yes or no: User Account Control

[+LogicalApex MVC]

YOU WRONG! Because I have Visual Studio 2005 and I've no prompts!!!

Then you've never used Visual Studio 2005 on Vista or you don't have UAC enabled... Though you can run it without admin priv. there is a whole list of known issues from MS when doing so and is why they pop up a prompt telling you to put it in Admin...

You can see the dialog here...

Image From:?http://www.nuclex.org/articles/xna-game-studio-express-1-0-on-vista

YOU WRONG! Because the program name and the manufacter are included in the UAC prompt and there's also aDetails> button in order to see all details, full path file name, command line, etc.

You can't read? I said they didn't provideENOUGH> information. Let me put it more plainly...

THEY DON'T TELL YOU WHY THE PROGRAM NEEDS TO ELEVATE... THE KEY WORD HERE IS WHY!>

[Mordkanin]

The thing about that is, most of the time, you can get away without having VS elevated.

VS 2008 is much more UAC intelligent, prompting to relaunch as an Admin when needed. But as for 2005, I've only encountered a few times when I needed to start it elevated. Pretty much everything will work without elevation, unless the project you're working on needs elevation.

However, if I knew i was going to be working on a project like that, I'd just launch an admin command prompt, tuck it out of the way, and deal with it. No more UAC prompts for things you launch from there.

[freak_power]

So, the bottom line is....UAC sucks and disable it. :p

UAC can break your driver installation process, or software installation process. Now, it takes time for developers to learn about UAC and go around it.

To me UAC is freaking annoying. It's not intuitive at all. There should be an option to remember things so UAC doesn't pop up anymore and it can be done very securily.

[+LogicalApex MVC]

The thing about that is, most of the time, you can get away without having VS elevated.

VS 2008 is much more UAC intelligent, prompting to relaunch as an Admin when needed. But as for 2005, I've only encountered a few times when I needed to start it elevated. Pretty much everything will work without elevation, unless the project you're working on needs elevation.

However, if I knew i was going to be working on a project like that, I'd just launch an admin command prompt, tuck it out of the way, and deal with it. No more UAC prompts for things you launch from there.

Yea some devs can get away with no UAC issues, but for me, a web developer, there is no alternative; unless I forgo debugging support. The singular UAC prompt per launch isn't bad once I get the 3 or so instances fired up. It it just annoying to have to deal with UAC daily. At minimum a "Allow this program" would even make UAC far better. At least then I wouldn't be asked about the same programs I already know and use daily. They can monitor the file for changes using MD5/SHA1 hashes to make that a possible solution; just like most Anti-Virus/Firewall programs do...

[SacrificialSoldier]

Yes, Disable it. Just use an antivirus and B happy with less clicks. It's the first thing I do... darn annoying!

SS

[krasch]

Can you disable UAC without problems? Sure, IF you are careful and know what you're doing.

Even noted security expert Steve Gibson (author of Spinrite, Shields-Up, and co-lead of the Security Now netcast) uses Windows yet not even antivirus software. Of course he also doesn't use said machine to go to shady places on the Net, doesn't download music or other goodies from P2P sites, etc.

Fact is with the sophisication of most virii/malware out there now, if you come across one, antivirus software, software firewalls, etc, aren't going to save you. You're pretty much forced to format and reinstall to get rid of it. UAC might well stop most if not all of that stuff, but if you never make yourself a target of such attacks, it's superfluous protection.

It's the same as protecting your pet from diseases it could contract from outside critters by getting it shots. Fine and dandy, but somewhat unnecessary if said pet never goes outside.

[trek]

UAC on. No AV. Waste of system resources.

[LittleNeutrino Veteran]

i find the UAC to be little more than a hinderence and even if it is there you bypass it by clicking continue so what good is it really doing.

[abc@home]

I turned UAC off a day or two after installation. Just trade some security for convenience according to my own equation. ;)

[Mordkanin]

Can you disable UAC without problems? Sure, IF you are careful and know what you're doing.

UAC isn't so much about malware as it is about making undiscovered exploits useless. Windows Defender, and your antivirus software take care of the other stuff. This prevents things like malformed documents using word to launch an attack on your system, or if a malformed packet from a server can make firefox go berserk and delete stuff from your windows directory. Stuff like that.

[MGS4-SS]

god! two days and I'm going nuts.

i want to disable it but i understand that it can hury vista security ..

wanted to hear what you think about it.

http://www.howtogeek.com/howto/windows-vis...-windows-vista/

It surprises me that you survived 2 days with that damn thing enabled.

[NEVER85]

Some of you are real crybabies. "I SEE UAC PROMPTS TOO MUCH, IT'S ANNOYING!!". Yes, because I'm sure your time is so precious that you can't spend an extra half-second clicking ALLOW whenever you do something that requires elevated privileges. After you're done installing the majority of your software, you rarely see UAC during your day-to-day activities. Leave it on to give yourself some extra protection, and quit your bitching.

[eilegz]

i tried to get used to it, in fact if im offline and standalone i would use UAC, but its an annoyance when your computer its inside a windows network when you want to share something its blocked, when you try to access something its blocked, you give permission, this seems its not enough for it, in the end its a complete annoyance and maybe a new way to manage a vista based windows network in a new IT infraestructure.

[Brandon Live Veteran]

Yea some devs can get away with no UAC issues, but for me, a web developer, there is no alternative; unless I forgo debugging support. The singular UAC prompt per launch isn't bad once I get the 3 or so instances fired up. It it just annoying to have to deal with UAC daily. At minimum a "Allow this program" would even make UAC far better. At least then I wouldn't be asked about the same programs I already know and use daily. They can monitor the file for changes using MD5/SHA1 hashes to make that a possible solution; just like most Anti-Virus/Firewall programs do...

An "allow this program" option would completely defeat the purpose of UAC.

Further, most of the time you should not be running Visual Studio elevated. Assuming you have the VS 2005 SP with the Vista update installed, the only thing really affected by elevation is running regsvr32 to register a COM server.

For web development, the only change you probably want to make is to IE - so that you can debug inside of it. As I recall, this is generally accomplished by disabling protected mode for the "intranet" zone.

[+LogicalApex MVC]

An "allow this program" option would completely defeat the purpose of UAC.

Further, most of the time you should not be running Visual Studio elevated. Assuming you have the VS 2005 SP with the Vista update installed, the only thing really affected by elevation is running regsvr32 to register a COM server.

For web development, the only change you probably want to make is to IE - so that you can debug inside of it. As I recall, this is generally accomplished by disabling protected mode for the "intranet" zone.

In UAC's current state how would an "All this program" option defeat it? As I previously stated, it amounts to a "Do you know where this program came from?" question and not much more. If they maintained a list of MD5/SHA1 hashes of a program's exe and ensured it hadn't changed, as well as requiring Admin Level for processes to attach to each other with high priv. levels (which I believe is the case now), then it would be no different then asking you the question 100x.

To put it more blutly... The amount of information given to you is so scarse that if an application did bypass UAC to infect the EXE of a program you use normally that would require UAC elevation you're just as likely to allow the application to make the elevation. Why? Because this application does it normally and you're not given enough information to know if it is something it shouldn't be doing.

The system is flawed for lack of information really... But this is version 1.0 it might become more useful in a SP.

[stockwiz]

I switch around from time to time... ultimately keeping it on and not installing an antivirus (aside from an on demand file scanner that I can start up and shut down like any program) is probably the way I'll go. The days of viruses destroying systems and old fashioned anti viruses being used seems to be going out the window, imo. With proper application filtering there shouldn't be much of a problem.

I still get programs blocked at startup and the like but that's more about the software not being coded to support vista's security then anything else, I can see the wisdom in the way vista does the privileges.

Edited August 11, 2007 by stockwiz

[Brandon Live Veteran]

In UAC's current state how would an "All this program" option defeat it? As I previously stated, it amounts to a "Do you know where this program came from?" question and not much more. If they maintained a list of MD5/SHA1 hashes of a program's exe and ensured it hadn't changed, as well as requiring Admin Level for processes to attach to each other with high priv. levels (which I believe is the case now), then it would be no different then asking you the question 100x.

There are several ways in which that idea is bad.

For one, say the user adds "cmd.exe" to their allow list. Now any other code can execute "cmd.exe /k EvilApp.exe" to get itself running elevated. CMD isn't the only application where something like that could happen, so special-casing it isn't a valid answer.

It's also a prime target for attack itself. Keeping such a system secure across multiple users is a challenging task.

Another reason is that running a task as an admin should be harder. It encourages developers to make write better code and to test their applications in a non-admin environment. Right now UAC prompts are more prevalent because legacy applications (badly behaved games, etc) weren't designed with LUA / non-admin accounts in mind. Microsoft tried with Windows 2000 to make sure ISVs wrote their applications so that they'd work with non-admin accounts. It didn't work, because at the time there was little incentive for developers to do so - especially for non-business applications, games, etc.

Thanks to UAC, that's changing.

To put it more blutly... The amount of information given to you is so scarse that if an application did bypass UAC to infect the EXE of a program you use normally that would require UAC elevation you're just as likely to allow the application to make the elevation. Why? Because this application does it normally and you're not given enough information to know if it is something it shouldn't be doing.

Programs should be installed in %ProgramFiles% - which unelevated apps can't write to. Same goes for system executables. So no, that's not a problem. If this happens, your system has already been owned.

The system is flawed for lack of information really... But this is version 1.0 it might become more useful in a SP.

I agree that there's room for improvement. But what we have today is a huge step forward and probably the single best security feature available to Windows users.

[Shasoosh]

how can i add something to my "allow list" ?

UAC pops many many times, even when i execute FRAPS

[BajiRav]

I have my vista system running for last almost 6 months now. UAC is on. I see the prompts only when I am installing/uninstalling programs (that includes changes in start menu shortcuts for "all users").

My recommendation:

1. Install everything you need and be patient through the prompts

2. Make yourself an owner of all locations you create/keep you data.

There is a simple change in UAC I would want is to reduce the two step process to a simple one step approach.

e.g. When you try to make a change in all users start menu:

1. You need to confirm this operation <Continue>

2. Windows needs your permission to continue

I fail to see the use of step #1

I am kind of overconfident on UAC and have no AV installed. So far So Good. :)

[Shasoosh]

i didn't get this part "2. Make yourself an owner of all locations you create/keep you data."

plus i don't know how to tell UAC to stop bother me about a specific program it keeps alerting me about.

[NienorGT]

Disabled...

I remember when it was a popup every time I was starting BF2142... ??

(PB needs Admin Rights or you are kicking out of any protected games)

[jmc777]

I have in enabled. I hardly ever see any prompts.

[Mordkanin]

how can i add something to my "allow list" ?

UAC pops many many times, even when i execute FRAPS

Haven't you read the post directly above yours? There isn't one, and it would be a bad idea for one to be implemented.

[RaisinCain]

Bah.. UAC is crap anyway. Another feeble attempt at "security" from Microsoft.

[+LogicalApex MVC]

There are several ways in which that idea is bad.

For one, say the user adds "cmd.exe" to their allow list. Now any other code can execute "cmd.exe /k EvilApp.exe" to get itself running elevated. CMD isn't the only application where something like that could happen, so special-casing it isn't a valid answer.

It's also a prime target for attack itself. Keeping such a system secure across multiple users is a challenging task.

Another reason is that running a task as an admin should be harder. It encourages developers to make write better code and to test their applications in a non-admin environment. Right now UAC prompts are more prevalent because legacy applications (badly behaved games, etc) weren't designed with LUA / non-admin accounts in mind. Microsoft tried with Windows 2000 to make sure ISVs wrote their applications so that they'd work with non-admin accounts. It didn't work, because at the time there was little incentive for developers to do so - especially for non-business applications, games, etc.

Thanks to UAC, that's changing.

I'm not sure you caught all that I was saying. It could have been bad wording on my part so I hope I don't fail in that regard again...

I don't think it would be an increased security risk adding an "Allow this app" for the reasons I previously stated. In the example you gave, if an app/process started that wanted to run CMD.exe which was previously grated rights to always run in admin then there should be a UAC prompt. This UAC prompt would then tell the user that this app/process is attempting to call CMD which is an admin level app/process. That way an app/process isn't allowed to elevate itself through a back door. To my knowledge Vista already works this way with process isolation when UAC is on. UAC would also automatically turn off the "Allow this app" if the application exe ever changes to prevent malicious code from patching the exe to gain the priviledges.

Basically it would end up operating in a manner close to what modern firewalls do. You can "whitelist" an application or process and when anything about that process changes the firewall notifies you and shuts it off.

I agree with you that developers should code for least priv. and it has been a model I've baught into since the Windows 2000 days. UAC is a good step in that direction, but needs improvement; I'm sure that will come.

Programs should be installed in %ProgramFiles% - which unelevated apps can't write to. Same goes for system executables. So no, that's not a problem. If this happens, your system has already been owned.

Unelevated apps can write to %ProgramFiles%... I've installed apps that did not need a UAC prompt to write to Program Files... Expresso (www.ultrapico.com/Expresso.htm) was one of them.

Though this is out of the scope of my argument. I was just giving an example that I hoped would make situations like the one I just commented to above more clear.

I agree that there's room for improvement. But what we have today is a huge step forward and probably the single best security feature available to Windows users.

I'm glad we both agree it needs improvement. I think it falls horribly short as a protection mechinism though. As we all know the key to real security is informed users. When UAC reaches that point of informing users properly it will become that; the single best security feature on Windows. Today it is just a bright idea.