backtop


Print 134 comment(s) - last by kayronjm.. on Apr 17 at 5:26 PM

The truth comes out about User Account Control

Microsoft's Windows Vista operating system has been lambasted ever since it was launched for consumers in January 2007. Diehard Windows users balked at the steep system requirements, sometimes sluggish performance, inadequate driver support, and varying products SKUs at multiple price points.

One feature that has caused quite a bit of controversy with consumers has been the User Account Control (UAC) that is included in Windows Vista. UAC prompts nag users for simple operations such as going to device manager, emptying the recycle bin, or installing/uninstalling an application.

David Cross, a product manager responsible for designing UAC, gave the real reason for UAC at the RSA 2008 conference in San Francisco yesterday. "The reason we put UAC into the platform was to annoy users. I'm serious," remarked Cross.

Cross added that Microsoft's unorthodox method to stop users from wreaking havoc with their systems and to stop software makers from making applications that delved too far into the Windows subsystem was a necessary move.

"We needed to change the ecosystem, and we needed a heavy hammer to do it," Cross added. Cross went on to say that although UAC may be seen as an annoyance to some, but its lasting implications are far more beneficial to Vista users. "Most users, on a daily basis, actually have zero UAC prompts."

Many would say that many users have zero UAC prompts on a daily basis because they have already disabled UAC -- not so says Microsoft. According to Cross, 88% of Vista users have UAC enabled and 66% of Windows sessions do not encounter UAC prompts.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Zero Click Security?
By amanojaku on 4/11/2008 11:11:09 AM , Rating: -1
quote:
"UAC is not a perfect security boundary, but it [has helped us] move from 'zero click' exploits to 'one click' defense," said Cross.


UAC might not be necessary if Windows was as secure as, say, UNIX. In use for nearly 40 years (get ready to celebrate next year!) and I'm willing to bet number of exploits is than Windows, which has been around since '85.




RE: Zero Click Security?
By archcommus on 4/11/2008 11:13:49 AM , Rating: 3
Yeah, now please compare how many exploits are attempted against Windows versus against Unix.


RE: Zero Click Security?
By amanojaku on 4/11/08, Rating: -1
RE: Zero Click Security?
By imperator3733 on 4/11/2008 12:21:22 PM , Rating: 3
There are more attempted exploits against Windows because of Windows's higher market share. Therefore, more disruption will be caused by an attack on Windows than there would be if the attack was against UNIX. UNIX may be more secure than Windows (and it probably is), but security isn't the reason for the higher number of attacks. Crackers just want to cause the most damage possible, so they go after the OS that is largest.

It's the same reason why the Mac isn't attacked as much as Windows. I would guess that it would be easier to damage Macs that it would be to damage Windows but it doesn't happen because of the market share.


RE: Zero Click Security?
By akugami on 4/11/2008 11:19:38 AM , Rating: 2
The problem isn't if Vista is more secure than Linux, Unix, MacOS, etc. The damned problem, and this is what annoys power users, is that a single program accessing resources, such as on an install will pop up not one, but as many as four or five and maybe more, UAC modal boxes for permission to access certain information or do certain tasks. MS needs to design UAC in a more intelligent fashion. I have UAC turned off both at work and at home.

While a fan of some Apple products, I have not used OSX. I do have reports that the access permissions in OSX is much more intelligently designed. I do not want to have to click 20 times just to install and get a program up and running. I do understand setting local and internet permissions to programs, especially new ones but it takes multiple clicks per UAC modal box, and when three or four of them pop up, you'll be cursing at the screen.

I would love to leave UAC off, but the consequence of doing so is so much of an annoyance that it causes my productivity level to drop. Simply unacceptable.


RE: Zero Click Security?
By therealnickdanger on 4/11/2008 11:24:07 AM , Rating: 5
If you install programs THAT often that it impacts your productivity, then you are the very user Microsoft had in mind when they provided the option to TURN OFF UAC.


RE: Zero Click Security?
By crimson117 on 4/11/2008 11:48:13 AM , Rating: 3
Yeah, just disable it temporarily while you install your initial system configuration (anti-virus, office software, games), and then only enable it once it goes into day-to-day usage.


RE: Zero Click Security?
By akugami on 4/11/2008 12:11:14 PM , Rating: 2
I'm constantly tinkering with apps, I can't help it. It's part of what I have to do. A lot of times I have to go into the Program Files folder to look at things, either copy to or from app folders. This constantly brings up UAC boxes. Hence, UAC is turned off.

I'm also not Joe Computer User and while no computer expert, I'm fairly knowledgeable about computers.

What I don't mind is some form of UAC. What I hate is MS's implementation. If you look at how ZoneAlarm does things, I think that is a much more acceptable way to do it. It still requires clicking, it still requires a person to look at what is being installed and what is accessing the internet but at the same time it's not inducing annoyance (or not much) on its users.


RE: Zero Click Security?
By phatboye on 4/11/2008 11:23:59 AM , Rating: 2
UAC is not needed in UNIX and UNIX-like OSes because unlike windows, users are not given root/admin privileges by default. Generally in non-windows environments you need to su/sudo as root in order to perform actions that may affect the system. In a way you could say this is synonymous with UAC.


RE: Zero Click Security?
By eye smite on 4/11/08, Rating: -1
RE: Zero Click Security?
By therealnickdanger on 4/11/2008 11:39:12 AM , Rating: 3
Ethical? They are providing a service that prevents system-wide damage by people that lack the even the moderate understanding that we take for granted. You turned it off, great job. Stop perpetuating the fantasy that Microsoft is out to control your life. There is nothing malicious behind UAC, in fact, just the opposite.


RE: Zero Click Security?
By eye smite on 4/11/08, Rating: -1
RE: Zero Click Security?
By therealnickdanger on 4/11/2008 12:06:25 PM , Rating: 3
That's not exactly the same thing, UAC let's you press "OK" to continue, it doesn't bar you from continuing... but I don't want to get into an argument over analogies. The subject matter is simple enough without needing them.

When it comes to technology, people ARE sheep! Don't assume I'm assigning a negative connotation to "sheep". Ignorance is bliss. The simple fact is that Microsoft is safe-guarding their operating system and the sheeps' computers at the same time with VERY LITTLE intrusion.

It's extremely arrogant to assume that these sheep should take the time or even care about taking the time to learn what you have learned. I understand why they should, but they never have in the past and never will, so something has to be done to do it for them. Enter UAC. Effective and ethical.


RE: Zero Click Security?
By eye smite on 4/11/08, Rating: -1
RE: Zero Click Security?
By darkpaw on 4/11/2008 12:27:48 PM , Rating: 2
Theres a reason every lawn mower has those saftey stickers plastered all over them... some people are stupid enough to stick their hands/feet/other appendages into them.

People can learn, but most people can't learn the way I and many other computer focused people did. I wiped out the os so many times on my original PC while learning, but I was willing to pay the price. If average user wipes out their OS they end up spending $200 to have those geek squad idiots fix it for them. They don't learn, just pay the price to have it fixed.


RE: Zero Click Security?
By Rob Pintwala on 4/11/2008 12:37:33 PM , Rating: 2
I agree that people should learn, but to learn we need to make mistakes. My problem with this is that making mistakes on a PC can be a VERY costly endeavor for the vast majority of people who are unable to rectify their PC problems on their own.


RE: Zero Click Security?
By nyarrgh on 4/11/2008 4:35:15 PM , Rating: 2
I use Unix and I use Vista. In Unix, I have to sudo or psh, In Vista, i use "run as administrator". I don't see anything wrong with this. I do have a machine with UAC disabled, I don't see anything wrong with that either. I may have taken the time to learn how to use a computer properly, but Hell will freeze over before you can get my grandmother to do so. Some people are forgetting that not all people share their inclination towards computers. I don't expect everybody to learn the way I did, the same way I don't expect to have time or the inclination to learn how to sew properly, or glass blowing, or bullfighting.


RE: Zero Click Security?
By abzillah on 4/11/2008 1:53:32 PM , Rating: 2
What the hell are you guys talking about? I have had vista for 15 months now and I don't even know what UAC is. I install progams and such multiple times a week, but I haven't had any problems with this UAC you guys are talking about. The one thing I can tell you is that I haven't had to reinstall Vista once yet on my PC like I used to with all the other windows when I would end up with a virus. If UAC is actually doing helping me with this, than I have no problems with it.


RE: Zero Click Security?
By Locutus465 on 4/11/2008 1:57:21 PM , Rating: 2
If you've installed any application at all on vista without modifying the default UAC settings then you've seen the prompts. The screen will darken and you'll get various forms of Cancel/Allow or Continue/Cancel dialogs that you have to answer before windows will allow you to do *ANYTHING* else.

I do agree that they are not the constant issue many people make them out to be. I do get promts at least once a day, but only because I have to run VS.Net 2005 in administrator mode to ensure I can properly run the debugger.


"Spreading the rumors, it's very easy because the people who write about Apple want that story, and you can claim its credible because you spoke to someone at Apple." -- Investment guru Jim Cramer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki