backtop


Print 134 comment(s) - last by kayronjm.. on Apr 17 at 5:26 PM

The truth comes out about User Account Control

Microsoft's Windows Vista operating system has been lambasted ever since it was launched for consumers in January 2007. Diehard Windows users balked at the steep system requirements, sometimes sluggish performance, inadequate driver support, and varying products SKUs at multiple price points.

One feature that has caused quite a bit of controversy with consumers has been the User Account Control (UAC) that is included in Windows Vista. UAC prompts nag users for simple operations such as going to device manager, emptying the recycle bin, or installing/uninstalling an application.

David Cross, a product manager responsible for designing UAC, gave the real reason for UAC at the RSA 2008 conference in San Francisco yesterday. "The reason we put UAC into the platform was to annoy users. I'm serious," remarked Cross.

Cross added that Microsoft's unorthodox method to stop users from wreaking havoc with their systems and to stop software makers from making applications that delved too far into the Windows subsystem was a necessary move.

"We needed to change the ecosystem, and we needed a heavy hammer to do it," Cross added. Cross went on to say that although UAC may be seen as an annoyance to some, but its lasting implications are far more beneficial to Vista users. "Most users, on a daily basis, actually have zero UAC prompts."

Many would say that many users have zero UAC prompts on a daily basis because they have already disabled UAC -- not so says Microsoft. According to Cross, 88% of Vista users have UAC enabled and 66% of Windows sessions do not encounter UAC prompts.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

UAC / Security
By Mike Acker on 4/13/2008 8:44:36 AM , Rating: 2
of course UAC is a component of Computer Security. and I think it is a very good thing that the issue has been brought to the fore-front by the creation of UAC

the concept that "going to device manager, or installing/uninstalling an application" are "simple operations" that "users don't need to be "nagged" for" is a monster flaw in today's thinking. That installing programs over the net can happen without user authorization is how un-authorized programming gets into computers

I'm reading Zero Day Threat at this time, by Byron Acohido and Jon Swartz which is very informative, and interesting, scary, and disgusting. Previously I went through Gary Rice's Geekonomics

Bruce Schneier has noted that "complexity is the enemy of security" and I agree with him on that. There should be one way and one way only to install programming on a Windows computer and that is by using the official SETUP program.

If you want to install something, great, but you'll need to download it first, check the digital signatures, and then proceed to run the install. What's so hard about that?




"We don't know how to make a $500 computer that's not a piece of junk." -- Apple CEO Steve Jobs














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki