The Great UAC Debate!

[Code149]

^^ It does very much to safeguard the critical Windows folders and files from malicious manipulation.

And to be honest, I haven't noticed much difference between Vista UAC and 7's.I've been fine with either of them.

[HawkMan]

UAC doesn't do all that much, but I don't find it annoying enough to make me turn it off. Vista just bugs me.

So you basically revived an old thread only to say that you didn't read anything in it, and don't know what UAC actually does ?

[etempest]

Honestly, I disabled it on Vista, it was causing me too much headache.

Windows 7 however, functional yet far less intrsuive, I leave it on.

[Nagisan]

I have never disabled UAC on my own machine, and the only time I suggested anyone to do it was when it got corrupted on their system (running Windows 7, that is). Basically, they couldn't do any admin tasks that caused a prompt to appear because they never got the prompt and therefore couldn't elevate any actions. The only thing they could do was disable UAC since it uses the auto-elevation in Windows 7 to elevate the user to allow changing the setting.

Before that, they couldn't even run a Windows repair from Windows because they couldn't elevate the setup process to initiate the repair. Instead of spending time trying to talk them through booting on the CD and attempting a rollback or anything, I simply had them disable UAC and warned them that they would be more prone to viruses, so they need to be more careful. As they were unwilling to reinstall the system or anything, disabling UAC was IMO the best course of action. Other then that though, I have never suggested anyone disable UAC. When its working properly, it will not get in your way and will help protect you from viruses, so why not leave it enabled?

[De.Bug]

I have never disabled UAC on my own machine, and the only time I suggested anyone to do it was when it got corrupted on their system (running Windows 7, that is). Basically, they couldn't do any admin tasks that caused a prompt to appear because they never got the prompt and therefore couldn't elevate any actions. The only thing they could do was disable UAC since it uses the auto-elevation in Windows 7 to elevate the user to allow changing the setting.

Before that, they couldn't even run a Windows repair from Windows because they couldn't elevate the setup process to initiate the repair. Instead of spending time trying to talk them through booting on the CD and attempting a rollback or anything, I simply had them disable UAC and warned them that they would be more prone to viruses, so they need to be more careful. As they were unwilling to reinstall the system or anything, disabling UAC was IMO the best course of action. Other then that though, I have never suggested anyone disable UAC. When its working properly, it will not get in your way and will help protect you from viruses, so why not leave it enabled?

Agreed. There is no reason to turn of UAC on Windows 7 Completely. I have mine turned down so it doesn't pop up all the time and I seldom see it, maybe 2 or 3 times a week. Not counting installing things. Also I don't ever see how people can say it's annoying on windows 7. They stopped having the completely greyed-out screen where you had to chose yes or no then you could get back to whatever you were doing.

[Seizure1990]

Silenced it on my Windows 7 installation. It's just as secure, since I personally happen to be aware of when I am executing a program or installer. I really don't need Windows to confirm it.

[riceBox]

Enabled it on my own machine, but disabled it on our family desktop for usability. They seem to short-circuit with UAC nags. :pinch:

[Guest]

No, it feels far too obtrusive. I can download a file, get prompted by UAC, then get warned that it's a downloaded file (not UAC but just explorer).

It's been a few years since I had a Mac but I think they got this sort of thing right. If you want to install something, you simply type your user password right before it installs.

If you want to modify system files, you get prompted for a user password. You get checked out when it really matters, not for every little change you make.

Oh and there are even occasions that somehow, the UAC prompt doesn't get promoted on top of all other windows and you can access nothing else but it's taskbar entry until you've accepted the UAC prompt. A major bug imo.

Enabled it on my own machine, but disabled it on our family desktop for usability. They seem to short-circuit with UAC nags. :pinch:

I would have done it the other way around personally @_@

Especially if they're not that (I hate the term) tech savvy...

[nycmattw]

No, it feels far too obtrusive. I can download a file, get prompted by UAC, then get warned that it's a downloaded file (not UAC but just explorer).

It's been a few years since I had a Mac but I think they got this sort of thing right. If you want to install something, you simply type your user password right before it installs.

If you want to modify system files, you get prompted for a user password. You get checked out when it really matters, not for every little change you make.

I would have done it the other way around personally @_@

Especially if they're not that (I hate the term) tech savvy...

I guess thats where ubuntu got their idea. Microsoft should follow Ubuntu's path on user control.

[Frylock86]

I guess thats where ubuntu got their idea. Microsoft should follow Ubuntu's path on user control.

Ubuntu's is worse! Why would Microsoft follow that?

[MadDoggyca]

There a Wrong way and a right way to use and configure UAC

First the wrong way to configure it

and the Right way

and then there thes best way

Disable it altogether...

but if you really have to use it.. Fine tweak it useing the Local policey editor...

[Raa]

There a Wrong way and a right way to use and configure UAC

and then there thes best way

Disable it altogether...

This is the wrong way. Please stop spreading FUD.

Can we close the topic now? I think everyone's made their choice/s.

[Nagisan]

Silenced it on my Windows 7 installation. It's just as secure, since I personally happen to be aware of when I am executing a program or installer. I really don't need Windows to confirm it.

Except that one time a rogue virus attempts to run itself and has full admin privs on your machine while it doesn't have any privs on a default configured Win7 machine.

Honestly, saying you are aware of every executing program and installer on your machine without Windows confirming it is just stupid. Sure, you are aware of every program or installer YOU initiate, but what if one gets started without your knowledge? Not exactly aware of that one now are you?

UAC doesn't replace AV and common sense, it replaces those few times where something does catch you off guard and saves you from having to remove a potentially nasty virus. I can understand disabling it when you do a lot of installs, such as when you just reinstalled Windows and what not, but leaving it disabled for day-to-day activity is pretty careless. Unless you install software on a daily basis or change your system files just as often, you shouldn't see more than a popup or two a week at the most (likely even less than that), is the 3 seconds it takes to click yes/no too much out of your day to risk the hours it could take to recover from an infection?

[Guest]

So, whats all this talk about disabling the UAC driver anyway?

[HawkMan]

There a Wrong way and a right way to use and configure UAC

First the wrong way to configure it

and the Right way

and then there thes best way

Disable it altogether...

but if you really have to use it.. Fine tweak it useing the Local policey editor...

Both of those look like the the idiots guide to configuring UAC.

in the second one you've pretty much allowed ANYTHING full access to your computer. and it shows you have no clue what UAC actually does, outside of giving you a prompt.

it's amazing that after such a huge thread, we still have people coming in that don't understand that the prompt and access control is only a small part of UAC.

[Guest xiphi]

It's amazing that some people still don't grasp the concept of UAC. It's not about telling you if you want to run a program or not. It's about asking you if you want the program or action to effect your whole system. Even the dialogs tell you that. Is it really that hard to understand?

Also, _DP, the way you describe how OS X does "UAC" from a users perspective is the same way it's done on Vista/7. The only difference is Vista/7 gives you a Yes/No prompt. Though, you can change it to ask for your credentials, instead. I've never known UAC to prompt me for user level changes.

[+Frank B. Subscriber²]

Why is this debate still going on?

UAC should always be on. End of.

[Guest]

On a day to day basis, you will never see the prompt on OSX, unless you install something which isn't true on windows.

Also, you're being quite arrogant in saying that we don't understand the purpose of UAC, I realize that I disable it at my own risk, but babes, it's working out a treat

[HawkMan]

Actually, no I'm not, I'm fairly sure you DON'T understand the purpose. Just like I'm fairly sure you think it only affects the prompts.

and have no idea that disabling it also disables shadow/virtual folders, disables safe mode in IE and a few other apps that use the safe mode function. And several other safety functions that run in the background as well. And I have never seen a UAC prompt form normal usage. heck on new software today you won't even see it during installs. unless you chose to install for all users, or the install does something stupid like what FF likes to do, and set itself as default for all users when you tell it to be "your" default browser.

And maybe we shouldn't compare windows to an known insecure OS like OSX. The reason you don't see prompts on that is because it has a horrible security system.

[Guest xiphi]

On a day to day basis, you will never see the prompt on OSX, unless you install something which isn't true on windows.

I don't get prompted on a daily basis on Windows, either. Different people, different habits.

Also, you're being quite arrogant in saying that we don't understand the purpose of UAC, I realize that I disable it at my own risk, but babes, it's working out a treat

How am I being arrogant? Have you actually read this thread or even the recent comments? It's quite obvious people STILL don't understand it. Also, what's with calling me "babes"?

[Guest]

And the arrogant comment relates to you stating that anyone who disables UAC doesn't understand it. You could go ahead and disable it. Now you magically have forgotten what it's function is. Alakazam!

Hush babes, hush, it's all ok.

[Guest xiphi]

And the arrogant comment relates to you stating that anyone who disables UAC doesn't understand it. You could go ahead and disable it. Now you magically have forgotten what it's function is. Alakazam!

Hush babes, hush, it's all ok.

Pot calling the kettle black, I see.

[MadDoggyca]

the way I have it setup mean nothing aobut the wrong or right way...

I ment useing the User Contral Sider bar is the wrong way to set it up..

if you really need to use UAC, Then set it up useing the Local Policy editor.. You get way more contral over how UAC acts

I perosnly jsut disable it due to the fact I think its annoying nt needed... after all I been useing pc ever since dos/win 1. So old habbits die hard.

[Guest xiphi]

the way I have it setup mean nothing aobut the wrong or right way...

I ment useing the User Contral Sider bar is the wrong way to set it up..

if you really need to use UAC, Then set it up useing the Local Policy editor.. You get way more contral over how UAC acts

I perosnly jsut disable it due to the fact I think its annoying nt needed... after all I been useing pc ever since dos/win 1. So old habbits die hard.

While you may get more control over how UAC behaves through policies, neither are the right or wrong way to configure UAC.

[Seizure1990]

Except that one time a rogue virus attempts to run itself and has full admin privs on your machine while it doesn't have any privs on a default configured Win7 machine.

Honestly, saying you are aware of every executing program and installer on your machine without Windows confirming it is just stupid. Sure, you are aware of every program or installer YOU initiate, but what if one gets started without your knowledge? Not exactly aware of that one now are you?

UAC doesn't replace AV and common sense, it replaces those few times where something does catch you off guard and saves you from having to remove a potentially nasty virus. I can understand disabling it when you do a lot of installs, such as when you just reinstalled Windows and what not, but leaving it disabled for day-to-day activity is pretty careless. Unless you install software on a daily basis or change your system files just as often, you shouldn't see more than a popup or two a week at the most (likely even less than that), is the 3 seconds it takes to click yes/no too much out of your day to risk the hours it could take to recover from an infection?

If you get a virus, the UAC won't help you one bit, I promise you. The UAC responds to user-started tasks. It is nothing more then to make sure and ask, "Do you really want to do that?". Do you realize how many UAC prompts you would be getting if background processes had to prompt you for every system change they made?