the real problem with UAC

UAC Argument again? This topic have no end. Restless....

Conclusion,
UAC is a feature which can be turned ON or OFF easily in the Control Panel.
It doesn't any registry hacks and stuffs to turn it ON or OFF. So, it's created by Microsoft/Windows that it can be changed by the User easily in the Control Panel. Thus, to those LOVE it, ON it. To those which don't like(annoying) it, OFF it.

 

i just find it funny (means: sad and actually terrifying) that most do disable it for the reasons they should enable it: for full system control, for "knowing what's going on on my system", etc..

turning it off means two things:
1) some message boxes don't pop up (and that gain is sooo worth every other loss, seriously (a.k.a not at all))
2) you give away your control of the system towards the apps that you, from that moment, have to trust in 100%. with uac on, your system and you are a team, that talks with each other. in control of anything bad that could happen. turning it OFF breaks that relationship, letting both you, and the system, in an unsure state about what's going on.

so exactly the tweakers and control freaks should turn it on.

but exactly they don't want to understand. and the only reason they don't is their ego.

and that's why i called some people stupid for .. what does stupid stand for? exactly: for not thinking with their brain, but with their ego.

now that was not nice, of course. but it does make some sense.

 

Agreed. UAC is there for a reason, if there was an option for UAC to "remember" what actions you took before then some kind of malicious malware could circumvent its protection.

 

I was thinking about turning UAC off because of it's annoying prompts which appear for softwares I use daily.

davepermen and other users convinced me and i'm not going to turn it off, prevention is better than cure.

Thanks for the intelligent posts and arguments, and woe to those who advocate the "we are free to do whatever we want" dogma.

 

The main focus of uac is not about security! It's about connivence, or so Microsoft says:

http://technet.microsoft.com/en-us/magazine/2009.07.uac.aspx#id0560012


Interesting read:

 

well, dark bane. you have, again, proven you have no clue.

UAC is the same as having a non-admin user and having to switch to the admin user all the time.

and, from this point, it's only about convenience.

BUT using a non-admin user is about security. it's about not messing with your system if you don't need to.

now everyone SHOULD have never used the admin, and then, UAC for everyone would have been a thing of convenience.

BUT everyone WAS admin for years (which made 0 sence). so, for all those, UAC is a slight inconvinience (but much better than no admin, and two users to switch) with the same security gains of having a non-admin user.

 

systems without uac got killed all the time over the years. that's why it's there and default by now. every tweaker who rendered it's os accidentlly unbootable. every virus that installed itself as hw, or service, and made the system unusable, etc.

they all did it, because we "had to be admin" all the time. for no reason.

 

lol, you do know that i quoted form Microsoft? I was just pointing out that Microsoft said that their focus was on connivence. But of course it does provide some security. Did i say that uac had nothing to do with seucrity? No, it case you can't read, i said security was not the MAIN FOCUS. Don't believe me, read the flipping article.

 

yeah. convenience compared to the corporate world, where users have no admin rights by default.

i know the article. they come from the other point of view: the point of view where no one is admin (as they suggested again and again, for xp, too, to NEVER be admin if not needed)

it's the most convenient solution to what they always hoped people would start doing: not using admin for stuff that doesn't need it (word, excel, etc.. games.. internet.. music..)

 

Man you really are clueless, aren't you? The main focus of UAC is to provide a convenient INTERFACE to a security feature. Now explain to me how that is more about convenience and less about security.

Gary

 

I'm not going to disagree with you. I was just merely pointing out what I thought was an interesting uac article from Microsoft. Sorry if i offended you so much

 

it's not interesting as it doesn't state anythign we don't know yet. it sounded interesting to you as it was an amazing "counter point" to what we try to tell all the time. sort of actually only posted for offending us

non-the-less.. if you ran an os without being admin, you'd knew how crap elevation was before vista/win7. uac is a great convenient interface for that.

 

how did you get that from my post? It wasn't a counter point to anything. In fact, how could it be? I wasn't arguing with anyone about uac. (the only thing i was arguing about is that some people needed to be more subtle when telling others how they are wrong)

Define "we". Are you going to speak for everyone who comes to this forum? Not everyone keeps up with this stuff. I wasn't posting for anyone in particular.

 

we were talking in here about how uac is useful and all and enhances default security of an os. and you posted that showing "no, you're wrong. it's only concenience".

now how is it not a counter point, somehow?

 

? I didn't say anyone was wrong about uac. Also, I didn't say that it's ONLY about connivence (main focus does not mean only). All I did was quote some stuff.

 

yeah, but why? i always question the why. and the why just so obviously looks like you wanted to counter-attack the ones supporting that uac is about security.

you just quoted without actually comprehend what it's about.


hint:

uac is the most user friendly way to implement elevation for non-admin accounts. that is a convenience enhancement over how you would have done this in xp.

vista and win7 by default don't create full admin accounts, but only non-admin-accounts that can elevate. this is the security enhancement.

if you want to be picky (you sure like to ), then, yes, uac by itself is not the security enhancement. but without uac, it would not be possible to get users to use a non-admin user account as the os default.

 

I have to agree, if they did then there'd be no need for UAC to hold the hands of computer using idiots.

However since the average computer user is a marginal step up from a potato on the intellectual level, we have UAC.

I know my computer use habits better than Microsoft and I don't need my OS to ask if I really wanted to run the application I just tried to run, so I disable UAC.

I have no idea where you both got the idea that disabling UAC has anything to do with bragging rights or "claiming how in control he is of his machine" though.

Then again I have no idea where you get the idea that everybody who is arguing with you in this thread is advocating that everybody should disable UAC either. Most people are perfectly happy with it, I'm not, thankfully using it or not is a choice.

People shouldn't be berated by other members of this forum for making that choice.

Exactly.

As an aside, I don't post on here all that regularly, but every time this subject does come up, davepermen comes in guns blazing calling people idiots left right and centre for disabling UAC and nobody seems to bat an eyelid. I'd have though that insulting people so frequently would be something that would be looked down upon by the moderators.

 

this explains that

i will state again and again that i don't call a person stupid. i call it's behaviour in case of disabling uac stupid. there's a huge difference between attacking a person, and attacking the behaviour of a person about the topic we talk. turning off uac is stupid (imho, of course), so anyone doing it, is, at that moment, stupid. this has nothing to do with attacking a person.


and calling behaviour stupid is not an insult. if i think someone has a clever idea to fix something, then i will state you're doing something clever. if some idea is a stupid one to fix something, then i state he's doing something stupid. what, exactly, is insulting?

maybe you feel insulted because you know i'm right, and you only rely on your bragging to turn it off, but don't want to accept it? from your behaviour, it sure looks so. else you would have read my arguments how uac helps you to be more 1337 about being "the king over your machine".

 

Ok, I have no idea where this thread has gone or where it is going. It use to be I understood where everyone stood in their perspective on UAC. However, I'm a little lost. Ever since Darth Bane posted the technet article, everyone has seemed to switch their positions....

 

not really. only darth bane seemed to change. penguin still hates uac, i still think it's stupid to hate it, etc...

 

What did I change? I already said in a previous post that I think uac should be left on, but I think its silly to insult people who turn it off. It's their computer, they can do whatever the hell they want to it (blow it up, take a sledge hammer to it, run it over, etc). Those people simply prefer less security for less annoyance.

Jeez, the tech net article wasn't supposed to be anything mind-blowing/ position-changing.

 

ok, so not even you changed.

****, nobody changed any mind. it was all useless talk. penguin still thinks he's supperior at castrating his os (and he is, at castrating it ), and we still know better

nice christmas

and i still haven't really insulted people who turned it off, it's fun how you still hold that point, while i stated my behaviour, my reason, and how never actively planned to insult a person, BUT ITS BEHAVIOR. and this is completely fair.

people can drive without seatbelt if they want (illegal here, but they can still do it), and i can everytime insult them for that behaviour, saying it's stupid. it won't matter as long as nothing happens. but the moment something happens, i will have the last laught (but i most likely won't, as the result of not having a seatbelt isn't funny normally at all).

turning off uac is stupid, espencially if they state "it annoys me". that just shows how much they "have control of their system" if they get annoyed by the default setting: a.k.a. not at all. they fail to understand the tech, and to use it.

but i guess penguin won't ever understand that. he's too much working at being sure everything works on his system. while i just know it does, relaxing, and don't have to care.. good night

 

i am with darth bane. i set up systems for other people. i leave uac on. if they can find where to turn it off then that is up to them. i know that leaving it on will not make much difference to security. they will just answer yes to the uac prompt, reading it only as 'do you want to install this software or not?'
for me, it is turned off all the time, i see no use for it at all.
actually the mac solution is better imho, where you have to provide a password. this at least gives the user a clue that its related to security.

 

To be fair, if people ran Windows like Microsoft recommends-ie, using a Standard user account for everyday use, and leaving an administrator account solely for administrative purposes, then you do get prompted to enter your password.

You can also go into the Local Security Policy editor in most versions, and change it to prompt for consent in any account, not just standard.

I've been doing this since Windows Vista (attempted to do it in XP but using RunAs was clunky...) and have had no issues.

 

Do you even read before you respond with wild assumptions?

I've pointed out multiple times that I'm performing no more work than I would be by having UAC enabled, and I'm infact performing less work since I never have to see a UAC prompt.

Average computer user here =/= average computer user.

I'd consider people on this forum to be a step up from the average computer user simply due to them expressing an interest in forums regarding computers.

 

you haven't ever read my phrase: you do more work: you actively have to care that you don't do anything your system harms. 100% of the time you use your system. because you're the only control (and you can't even control it. without uac, an exe that is invisible can elevate silently and kill your whole system, without you ever having a chance against it).

i don't ever have to care about that. i have MUCH less work than you do.

but you never got that argument.


and no, people in here are not a step up from average. geeks are often a step down (the "i know better" syndrom). but yeas, the expression of interest is a step up, there i agree.

but you won't understand my first point, ever. you show the syndrom in the second point much too much.

 

+10000000000000! REP!

By the way, Davepermen, you forgot to include me to your list of UAC Ignorance/Hater.

Evil DarkSilver has turned off all UAC of his friends' PCs.

 

I would rather shoot myself then enter my password every-time uac comes up. I have a 14 character password, which might not seem long but if I had to input it every-time uac popped up, I would get annoyed very, very fast. ex: I want to check my hardware temps, oops, need my password.

 

I don't have to "care" anything, a firewall + AV + common sense means I spend no time at all worrying about anything, I just use my computer and I don't have to suffer through UAC prompts in order to do so.

Lord knows how many times I'm going to have to explain this before it sinks in.

 

I believe this is untrue. Standard users will always be prompted for credentials. The setting I'm thinking of only has the following options: Prompt with secure desktop, Prompt without secure desktop, Always deny.

I still have no idea where this thread is going. Since the mods clamp down on the PC v Mac threads, this is my new form of entertainment.

 

While you should use the standard account for your everyday tasks, checking temps/performance logging is an admin task.

I don't expect the assistants to be checking their hardware temps regularly. It is fitting that you should run in an admin account.

There are two issues that constantly get confused here. One is the view that UAC prompts in an Admin account is intrusive. Second is the view that UAC in general is intrusive. Two different views. But everyone ends up being lumped as for UAC, else against UAC.

I personally like UAC for the simple fact that the old RunAs sucked a hairy dry potato sack rolled in dirt for two weeks.

 

To each his/hers own.

It's going to be the ones that are disguised well that will have a remote chance of getting you. Cause the user will allow UAC to let it do it's thing and/or some might think it's a false positive from their AV.

 

well, firewall don't guards you from anything that's on your computer. AV can only guard you from what it knows. and common sense should be common sense anyways. if you would have common sense, you would use UAC, as you know it guards your from EVERYTHING. that far, that you wouldn't even bother about an AV.

or is it common sense to be able to overwrite system files with word, excel, powerpoint? with your games you play? with firefox/internetexplorer/whateverbrowser fits your needs?

how is it common sense for any of those apps to run as admin, being able to have full access to your system?

i prefer to have my system having full control of my apps, rather than the reverse. as my system, i can trust. my apps, well.. as we know most of them are buggy and can be invaded easily.

so, you talk about common sense, and still don't get common sense. fun

 

yeah, you're right actually. if you want the password asking, then you just create a non-admin user account. it will then ask for an admin-account with password.

which is essentially how uac could be implemented on xp.

 

well, you could set your hw-temp-check tool to autorun trough the taskplaner, and it would never ask for anything.

and yes, that's no use a normal user should have to check at any point in time.

 

Are you serious? I don't know if you knew this, but people actually enjoy OC their systems and benchmarking and stuff like that (companies actually have OC conventions). Just because you don't like that stuff doesn't mean others shouldn't be able to do them.

Also, god forbid that I want to ensure that my temps are in good standing.

It's all opinionated. There is no wrong or right ways to use one's computer (legal vs illegal is a different story).

I already have the task scheduler to run it on demand. I was merely saying that IF i had to enter my password, I would get annoyed very fast.



I don't think uac is intrusive. It's just trying to tell you what exactly is attempting to modify your system, what's bad with that? People only find it annoying because 99.9% of the time uac is turned on by something they did, not by a malicious software. For example, it's annoying to some people to have to tell their pc multiple times to uninstall/install a program. UAC is not going away, so I think it's better if people just get used to having to click those extra prompts. But still, bashing people who turn uac off is just dumb. It's like bashing people who like to use a different desktop wallpaper or like to use a different anti-virus program. It's all personal preferences. I think it's obvious to people who turn off uac that they are making their computers less secure, but to them, it's worth it for not having to be annoyed all the time.

 

yeah, but they do the same like the ones pimping their car: essentially messing with their systems other than planned. so they will cry about everything that fails normally, and on the system. as they're never at fault.

and non-the-less, anyone not using the system in the normal way does not have to blame the system for not liking it. blame the tweaking-tools for popping up uacs, blame them for not being programmed well enough to not need it. it's their fault.

and sure i know some do this out of fun. and i have no problem with that. but if they tweak their system, they should have basic knowledge how it works. if they do, they don't fight uac, but work around it.

yeah, terrible...
no, but seriously, it should normally not be needed. but if, you know how to fix the reading tool to work the way it should (by not needing uac).

not really. there is no wrong or right on what someone uses the computer for. but on how to, there is. there are clearly things designed in some way. and it's best to use them that way. you can work around, but then don't blame the system. that's my point.

i knew that.

nothing. but then blaming windows to behave "weird", that is. if you mess with it, don't expect it to like it.

well, actually, this is sort of malicious software. it's a bad coded setup routine, that has to get fixed. the people can be happy it's most of the time only for stuff like installing something. and not for viruses trying to spread.

and, believe me uac does NOT pop up often. contrary to ANY statements on the web. it just does NOT.
if it does, then only, ONLY, because people haven't learned how to use their pc right.

no, most of the time it's failure of knowledge, and then attacking it to be bad to feel good and intelligent about it.

no, to most, it is NOT obvious. they have no clue what it is for, and how it works.

look at penguin, he still thinks uac takes away his rights to control the pc. i have 100% control of my pc. actually, THANKS to uac.

he still believes that wrong dream of needing admin rights.

that is not an optinion, that's just wrong knowledge.

 

I still don't get people's problems with this. It seems really simple.
In order to make sure applications, that you otherwise would NOT be aware of, can't change anything on your system or install themself, you have UAC.
IMHO it is better armed than any firewall or Antivir because it simply looks at everything which isn't properly signed.

For me the only, ONLY downside we're some apps i like to run myself but couldn't elevate UAC for. Which is what the work-around through taskplanner solved. Why are some people so focused on telling they don't need it while it's the easiest way to be as safe as you can?

And really, no matter how you look at it there's nothing more to it than this.

 

so simple explanation, so great. thanks for that post, i have to use that as a first quote for any anti-uac post i find..

but some still need their office apps to be admin. and their games, and their browsers, and their explorer windows, and their photoshops.. they just do need that... they need the kick of riding offroad, without protection cloth, on a rocket bike. and they always find reasons to teach themselves how it's good like that

so, saving your quote somewhere... lets open a notepad to save it to c:\windows\explorer.exe... hey, windows doesn't allow me to!! stupid uac, have to disable it RIGHT NOW!!!



(i still wait for a real argument supporting disabling, which is not "because i don't like it". so far, i'm the only one having one... yes, i do have a valid one it has to do with badly coded apps, though..)


edit: and saved.. really, thanks. very wise wording. i completely fail at that so often

 

Entertained enough? lol.

I think all the points have been said..... a hundred times over. Please close this thread?

 

After deleting 25 posts in the last 4 days, I am no longer entertained either. Thread closed.