Proof that UAC is useless.....

UAC useless ? No
UAC annoying ? Very!

Not sure why some people say that they dont get that message many times, but im confident i get it at least 50 times (!?) a day with the option on.

I seriously cant accept it when people just use cap with huge fonts, call people, cry babies, ignorant, stupid, and so on. I mean thats just so damn childish. Im really struggling not to get into this "war".

Ive been saying this since the first UAC argument. Its all down to user preference, you have NO RIGHT to call people names for their opinions, if you want to live in a jungle and act like the king go ahead. In this place thats called society people have opinion and people SHOULD respect other peoples opinions without acting like that.

Im still going to try not to take a place in the UAC conversation because im sure it will lengthen this threads "lifespam". But seriously, start talking/acting like people and stop trying to dominate each other..

 

YES YOUR HIGHNESS!
I agreed with you. I think you did read my posts. I have the same opinion as you do which is UAC is useful but annoying.
Just I got screwed up by devepermen(already many times until I don't feel anything already) but I don't mind him because he got his opinion as well. Just don't dominate the other then it should be OK. OMG it is alienware! WAAAA the 3Dmark06 score 13k!!!

 

The problem with UAC is that when something is set to run, it just gives you a popup asking if it's okay.
Most users don't know what things they shouldn't allow, and they know that if they don't allow things they want, programs they want won't run.
So what ends up happening is the user always clicks allow. Even for the bad thing.

 

Exactly what I did last time. I used to run UAC last time. But my laptop get infected as well because "if I don't allow the program won't run". Unluckily, it was a VIRUS! Especially cracks for illegal software.
My experiences(UAC on with no AV):
Downloaded a CRACK for an AV(Forgot what brand already).
Ok, I run the CRACK stuffs, UAC pop up.
If I click NO, what for I download the CRACK? So, Clicked YES.
TA DA! Format.

My experiences(UAC off with AV):
Downloaded the CRACK and straight got warning message!
The crack got destroyed before I run it.

My experiences(UAC on with no AV):
Download Achohol 120%(no illegal but old version) then while installing it.
UAC appears. OK. Click YES. BSOD. LOL. Restart computer still BSOD. Safe Mode also BSOD. System got totally devastated. Format lastly. Not UAC fault. I think is Vista can't run it. So, BSOD appears.

 

I don't mind UAC but I don't really depend on it.

UAC does protect me from slip-ups, as when I install something and forget to uncheck the garbage like the toolbars and extra software included. When I see an extra UAC pop-up I know to pay more attention.

 

How is this any different from the OP? Downloading and running cracks, ironically for your Anti-virus hahaha...

 

I completely agree with that; that's how I use UAC as well, and it does serve a useful little reminder function, just as you said.

 

Nope, I use x64 version of Vista and I did not take ownership or change any system file. clean install......

 

Well after this discussion, to sum it all up.....I just shared my experience with UAC and it's off from now on.......you feel safe if it is on,,,then keep it

kthxbye

 

a) link isnt working
b) i doubt its wise to use this kind of links is these forums since as you probably know its against the forum rules. Id suggest editing your post.

We got lots of posts in this thread that talking about illegal things...

 

I find it hard to reconcile the widespread use of 'cracks' with 'clean install'.

 

I hate UAC, I can't imagine why people would be using it. Just keep your computer protected in non annoying ways.

 

Guys, let's tone down the insults and personal attacks. I don't want to close this thread, so let's keep it civil.

A few points..

- UAC should prevent ANYTHING happening in the system32 folder without elevated permission. Either you clicked a UAC prompt without remembering, took ownership of that folder a while ago without remembering, or ran the application as an admin (I don't know if this last method would negate any further UAC prompts though). I find it very difficult to believe that the program would have been able to copy that file into the system32 fold without any of those 3 things happening.

- UAC has many benefits that extend past the "click to allow" prompts. I recommend people keep it on unless they're using tons of programs that constantly ask for elevation.

- UAC is annoying because programmers have been lazy and their programs require access to parts of the OS that it shouldn't use. Over time, programmers will adjust their code so it doesn't lie in the kernal of the OS.

- UAC is NOT a substitution for an AV program. You should be running both. Having an AV program that scans all downloaded files is a good idea.

- Ultimately, UAC (just like anything else you want to run on your computer) is a "to each, his/her own" kind of thing, but I recommend you keep it on.

EDIT: Oh and if you download cracks, illegal files, etc, you do it ENTIRELY at your own risk. If you get burned, you deserve it for promoting piracy.

 

Of course, this kind of stuffs = AT YOUR OWN RISK
Just like overclock/flashing BIOS.
I won't blame people for this.

And then for the other comments you post. ALL HAIL CRASH!

 

Can I get an "amen" brothers and sisters?

Gary

 

Amen!
. . . . .​

 

Just a simple addition to this thread.

We have 200+ windows users... about 50 of which use Vista now.

Vista + UAC + corporate antivirus package has resulted in a amazingly low infection rate in Vista computers as compared to XP with the same corporate antivirus package.

25% of our users are getting less than 2% of our outbreaks...

UAC and the improvements in Vista are quite effective, actually.
UAC is not perfect, and Vista is not bulletproof, but given the numbers I am seeing, Vista and UAC are quite decent when used properly.

 

but i am not buying that story because its incredibly dumb and if were in the windows development team i would jump off a bridge right now.

 

Politics have no place in the forums.

Gary

 

read properly

 

? What you said earlier, even if meant as a joke, was insulting. That is why I edited it out. If you have some kind of complaint about that, PM me (or Chaz).

 

Exactly.

For the layman user, the very person UAC is supposed to protect, spamming them with warnings every time they click on anything does nothing more than condition them to just hit yes to every popup they see.

As already mentioned, Linux is a much more secure OS, yet much less annoying about it at the same time.

 

That's not even dignified enough to be politics.

 

I did and so did the moderator who edited out your POLITICAL message.

Gary

 

and guys, to whomever made those comments about me.....just coz I have location or country Dubai in my sig doesn't mean i'm from Dubai, I have lived in Dubai for 20 years and I still live there. But i'm from Syria, but regardless, I've lived in the USA and studied there and any comments towards where I'm from just shows me your level of maturity (to whomever made that comment)

 

I may not agree with you on everything, MaXimus, but I most certainly agree with you on that point.

 

Cheers bro

 

Hello everyone. This is my first post to the forum. I normally stay away from registering on forums but I absolutely felt a strong need to clear up the (U)ser (A)ccount (C)ontrol issue for anyone willing to read it. I am a security professional and no I don't work for anyone just to clear that up ahead of time.

UAC was introduced as of Vista for heightened security. The intended purpose was to prevent programs from opening other programs without the end-user's knowledge. The chief complaint about UAC is that it is annoying, which microsoft does not deny. For those people who find UAC annoying you will be happy to know Microsoft has released a tool which can do many things, one of which is to disable UAC on a per-program basis:

http://www.systemsabuse.com/2008/01...-vista-uac-disable-vista-uac-per-application/

UAC, as mentioned previously, is not a replacement for anti-virus software but rather an aid and tool among other programs to combat threats such as malware. If UAC was disabled as this posts starter indicates, that is why his crack could do it's damage.

The bottom line is, disabling UAC is not a wise move. It is user preference of course but teaching people to disable UAC in an effort to stop it's annoying nagging is not the appropriate way to handle the situation. Be smart and keep all the protection you can. Hopefully Microsoft has stumbled on posts like these and will make the appropriate changes to allow users an easier way to disable UAC on a per-program basis.

 

UAC is NOT useless. I went to a website that wanted to install some AV program and UAC stopped it in it's tracks. UAC is one of my favorite features of Vista. When W7 is released i'm setting UAC to it's highest detection setting.

 

If you had something as simple as an ad blocker installed in your browser, you would not have needed UAC in the first place. I use Opera with Fanboy's Adblock List, which is also available for Firefox, and if i'm not mistaken it's also available as a hosts file to have the sites blocked system-wide, that's right, in IE too.

UAC does nothing but bug you, really. Because 90% of people are going to hit yes anyway. I often write AutoHotkey scripts to automate certain tasks. I want a computer that can do things by itself when i'm away, not one that i find 6 hours later with zero work done and a big fat popup asking "are you sure you want to continue?".

Just FYI, i haven't been using real-time AV in over 3 years, and there is NO VIRUS on any of my machines. If you learn safe browsing habits and disable AutoPlay, no virus can touch you.

 

You know, not only adds can contain potential malware.

And add blocker does not protect you as UAC does.

And why is this thread still going on?

Its best to leave UAC turned on - finished.

And if UAC pops up without you opening a program or installing something you know something is wrong. If its bugging you all the time then something is possibly wrong with your computer.

 

You seem to be living with the misconception that a virus can only get on your computer if you let it on. Not true.
Safe browsing habits certainly make all of the difference in the world... but let's take my server for example. No AV on it, but no one ever sits on it web browsing (or anything but management) either. How did it get a virus?
Well, it was running XP Professional SP3, but it was vulnerable to Conficker/Downadup. And that's the story. If you think being careful alone is enough, you're dead wrong.
My server is now running Vista Business with UAC on, still no AV - but that doesn't even mean it's totally secure.

 

it's not UAC that is useless. windows is useless. linux ftw.

 

Yep, just keep telling yourself that as drive around town without your seatbelt too. You make the announcement that you run without antivirus software as if that is something to be proud of. It's not. If you want to engage in such blatantly ignorant practices fine, but do not suggest that others should do so as well.

Gary

 

While I may not be as knowledgable about the intricacies of computing, it appears to me that this is a futile debate. For those who see the benefit of the UAC, they will keep it on despite the inconvenience that it might pose to them (I count myself as one of these people). For those who don't like the UAC, they can disable it and take their chances. Either way, discussing the merits or otherwise of the UAC is pointless except from the POV of the end user.

 

It is not pointless to discuss it in order to correct the mis-information and outright falsehoods that are sometimes espoused in these sorts of threads. Too many unsuspecting folks have been swayed into a false sense of security by supposed "experts" into turning of a very important set of protections built into UAC. When these "experts" make such proclamations, a contravening point needs to be made.

Gary

 

What are you trying - we are debating Windows here.

Like this your statement is wrong.

Yes, Linux can (in the hands of a capable user) easily outperfrom Windows - but Windows has its uses too. As has Linux - there is no simple "this is better".

On the Linux note: Linux ask you for a root (super administrator in a way) password to do some actions - like changing system settings.
(At least my copies the times I had one - SUSE - did)

Same idea as UAC - something tries to change (attack?) the system - the system thinks "wait a minute" an asks the user.
Now the Linux user types in a password the Windows User get's a little popup that say "thisis trying to run, do you allow it?".

Same thing different implementations.

 

Don't get me wrong! I do agree that false assumptions and/or mistaken ideas and/or mis-information and/or falsehoods should be pointed out and corrected as far as possible. I just felt that on reading this entire thread that the OP is not really interested in a reasoned approach to discussing the UAC.

As far as the UAC goes, I hardly think MS (or any software manufacturer who operates on a micro-retail level) would go out of their way to deliberately make life difficult for their customers. MS put the UAC in Vista for a reason: Security. Now, we can certainly argue on whether it could have been implemented differently or perhaps more efficiently - but to maintain that it is wholly useless is stretching the argument a bit too far.

As I read the posts, I found that there are some who think the UAC is useless and are coming up with dubious arguments to support that POV. Convincing them, I think (of course, as in any thing, I could be completely wrong) is an effort in futility. Thus, my comment.

 

Yes, we're on the same page. I usually don't try to engage in a back and forth except to point out such dubious arguments. Others here try to do the same, just to make sure some inexperienced user only gets to hear these dubious arguments and assume they are correct.

Gary

 

The scope of the OP is narrow-minded. He would have you believe that UAC is useless because of his one encounter. Since when was one encounter enough statistical data to validate a claim?

 

/sigh where to begin...

If you think that "just using an ad blocker" and "smart browsing" is the only way you can get infected, you need to do some reading on networks, the Internet, and malware as you are SORELY misinformed.

Take it from an IT professional with 12+ years of fighting malware from the front lines. (I send 2-3 "brand-new-no-one-not-even-the-anti-virus-people-have-seen-it-before" reports per year into the experts.)
You CAN get infected, even if you are as smart as you think you are, and even if your actions are flawless.
On ANY network there are always "weak links"... co-workers, owners, significant others and roommates come to mind... if they get infected, they CAN infect you via zero-day network-aware viruses and security loops.

The best defense is layered anti-malware programs and policies which make it more difficult (and thus never impossible) for malware to take over.
UAC is far from perfect, but it is INDEED one very important part of a good defense.

Frankly, UAC is the beginning of what *nix has provided for years... it FORCES the programs to run using proper permissions. Yes, its clumsy... but its a beginning of actual security.

Note that such defenses always prove to be somewhat annoying for the users as well.. but quite frankly the current version of UAC does NOT cause any problems unless you are running some VERY bad code.

I run UAC and NEVER see a prompt unless I KNOW I just started a program which requires elevated permissions. (and most of which are unsigned programs) If you are having repeated UAC prompts, you may not be as clean as you think you are or may simply be running some very questionable or old code. "Too *smart* for your own good" is a common phrase in IT.

As I said before, Vista is MUCH more likely to turn away a virus than XP... even with corporate antivirus, even with other anti-malware running. UAC works and this is from a guy with a MUCH larger view than most of you have. (Unless, of course, you have a mixed network of over 300 machines, 200+ of which are now windows)

Oh, and anyone who thinks they are "safe"... you aren't.

Anyone who knows ANYTHING about what they are doing is borderline paranoid when it comes to network security especially when concerning the Internet. Anyone who isn't needs to do some reading.

If you personally want to risk your security and your information to ignorance... then go ahead... but I reserve the right to rebuke you in the name of every innocent newbie who reads these forums.

 

I have to agree with Kernel Panic. hoenstly, jsut when you think you're safe, you aren't. My friend got into internet security a few years back and he realized how easy it was to bypass half the current protections out on the market(including softwares and router/network protections).

Now, he doesn't do any type of important web browsing(even at home) without at elast 2 proxies located in far corners of the world. Is he paranoid? Probably yes, but he knows there is always a risk and taht risk could very well be worth taking paranoid measures.

Seriously, UAC is annoying, but it is a protection and forces to actually pay attention to what you're doing(since you have to manualyl give permission to everything).

 

Welcome to the internet!

Gary

 

This is, of course, complete nonsense (and I might add in parentheses that one might expect a "security expert" to understand this...).

All Windows-NT-based operating systems have always provided proper security, in exactly the same way (one might argue, in fact, beyond) Unix-like systems are doing that. UAC, as a matter of fact, has next to nothing to do with the attempt to provide more computer security, and it has everything to do with getting users in the Windows world to accept that security, rather than blithely ignore, and disable it.

You were always free to configure your Windows-NT machine properly, meaning running your day-to-day work while logged in as a Standard User, and using accounts with adminsitartive rights only when needed (for system-level tasks). Unfortunately, in the PC world, self-declared power users were quick to dismiss all of the built-in security of these systems, and habitually log in as administrators, in effect turning their sophisticated operating systems back into DOS boxes, security-wise.

Conversely, in Unix systems there is nothing that would prevent users from always logging in as root, but the culture in the Unix world is such that Unix users typically are at least minimally computer literate, so they would not usually act as dumb as that.

 

Can I get an "AMEN", brothers and sisters? (For our friends here from non-christian based communities. This is a phrase spontaneously shouted at certain church meetings, when someone in the crowd wants to elicit a response of agreement from the rest of the crowd in regards to something the speaker just said to the crowd.)

Gary

 

You are 100% correct, however until Vista the DEFAULT settings for users were such that they automatically had full ADMIN rights. It was not so much a matter of undoing, dismissing or ignoring anything. You had to go out of your way to do it right. I think what KernalPanic was driving at was that UAC is part of Microsofts efforts to undo that foolishness. I don't think KernalPanic meant to imply that the mechanisms were new, just the default use of them.

Gary

 

UAC issues arise again. XD
Again, UAC is good and prompt you before you doing anything stupid.
But UAC is very annoying LOL. As long as you have Good AV/IS and you're not stupid in PC stuffs, you can survive without UAC. LOL.
I can't have UAC turned on because I can't live with it. Stop annoying me already. LOL.
-NO OFFENSE- Do not QUOTE the sentenses above, they are not mean to insult or mislead the other. I am a noob who want UAC turned off, that's all, it is personal.

 

QFT! I only occasionally see a UAC prompt, and i run as a standard user most of the time, even though I'm the only person who uses my machine. The added peace of mind is well worth any minor annoyances.

 

Do whatever you wish to your own machine, but your first statement above falls under the sort of misleading, misinformed, and just plain wrong "information" that will not go unchallenged in threads like this.

Gary

 

Methinks you need to do some reading as well... Windows "security" has always been able to run ITSELF or certain user-available programs as administrator without user intervention... Changing modes was all too easy and indeed making even a low-permission user into Admin was all too easy.
Many of IE's security holes had to do with being able to execute at an ADMIN level while in a non-priviedged user interface!

Forcing user intervention for critical changes is the key point in UAC right now in the same way that *nix computers' root access controls who does what.

You are correct that the mentality "im too SM3rt" did indeed hurt windows in the "I don't need no silly permissions" users department. Running as admin all the time and programs that required such bad practices were indeed a bane to windows security, but your smugness about *nix is unfounded as well...

There are reasons why some *nix OSs have restrictions (or available restrictions) on who or where or what can log in as root.

*nix users obviously have a few "too sm3rt" and "too smug" people as well.