The Dark Side of Windows Vista RC1

[pad]

They should just keep the circular back button at the top, and have 'NEXT' in the bottom right. People can choose to cancel by pressing the 'X' button in the top right. If cancel's not an option, it will be a grey close button.

[Boiling Ice]

If third party companies choose to ignore this advice, like they chose to ignore the information Microsoft gave out about Windows XP SP2, should Microsoft get blamed? I certainly don't think so!

I agree with you, but not fully. Sometimes -not always- developers faced with situations where the only to run such thing is by having Admin rights, MS created that limitation and the only way to do it is by having admin rights !!

[gigapixels Veteran]

They should just keep the circular back button at the top, and have 'NEXT' in the bottom right. People can choose to cancel by pressing the 'X' button in the top right. If cancel's not an option, it will be a grey close button.

Why? That makes no sense. They should have it as it has been. Their new method (as well as your proposal) is counter-intuitive and is going to **** off a lot of people.

[Symphony]

Some of you just really don't get it:

- UAC is not to protect from you, it is to protect you.

- it is not "Hey, you! Are really wanna do this?" it is "Hey, this will happen. Do you want it to happen?"

- the whole UAC reason: the whole OS is built on messages flying around (a click was at x,y; the "c" key was pressed etc.) programs work as they react to these messages: even orientated system. Every app is able to send any message and the system is not capable to make difference between you clicked the "Format D:" or another application/virus/spyware "clicked" that button in the background, invisible - it is possible to write this application under 10 minutes. That's why it goes to a secure desktop (the annoying black flash) where a remote clicking is not possible and asks if you, the user, the living thing wanted this to happen. There are even spywares, when you click on the "No, i don't want to install millionxxxpasswords.exe" and the mouseclick goes to the "Yes, sure, give it to me."

This whole thing started very long ago - like when the first WinZip cracks actually were little programs inside the main program, and they found the "yes" button and sent a mouse click to it making the nag actually to fast to notice. Now too many applications (remote, accesibility, OSD, bundled apps like SetPoint) use this system to change it drastically. Microsoft tries to tweak it (make a Google search on "Help, SendKeys not working under Vista"), but wihout much luck.

EDIT: If you use a "root" or a real-admin login in Windows when there is no UAC, you will never know if another application did something behind your back.

Edited September 5, 2006 by Symphony

[+LogicalApex MVC]

If you're confronted with 'constant popup's on Windows Vista when running third party applications,t hen the issue is with the third party applications, and the vendor not writing their applications to take into account permissions and user limitations.

Run Nero under a restricted account on Windows XP - you *can* write to a cd under a resitrcitved account, but due to Nero being written so poorly, it has to have root/administrator access when doing so.

So before the 'slam feast' continues, lets remember, 90% of Windows problems you see are related to crappy third party vendors not getting their **** together; Windows Vista has been in beta form publically for over a year, there has been NOTHING stopping vendors from getting their applications ready; the information regarding UAC has been around for over 2 years.

If third party companies choose to ignore this advice, like they chose to ignore the information Microsoft gave out about Windows XP SP2, should Microsoft get blamed? I certainly don't think so!

In my honest opinion, MS is to blame for the application programming model in XP. They started it when they threw their own logic out of the Window with XP. If anyone remembers the Windows 2000 days they had a more unix like system where on default you had a "User" account with limited rights. In order to get a "Power User" or "Administrator" level account you had to manually create one or edit the current one, it wasn't admin by default. Like Linux MS didn't recommend you create and use the admin account by default, but you had the option, as you should. With XP they threw all of that logic out of the Window and made you admin by default, a decision i always thought was retarded, even in 2001. Now they come to us developers and complain that we don't write code to use a "less privileged account" and the question is simply "Why should we when everyone is admin by default?" I thought MS was going to change this with Vista as the main was of resurrecting the idea of writing for the least privileged account. I thought UAC would work much like its equivalence I've used in Linux so many times... Nope... UAC was so annoying to me that i uninstalled the Pre-RC1 MS allowed me to download the day after i installed it. I went back to my XP and SUSE Linux Ent. Desktop 10 installations.

They need to just make the default account in Vista a "user" level account. Not some Admin account with annoying popups. If they are serious about protecting your computer why aren't they just demoting the user and asking them to truly elevate when needed? UAC is shaping up to be more hassle than its worth and going to set security back even more I'm sure. As was mentioned previously in this topic, normal users will hit OK, next, enter passwords, etc. to get the program they want running. They won't care or know how to determine or care about whether the program will hose their machine or not. They simply want their smiley pack or whatever other incentive the spyware/virus is using to lure them in.

Not to mention the whole screen blanking thing is just stupid.... Every few clicks your whole workflow is disrupted and you can't do anything else until you respond to UAC. Maybe it is just me, but i don't actually do one thing at a time on my computer! I actually do multiple tasks at once...

I'm probably in the minority, but i won't be upgrading to Vista until I'm really forced. I'll stick with XP and Linux until I'm literally dragged kicking and screaming to install Vista on any machine i own or administer.

[Menge]

In my honest opinion, MS is to blame for the application programming model in XP. They started it when they threw their own logic out of the Window with XP. If anyone remembers the Windows 2000 days they had a more unix like system where on default you had a "User" account with limited rights. In order to get a "Power User" or "Administrator" level account you had to manually create one or edit the current one, it wasn't admin by default. Like Linux MS didn't recommend you create and use the admin account by default, but you had the option, as you should. With XP they threw all of that logic out of the Window and made you admin by default, a decision i always thought was retarded, even in 2001. Now they come to us developers and complain that we don't write code to use a "less privileged account" and the question is simply "Why should we when everyone is admin by default?" I thought MS was going to change this with Vista as the main was of resurrecting the idea of writing for the least privileged account. I thought UAC would work much like its equivalence I've used in Linux so many times... Nope... UAC was so annoying to me that i uninstalled the Pre-RC1 MS allowed me to download the day after i installed it. I went back to my XP and SUSE Linux Ent. Desktop 10 installations.

They need to just make the default account in Vista a "user" level account. Not some Admin account with annoying popups. If they are serious about protecting your computer why aren't they just demoting the user and asking them to truly elevate when needed? UAC is shaping up to be more hassle than its worth and going to set security back even more I'm sure. As was mentioned previously in this topic, normal users will hit OK, next, enter passwords, etc. to get the program they want running. They won't care or know how to determine or care about whether the program will hose their machine or not. They simply want their smiley pack or whatever other incentive the spyware/virus is using to lure them in.

Not to mention the whole screen blanking thing is just stupid.... Every few clicks your whole workflow is disrupted and you can't do anything else until you respond to UAC. Maybe it is just me, but i don't actually do one thing at a time on my computer! I actually do multiple tasks at once...

I'm probably in the minority, but i won't be upgrading to Vista until I'm really forced. I'll stick with XP and Linux until I'm literally dragged kicking and screaming to install Vista on any machine i own or administer.

Quoted For Truth.

I'll still be switching to Vista, though. But I'll do as I've always done on my systems... Run as Standard User and let UAC elevate me when I need it to and disable UAC for Administrator Users - the way I thought UAC should've been done from the start.

[Dick Montage]

I agree with a lot of the UI points.

The problem is, where can MS go with this? I mean, they need a complete overhaul of the UI - and I don't mean that as a technical statement - as Vista is a rethink i that respect.

I mean, thinking back, the "desktop" paradigm was flawed as soon as it was rolled out. You DON'T have a waste bin on your desktop, and it only got worse by adding the startbar, etc. I am not flaming these UI elements, they certainly help the usage - but the paradigm of the desktop is just messy and no longer even relevant. These additions made a PC easier to use - but NOT easier to learn.

I think we have become a little like cattle. Instead of the interface being designed around the user, the user adapts to the interface. MS helped a lot with task panes and such (UI adapting to the task) but not enough.

I am not saying there is anything better, as I don't know - if I did I would be rich. But the current "Desktop, with a startbar and a sidebar and buttons, and a wastebasket" is NOT intuitive.

[1Frothy]

In all honesty there are more features that suck in Vista then usual. But the best thing is that most annoyances can be turned off. (Y)

I think that Vista represents a pretty poor effort Interface and Design wise. There are improvements in stability and performance over XP but those, alone, are not enough to make Vista a "must have" purchase.

Paul Thurrott made a lot of sense in what he published. I hope that Microsoft takes this to heart and does something about the screwiness in Windows %whatever%.

I couldn't agree more with Paul's article. Microsoft said they listen to their users/testers? ... *looks around*

As a retiring Beta Tester I can say with a lot of certainty - Microsoft do listen to their beta testers. But then they do their own thing anyway, because as usual - Microsoft knows what's better, for us.

[superhuman]

In my honest opinion, MS is to blame for the application programming model in XP. They started it when they threw their own logic out of the Window with XP. If anyone remembers the Windows 2000 days they had a more unix like system where on default you had a "User" account with limited rights. In order to get a "Power User" or "Administrator" level account you had to manually create one or edit the current one, it wasn't admin by default. Like Linux MS didn't recommend you create and use the admin account by default, but you had the option, as you should. With XP they threw all of that logic out of the Window and made you admin by default, a decision i always thought was retarded, even in 2001. Now they come to us developers and complain that we don't write code to use a "less privileged account" and the question is simply "Why should we when everyone is admin by default?" I thought MS was going to change this with Vista as the main was of resurrecting the idea of writing for the least privileged account. I thought UAC would work much like its equivalence I've used in Linux so many times... Nope... UAC was so annoying to me that i uninstalled the Pre-RC1 MS allowed me to download the day after i installed it. I went back to my XP and SUSE Linux Ent. Desktop 10 installations.

I guess M$ think users should be admin by default. Especially, for some losers who don't to use computer. If they want to do something need admin right. They almost don't even know how to create an admin account or log in as admin.

[+LogicalApex MVC]

I guess M$ think users should be admin by default. Especially, for some losers who don't to use computer. If they want to do something need admin right. They almost don't even know how to create an admin account or log in as admin.

Of course being admin by default makes everything easier as it all "just works", but if they are attempting to "fix" that problem with UAC than i think they should start right there, with the accounts. They are attempting to build a bridge in Vista, a retarted one in its current implemenation, where they give you an Admin account by default and then prevent you from doing admin tasks without bothersome notices. They should start whole business by putting users in user accounts by default and then asking them for elevation, if needed.

I just think they are going about it in a really stupid fashion really. It will only cause confusion for developers, users, and administrators alike.

Main fustration i've had with Windows post Windows 2000... MS seems to think were all so stupid that we need them to hold our hands the whole way. Ah well... Like i said i'm not hoping on the Vista bandwagon anytime soon. I've used the Betas and Pre-RC and i'm simply not impressed. Why couldn't MS just keep the "Business" and "Consumer" line seperate? Then i wouldn't have to deal with this garbage :p;)

[franzon]

Your quote here shows a great example of a blinded fanboy.

Linux and has it's own pros anc cons and so vista, I use both and both are cans or worms.

I would strongly disagree with you regarding UAC is better than linux security. I suggest you go and read about linux security and compare it with UAC.

:no: :no: :no:

I suggest you go and read about Vista and UAC security and compare it with linux. Linux permissions are very old, very limited, linux's SUDO is not granular like UAC. UAC is more powerful than linux sudo, and this is the reason someone could think UAC is annoying. And Linux doesn't have the Vista's secure desktop to prevent spoofing of the UI or the mouse by the application requesting elevation

Edited September 5, 2006 by franzon

[TruckWEB]

Stop the Fanboys, lets all get back down to earth and think with your brains.

UAC is NOT usefull for everybody. It's a nice feature that can have a place with Home edition, because lets get real, users are stupids. They are the one clicking on just about everything that comes in their e-mails, download junks and cry out loud that Windows is unstable and not secure.

But for professional, IT, advanced users.... UAC is a pain in the ass. It's realy not like Linux (Sudo) or OSX. Wake up and get real. Why a pop-up because I want to delete a file? Why UAC gets in my way because i'm browsing (reading/writing) another partition or HD inside my PC? Those are MY files. Since when Linux or OSX stopped you from deleting your personal file? (not OS file).

UAC is a good feature implemented the wrong way. It's not the "best" Vista feature at all.

[Kristian]

UAC is the first feature I turn off when I install Vista, for the sole reason that I find it very annoying. I know that it may decrease security but I really don't care :)

[gadean]

UAC just makes the "point and click" crowd worse off. These are the types of people who click away without ever reading or paying attention to the dialogs and later wonder what has happened to their pc.

[TruckWEB]

UAC just makes the "point and click" crowd worse off. These are the types of people who click away without ever reading or paying attention to the dialogs and later wonder what has happened to their pc.

That's my point... For people that blindly lick OK at whatever pop-up in their face, UAC wont help at all.

It's just one more click.....

[sweetsam]

Fist of all I should say I laughed like I never have reading Paul Thurrott's review on Vista. Especially the "need to be brought out and shot" part.

On a serious note, I totally agree with the many issues highlighted in the article. UAC for example is a big time over do. UAC needs to pop up when things very serious such as making changes in windows core files, auto start apps, installing low level drivers and such happen. Not for things like opening device manager. Good God that really annoyed me and was abviously the first one I looked to disable.

The vista design team needs to stop confusing browser with explorer. Keep interfaces separate. If you want to combine them, maintain consistency. Finally for God's sake stop messing with stuff thats working fine in XP !!

On a sidenote I don't think there is anything wrong in bundling apps along with OS as long as other apps can work equally well. Heck MS did bundle a firewall but anybody with knowledge about outbound security will not use it. In the end if its not quality product people will not use it no matter if it was bundled or not. And this subscription based I want to rip you off every year garbage is so not gonna fly. People refuse "pay once and get free updates" model. Do they really think yearly subscription is gonna work ?

[ThePitt]

Oh is this guy Paul Thurrott :x The one that say something negative from m$ and a few mins (after getting his 15 seconds of "fame" or at least a lil attention from some kids) goes back in what he say.

[Lexcyn]

In all honesty I'm going to disable UAP simply because I know what I'm doing. I've never had a virus or spyware and I don't intend on getting them anytime soon. For the people that know what they're doing, this is going to be a big pain (although it's good you can turn it off).

The UI issue is completely different. I don't think it would be that hard for them to go in and see what needs to be changed to make it consistent. Really. Especially the 'back' button issue.

[medafor]

Paul set it straight, Vista is the most Frankestien OS i have ever used. It's all over the place and I am glad he admitted it. If he would have just wrote the "5 things I love about vista" I would have called him a fanboy. Im glad he pointed out alot of its faults to the public. Hopefully MS will change there minds and delay vista as it's very sloppy. I turn on UAC and all hell breaks loose. I cant save priter profiles, programs dont load, to copy six 64k-128k files is a task that take 5 to 10x longer than in XP. I mean what gives? Thats complete crap. I new vista would turn out like this, why, because its really XP strip downed with new clothing added to it by the worlds worst fashion designers. From day one you could tell it was XP and they were trying to add stuff and take stuff away. They should have started from ground up and anyone who says they did, doesnt know what ground up means. We wouldnt have legacy icons that disappered only 2 builds ago, the same calculator, paint, notepad,wordpad, same right click look on the desktop. This OS has tons of old XP elements scattered through out. Some things havent changed since Windows 98. Nice try MS. I have been running Longhorn since it looked like XP with a plex theme. I also ran/tested windows 2000 and windows XP when they were in beta stages. I think MS has failed if they choose to put out a build similar to 5600.

[primexx]

Paul Thurrott is ignorant, I don't like his thoughts.

UAC is the best Vista feature, I love the UAC. UAC is not annoying. UAC allows you to run as Standard user with the possibility to make the administrative tasks when you want. UAC also protects you from trojans want to start administrative tasks without your knowledge and so UAC will prompt you and save your life!

If you think UAC annoying you, this means:

. you're doing a lot of unnecessary administrative tasks

. you're using a lot of incompatibility programs

. you don't understand the UAC and runas capabilities in Vista i.e. you're simple ignorant like Paul Thurrott

Paul Thurrott is wondering why the beta2 was bad and why Microsoft didn't release immediately a good build like the RC1, and so Paul is ignorant because he doesn't understand what a beta program means!

So you're insulting inteligent beings? You must be desperately needing love from Microsoft.

Do you spend your life to delete files every day and at every hour? No, so you have just only to click on the UAC prompt in order to allow the action, and this doesn't happen often because you don't delete files at every hour of the day! So I don't think this is annoying.

And do you understand what happens when a program try to delete these files without your knowledge if you hadn't the UAC? You'll lose the files and you'll cry just like when you're using windows xp as administrator

Uh, the prompt literally pops up every 15 seconds. I dont think anyone could afford to waste that much time with crap like that.

I also understand that a program WILL NOT delete files without my knowledge because there ARE NO programs that is capable of doing so on my computer. And what happened to data backup?

:no: :no:

You wrong!!! UAC is especially suitable for power users, because with the UAC the power users will have the true full control of own computer. Without the UAC, the power users can't have the full control. Having the full control means you always know what happens and UAC help you for this purpose

UAC is useless for two groups of people: the plain ignorant idiots, and the power users.

If I leave UAC enabled I have to click extra times to do what I want, but if I disable it, I could do whatever I want. I already have full control, UAC just puts more obstacles in between.

:no: :no: :no:

No antivirus/antispyware is able to detect when an administrative task have to run i.e. executed by a program, so you don't have the full control of your computer without UAC. So antivirus and antispyware are not enough

Firewall/Antivirus/Antispyware wont let malware that run administrative tasks onto your computer in the first place. You keep saying I dont have full control of my computer. I do. Shut up. Prevention is better than cure.l

:no: :no:

You are a standard user and when you run an admin task UAC will prompt you in order to elevate. This happens on Mac and linux every day, so where's the problem? Why you bother?

No, I'm an admin.

Some of you just really don't get it:

- UAC is not to protect from you, it is to protect you.

- it is not "Hey, you! Are really wanna do this?" it is "Hey, this will happen. Do you want it to happen?"

- the whole UAC reason: the whole OS is built on messages flying around (a click was at x,y; the "c" key was pressed etc.) programs work as they react to these messages: even orientated system. Every app is able to send any message and the system is not capable to make difference between you clicked the "Format D:" or another application/virus/spyware "clicked" that button in the background, invisible - it is possible to write this application under 10 minutes. That's why it goes to a secure desktop (the annoying black flash) where a remote clicking is not possible and asks if you, the user, the living thing wanted this to happen. There are even spywares, when you click on the "No, i don't want to install millionxxxpasswords.exe" and the mouseclick goes to the "Yes, sure, give it to me."

This whole thing started very long ago - like when the first WinZip cracks actually were little programs inside the main program, and they found the "yes" button and sent a mouse click to it making the nag actually to fast to notice. Now too many applications (remote, accesibility, OSD, bundled apps like SetPoint) use this system to change it drastically. Microsoft tries to tweak it (make a Google search on "Help, SendKeys not working under Vista"), but wihout much luck.

EDIT: If you use a "root" or a real-admin login in Windows when there is no UAC, you will never know if another application did something behind your back.

As above, why let malware onto your system in the first place?

[medafor]

another thing about UAC is why dont they just add a "always run the program without asking me" button? why the hell do i need to be asked eveytime i run photoshop? shouldnt we just be able to click a button to confirm it once and never be asked again?

[Boiling Ice]

another thing about UAC is why dont they just add a "always run the program without asking me" button? why the hell do i need to be asked eveytime i run photoshop? shouldnt we just be able to click a button to confirm it once and never be asked again?

forget photoshop for a moment; since it's a 3rd party software. But as an Admin, I use "Computer Management" a lot, so every time I run it a stupid UAC window comes up.... WTF??? and as you said there is no "always run this program" button.... which really annoys me. In Mac OS X if you use sodo, it will ask you the first time, but if you don't logoff or reboot, during that opend session sodo will work like a charm, but in the case of UAC no matter how many times you run the damn application in the same session; it will keep poping up annoying messages.... :argh:

[Lexcyn]

forget photoshop for a moment; since it's a 3rd party software. But as an Admin, I use "Computer Management" a lot, so every time I run it a stupid UAC window comes up.... WTF??? and as you said there is no "always run this program" button.... which really annoys me. In Mac OS X if you use sodo, it will ask you the first time, but if you don't logoff or reboot, during that opend session sodo will work like a charm, but in the case of UAC no matter how many times you run the damn application in the same session; it will keep poping up annoying messages.... :argh:

Yes ... because they want to protect you. Protect you so much that you get fed up with it and not use it ever again.

Hah. Anyways, this is exactly why I will disable UAP. I do a lot of administration work and there's no way I'm going to be clicking "OMG DO YOU WANT TO OPEN THIS MAYBE MALICIOUS PROGRAM???!?!" everytime.

[franzon]

another thing about UAC is why dont they just add a "always run the program without asking me" button? why the hell do i need to be asked eveytime i run photoshop? shouldnt we just be able to click a button to confirm it once and never be asked again?

Photoshop is bad programmed if it requires UAC interaction

You can to configure a program with right click on the icon and set the automatic runas setting for it.

Edited September 5, 2006 by franzon

[gigapixels Veteran]

Firstly, learn some grammar. Secondly, you're saying that Photoshop, the number 1 program used by professional graphic designers, photographers, web designers, and the like, is poorly programmed? Wow, you really are a fanboy.

Once again, you're not convincing anybody here.