Tip: Turn off swith to secure desktop UAC

[HawkMan]

I say this. We didnt ask for this. Simple. We wanted safer browsing (mainly for IE) we wanted a better firewall and perhaps spyware protection. We didnt want a dialog telling us if we are sure we want to move a file, 3 times!

That'pure BS, in capitals

It's pretty much the exact opposite, Peopel have been cryign over how MS only tries to fix the holes in their insecure OS by external fixes liek firewalls and virus checks and such, while such things are barely needed in OSX and *Nix.

And for all those that says microsoft should fix the security in the Core. That is part of what UAC is. This is what people have been asking for same security features as in *nix and OSX and not havgin to run as administrator.

Granted UAC may still be a little agressive, and shoudl probably only react to the changgin of system files. but I seem to remember havign overwritten several files without UAC, but that mayhave been in my user folder.

So for file operation I agree it shouldn't react but for everything else it is JUST what people asked for.

I also suspect setting user rights on directories will remove the UAC prompts on file operation, but I'm not sure.

[Brandon Live Veteran]

Regarding file operations - it's only prompting like that if you're trying to access restricted directories or files you don't have access to without elevation. Same as most other OSes.

The main reason you see UAC so much is that applications (and user habits) are not secure, and read/write places they shouldn't (on the file system, registry, etc). However, Microsoft is strongly pushing developers to stop this, and Vista will be the first real compelling reason that these developers and users have had to actually do things "right."

[Julius Caro]

Secure desktop or not, the flicker is not supposed to happen.

[Symphony]

And here's what I think of UAC quoting myself:

- UAC is not to protect from you, it is to protect you.

- it is not "Hey, you! Are really wanna do this?" it is "Hey, this will happen. Do you want it to happen?"

- the whole UAC reason: the whole OS is built on messages flying around (a click was at x,y; the "c" key was pressed etc.) programs work as they react to these messages: even orientated system. Every app is able to send any message and the system is not capable to make difference between you clicked the "Format D:" or another application/virus/spyware "clicked" that button in the background, invisible - it is possible to write this application under 10 minutes. That's why it goes to a secure desktop (the annoying black flash) where a remote clicking is not possible and asks if you, the user, the living thing wanted this to happen. There are even spywares, when you click on the "No, i don't want to install millionxxxpasswords.exe" and the mouseclick goes to the "Yes, sure, give it to me."

This whole thing started very long ago - like when the first WinZip cracks actually were little programs inside the main program, and they found the "yes" button and sent a mouse click to it making the nag actually to fast to notice. Now too many applications (remote, accesibility, OSD, bundled apps like SetPoint) use this system to change it drastically. Microsoft tries to tweak it (make a Google search on "Help, SendKeys not working under Vista"), but wihout much luck.

EDIT: If you use a "root" or a real-admin login in Windows when there is no UAC, you will never know if another application did something behind your back.

[Brandon Live Veteran]

Secure Desktop is also there to make it clearer which application is asking for elevation and to prevent spoofing, especially for non-admin users where it asks for an admin password.

[Mayhem]

the only thing that bothers me from UAC is the constant confirmations popups when i want do delete something.

UAC should check if the command delete is made inside a windows explorer window or in a desktop, i presume that vista have better protection against process injection. doing this way i'll make the protection work as intended, only 3dr party programs like xplorer2 and others of the same type is that continue having the popups

UAC have to protect me from others programs doing stuff, not my actions inside of the Vista own tools like Windows Explorer

there are some option to disable only that? i want to use UAC because is protection, all the protection is welcome but if this UAC thing do not get resolved i prefer disable it and act like XP, i didn't have any virus, spy or wathever in 5 years (the right tools and brain is what is needed). if i upgrade to Vista i want to use what is intended for, The Protection without getting annoying almost every time because i do many downloads and delete after see/install, wtv

[b_pizzle]

You know, I agree with both sides of the UAC arguement. I will say that I DO NOT like to be bugged when I'm just using the OS to do things like move files and delete BUT any extra protection over what we have now is always welcomed.

I think I, for one, will wait until Vista final is out to make my final judgement on UAC. My hope is that after RC1 is distributed and all of the complains roll in, that they will finally make a serious effort to make it "bug" you in a more uniform and intelligent manner. We shall see though...

[gio@]

Thanks a lot for this!!!!!

I was going to change if it wasnt u

[kl33per]

Rubbish. The ones turning it off are the ones who know about security.

The ones not turning it off are the bozos of the World who actually need something like this!

No, you're the one that's spouting rubbish. The people turning it off clearly have no idea how to run a secure OS. Turning off UAC means your running in a full Administrator account again. This is clearly horrible security practice. If you think you can use an OS full-time under an administrator account securely, them I'm afraid you have no idea what security is and clearly don't understand the desperate need for Microsoft to force UAC on people.

[primexx]

No, you're the one that's spouting rubbish. The people turning it off clearly have no idea how to run a secure OS. Turning off UAC means your running in a full Administrator account again. This is clearly horrible security practice. If you think you can use an OS full-time under an administrator account securely, them I'm afraid you have no idea what security is and clearly don't understand the desperate need for Microsoft to force UAC on people.

Thank you for worrying about my safety but I do not need you to insult my inteligence. Last I checked I've ran in administrator account for YEARS without problem. If you're implying that I'm an idiot, I'm sorry to dissapoint you, but I'm not. It's quite clear that people who do disable the UAC are advanced users who know how to take care of their own computer properly without the need for nags like that. Thank you but no thank you. I'll skip this annoying POS.

[Symphony]

primexx: if you want to turn it off, that's your honest decision and I'll respect it. But please, understand what it is for.

It is not about that you are an idiot or not. It is to notify you that something potentially bad thing is happening. Like if some executable want to (by cause or by accident) delete your files, turn off firewall, kill another process, format a drive etc. Without UAC you'll never know it is happening, it happens invisible behind your back.

It is ok that you used admin account for years, but you know what, 99% of XP users did that in the past years as the restricted account just won't work in many cases. We are always one step behind every virus, security hole, spyware, worm and rootkit. We can say that all of us using admin account for years without problems had luck. We were lucky because many harmfull **** avoided our PC. I don't know you, but when we are talking about data i don't want to depend on luck. Please think about it, and send feedback to MS on how would you like it to work.

PS: I like your signature :yes: