup. Annoying, annoying, annoying.
Outside of that, I understand the need and use of UAC (and how about adding a 'sudo' like command too).
Also a lot of the security benefit UAC provides would disappear.
It's not that the idea behind is bad, but the implementation is all wrong.
If MS wouldn't added an option, to allow you to run an app always (that you trust), at an elevated level, I think most of the UAC complains would disappear.
As it stands, everytime I turn on my desktop, I get prompts about me allowing RivaTuner and Boinc, and Defender won't allow me to make an exception for them at startup. Annoying, annoying, annoying.
Outside of that, I understand the need and use of UAC (and how about adding a 'sudo' like command too).
lol yes, please trust my 3rd party malware infested application that I dont know where I got it from, but it gives me that nifty "anti-spyware" toolbar in IE.... I think that would completely defeat the purpose of UAC
And honestly, most people download, malware infested "anti-spyware" toolbars for IE thinking they will fix everything and nothing will go wrong, and would say yes to something like that, if anything to stop them from being nagged.
What MS should have done is promote it more, as a security feature saying something like "Know when an app is doing something its not supposed to be doing" All this BS hype has made it out to be an annoying feature that never should have been implemented. I think UAC was the greatest thing ever for security (even though I turn it off)
I guess this post fills the quota of at least one anti-Vista newspost a day this place seems to have adopted.
The problem with the UAC is that it handled applications that were *not* made for Vista poorly.
Take for instance Visual Studio 2005... you had to run it with admin rights... even though you were an admin didn't mean you had admin rights because you were saving or creating files outside your *private* domain or lets say your documents.
Some apps that were wrote and not updated before or shortly thereafter the UAC came into existance never threw an error if certain things were denied... granted thats the paricular apps fault but it sure is nice to develop an item and then blame everyone else for not being up to par. Extremely short-sighted would be another anecdote for the UAC.
In my opinion the UAC did its job... just poorly. Look at all the coporate programs that they keep in-house that is designed for them and them only and see if the UAC lives long in that environment... willing to make a bet?
And did Microsoft figure this is going to be different for small businesses?
I have moved back to XP Pro.
Last edited by WindSailor on 20 May 2008 - 17:51
The problem with the UAC is that it handled applications that were *not* made for Vista poorly.
Take for instance Visual Studio 2005... you had to run it with admin rights... even though you were an admin didn't mean you had admin rights because you were saving or creating files outside your *private* domain or lets say your documents.
Some apps that were wrote and not updated before or shortly thereafter the UAC came into existance never threw an error if certain things were denied... granted thats the paricular apps fault but it sure is nice to develop an item and then blame everyone else for not being up to par. Extremely short-sighted would be another anecdote for the UAC.
In my opinion the UAC did its job... just poorly. Look at all the coporate programs that they keep in-house that is designed for them and them only and see if the UAC lives long in that environment... willing to make a bet?
And did Microsoft figure this is going to be different for small businesses?
I have moved back to XP Pro.
UAC is a blunt force way of getting the development community back on the right track. It was a bit painful last year, but I don't even have any applications installed right now that need admin access to just run.
Some people whine and cry no matter what Microsoft does. The rest of us figure out what UAC is and how to properly implement it and then have nothing to complain about.
As for UAC, it behaves like an autonag system and I hate it. It's like they resurrected Clippy, gave him Admin poweres, and then put him on crack.
"It looks like you're trying to open Internet Explorer. Would you like me to nag you about that?"
As for UAC, it behaves like an autonag system and I hate it. It's like they resurrected Clippy, gave him Admin poweres, and then put him on crack.
"It looks like you're trying to open Internet Explorer. Would you like me to nag you about that?"
So you have a PC running Vista, eh? Exactly what applications are you running that are triggering UAC prompts? Because IE doesn't do it.
As for UAC, it behaves like an autonag system and I hate it. It's like they resurrected Clippy, gave him Admin poweres, and then put him on crack.
"It looks like you're trying to open Internet Explorer. Would you like me to nag you about that?"
So you have a PC running Vista, eh? Exactly what applications are you running that are triggering UAC prompts? Because IE doesn't do it.
If IE asks for admin access, and you approve it, you deserve to be removed from the Internet. Running a web browser as an Administrator is the same thing as giving the Internet administrative access to your machine.
exactly!, which is why i just flat out turn it off as it's more of a hassle than anything else.
I can't imagine what the hell you are doing that frequently that gets you this deluge of UAC prompts. My guess is that you either aren't and are blowing the situation out of proportion, or simply don't know what you're doing.
So therefore if someone is seeing so many prompts, they should really use their sense and work out why they are seeing so many prompts. It's probably their ****ty 5-year old app that writes willy-nilly anywhere it likes that's doing it. Time to stop being a cheapskate and upgrade to the latest Vista version.
It's like this, if I were to roll out a media service like iTunes, I would look at iTunes and use it as a starting point and improve on it, not go blindly to create another bad design.
About the iTunes mention i don't want to sound like an apple basher but if you meant the itunes store, you are right. If you meant the program itself (in windows or macs) you are somewhat wrong, there have been two or three applications for windows that innovated library management (J. river media jukebox being one of them) and itunes copied from them, but they didn't copied all the good things. iTunes is just a "decent" program, not a great one when it comes to libraries because it lacks so much in this regard.
It's like this, if I were to roll out a media service like iTunes, I would look at iTunes and use it as a starting point and improve on it, not go blindly to create another bad design.
You have a problem with your computer if you are getting UAC prompts when you open Control Panel. Mine doesn't do that, and it's not supposed to.
It's like this, if I were to roll out a media service like iTunes, I would look at iTunes and use it as a starting point and improve on it, not go blindly to create another bad design.
+1. IIRC vista doesn't ask for a password in those UAC prompts when you're logged in as an admin user, while sudo on Linux and Mac OS X does. If UAC is to help prevent security breaches due to user fault, then a box with a simple "continue" button is not very much help. I mean, honestly, how many people can say that they read every dialog box that pops up on their screen? or the EULAs? I know I tend to just click OK or next and get on with what i'm doing. having to enter a password makes you have to stop and think.
But it's not.
UAC's primary goal is to prevent automatic privilege escalation and to keep software at the least privilege level needed to complete its task. It's not to prevent your mistakes.
So, If we have applications that repeatedly need a UAC Prompt it can be somewhat annoying, so:
Having a "always trust this application" may not be the best of options, but what about a UAC equivalent of gpedit.msc where you can set all the fine details of what UAC allows, doesn't allow and what it does and doesn't check for?
I know you can silence UAC, but as far as I know, there isn't really any fine control over it so if there is one particular part of it that's a problem, you can't easily work around it.
Would you say this solves the above problem? Would you say it satisfies the "power users"?
My thought process behind this is, it should (in theory) prevent normal people from touching stuff they really shouldn't but still allow fine control.
Just a thought. Don't kill me
Uh. That's called editting the ACLs on whatever you want to tune. If, for instance, you want to allow any program write access to a directory in Program Files that it would not normally have access to, you just give Users write permission, and you're done.
That's it. That's how UAC works. It just prevents running apps from doing stuff that they'd need to rely on an "Administrator" permission entry for.
Uh. That's called editting the ACLs on whatever you want to tune. If, for instance, you want to allow any program write access to a directory in Program Files that it would not normally have access to, you just give Users write permission, and you're done.
That's it. That's how UAC works. It just prevents running apps from doing stuff that they'd need to rely on an "Administrator" permission entry for.
True, however, to me it just seemed tedious, although unless your installing new applications everyday, it's probably not going to be that much of a hassle. Shame these machines can't just read our minds. Would make life alot easier
Its really annoying when UAC prompts, my screen flashes and then a light box shows up about a couple seconds later. A few seconds may not seem much, but If it happends a lot, its quite annoying. Also you cannot do anything else when the lightbox is on. I would MUCH rather if there is just a prompt window instead of a lightbox. If its REALLY nessasary, make the light-box run smoother, and faster. Cut that screen-blink, 3 sec delay crap, I want to see a smooth fade in, quickly fade out lightbox!
Its really annoying when UAC prompts, my screen flashes and then a light box shows up about a couple seconds later. A few seconds may not seem much, but If it happends a lot, its quite annoying. Also you cannot do anything else when the lightbox is on. I would MUCH rather if there is just a prompt window instead of a lightbox. If its REALLY nessasary, make the light-box run smoother, and faster. Cut that screen-blink, 3 sec delay crap, I want to see a smooth fade in, quickly fade out lightbox!
Its really annoying when UAC prompts, my screen flashes and then a light box shows up about a couple seconds later. A few seconds may not seem much, but If it happends a lot, its quite annoying. Also you cannot do anything else when the lightbox is on. I would MUCH rather if there is just a prompt window instead of a lightbox. If its REALLY nessasary, make the light-box run smoother, and faster. Cut that screen-blink, 3 sec delay crap, I want to see a smooth fade in, quickly fade out lightbox!
Actually, it has two purposes: Prevent keylogging of the UAC prompt, and to prevent any application from falsifying input on the UAC dialog.
But since the default configuration has it on, and it's such a tiny minority of users who turn it off (Myself included. Stupid mobility modded drivers and that flicker...) I don't think it's a security problem. It'll never be targetted.
I have yet to come across a Vista PC with updated graphic drivers that don't do hard flickers. There's no flicker with DWM disabled, but with it on....
....but as you said, only a minority cares about or knows about disabling UAC or Secure Desktop.
if this is a step of many in a transition in security then what is it gonna be like
in 3 or 4 OS versions down the road ?
i can ivision a lot of people turning against MS after a while if they continue what they are doing
and how quickly the fanboys will forget their rhetoric once they have switched sides lol
i see lack of concern for teh big picture and the advanced power users that want a good OS
instead they will slopp together pieces of random code in an effort to please every one
and wind up pleasing no one fully all the while conmtinue what they have done all along
which is make an ever increasingly Bloated OS..
just imagine how many terabytes of ram your gonna need for .net framework 9 or whatever lol
im sure ill have perm switched to linux long before that
i also enjoyed the dozen + comments about Vista leading market sales figures lol
that wouldnt have anything to do with lack of availabilty of XP now would it ?
my parents bought a lap top a while ago and wanted xp and were mad they were forced to get Vista
they tried it and after many months they still say it sucks baaaaaad and they wish they could wipe it out
and install XP but were concerned that it would void the warranty on their brand new laptop.
Im not the only one that thinks Vista is a disapointment..
It has to do with the screen darkening when the UAC box pops up. It corrupts the video drivers for some programs and they crash. There's no reason they should have to make the screen go dark like that.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.