Symantec: Vista UAC Is Still Too Chatty

In positioning itself to provide aftermarket applications for Microsoft's Vista operating system, anti-virus market leader Symantec is highlighting some shortcomings it believes to exist in the new platform's own security tools.

Among the conclusions of a presentation delivered to the media during the week of Jan. 8 by Symantec Vice President of Engineering Rowan Trollope is the software maker's finding that the UAC (User Account Control) feature of Vista, a security innovation highly touted by Microsoft, remains unwieldy and confusing to users.

UAC is designed to help Vista limit malware's ability to escalate an individual PC's user privileges, a common technique used by code writers to spread their viruses from one machine to another.

Integrated with Vista's other onboard security technologies, the system is set to prompt users whenever a program attempts to change its status on their machines, thereby lowering the chances of hidden threats to operate on PCs running the OS.

News source: eWeek for Full Article

Report a problem with article
Previous Story

Microsoft takes email design back 5 years

Next Story

IE7 now on 100 million systems

15 Comments

Commenting is disabled on this article.

Looking at the posts above a whole lot of people are using Symantec's 2007 versions of their product. I've ran NIS 2007 beta and Avast on my computer and I had no problems with either.

[back on topic]
I have one computer running Vista and I don't find UAC chatty. I actually welcome the fact that UAC pops up, because it means I should make sure I know what I'm doing

1. UAC only hurts legitimate users, there are reports already of exploits to completely bypass it without any prompting.
2. UAC asks so many questions, just like Zone Alarm, etc, that users universally become conditioned just to say YES to everything, I know this as a fact as I've seen hundreds of PCs with every kind of necessary security still filled with malware and spyware because the user clicked on it, got prompts for the bad software just like they do for the good software, and thought 'if i want it to run i have to click yes'. The first thing 99% of people will do, who are able, is disable UAC.
3. Great idea with the UNIX home-directory concept MS -- too bad its about 20 years too late, and we already have file systems pretty much across the board that require folders outside of the 'home directory' -- I actually tried to use UAC until I realized I couldn't save files to any folders on my system except my user folder, and I'm 100% sure UAC will be hacked before you can say "User Account Control"

UAC is just a marketing concept, as far as I can tell, so they can check off some boxes on a Features List and get CES and all the other MS-worshippers to hand out awards for best product. Same with all the DRM integration -- it seems really great on paper, but after it's been in use in the wild for a few months, it'll all be ripped apart, and will only be inconveniencing legitimate users.

In general I think the Vista launch is going to be, not a flop, but all this crap about 'the biggest release since 95' is just that -- crap. The transition from 95/98/Me to 2000/XP was a no-brainer, 95/98 were awful OSes. Microsoft pretty much buried win2k professional, I secretly think it was Ballmer burying Bills last product. Either way, there were many reasons to upgrade to XP from 95/98, it was a whole different operating system essentially -- but XP to Vista is purely superficial. It won't do anything for you that you can't do already, its basically just putting some third party vendors out of business, trying to score some points with the MPAA/RIAA/etc, and win a few industry awards from pay-for-review rags.

Apparently Symantec doesn't use their own software, have they not tried to sort through the 10,000 buttons and settings that come when their software is installed, talk about confusing to customers.

I consider myself pretty savvy when it comes to technology and I still get confused sometimes by Symantecs products.

Personally I think Symantec knows Vista actually handles security quite well and they are just getting nervous they are out of a job. Personally I say Kudos to MS, people asked for security and MS is starting to deliver.

And MS can only do so much if a user is dumb enough to click on a link they don't know or install software that looks like it could be shady and expect to stay safe then they are doomed no matter what kind of "Security Features" are in place.

Why is everyone always complaining about the "lack of security" in MS Windows, MS isn't writting viruses and malware and vicious software. Shouldn't we be more concerned at getting upset at the people who are writting those things? Software will always be insecure, but the only reason it's Insecure is because of the people who like to damage and ruin things because it's fun. People wonder why the world is going to pot, it's cause people feel they can take advantage of everyone else.

Symantec: We don't really know anything about technology so we're going to whine, cry, and keep bloating our crapware until someone listens to us.

It seems that the more secure Microsoft try to make Windows the more companies like Symantec complain. They're trying to deliberately make Windows insecure so they can stay in business, its pathetic.

UAC is chatty because of badly written apps though.

for years now, since the move to the NT kernel apps where supposed to be written without the need to use admin priv's to install (and yes that is possible). developers never bothered to. UAC will hopefully make developers abide more the the rules of developing for windows, but I'm not holding my breath.

Either way there should be no problems writing an app that installs and runs without UAC prompts on Vista. everythgin has been prepared for it, they just have to use what is there and it'll be easier for them and users

Symantec should stop being cry babies and start innovating and doing good products, their software gets worse and worse with every version, last year I finally dropped them after being a loyal users for years.

In other news

Beastage: Symantec Software Is Still A Bloated Piece of C***

A company that gives the average home user that already has problems managing his computer a piece of software that completly and utterly destoyes perfomance has no right to complain about anything... ANYTHING!

Seriously... I tried NIS 2007 just for kick... and it installed 15 new processes on its peak

The better Windows' security gets, the more a company basing their revenue on security flaws complain...

Hmm, there is some connection here... :P

Confusing to users? How confusing can pressing a button be? Consumers problem is they don't read, they just simply click yes to everything. Confusion isn't the problem, the problem is patients and just simply taking the time to read what's going on. UAC is a feature that really is needed and there's only so much Microsoft can do to dumb it down.

I seriously don't know who I hate more: the RIAA, the MPAA, Sony or Symantec. :confused:

Hurmoth, I could not agree with you more, What is so confusing about pressing a button...? the problem is re-educating people to read what is on their desktop instead of just pressing a button. There is nothing confusing about AUC at all, Symantec are just scaring End-Users again.

I have always hated Symantec, their software slows your OS down and Systems Works is just a joke because it does not like ActiveX Controlers. :nuts: