Broadband Tech > Security > Security > Vista Uac = Discovery to more flaws

Vista Uac = Discovery to more flaws

Either software was not designed to run as a user, on purpose, or it's just poorly written.

Then there are the users who are just too lazy to do one to two more clicks for their own protection as they don't want to use a user account. People don't need to run every piece of software on their computer as an admin, and this is the way it has been in businesses for years.

People assume so much about uac, but all it comes down to is software is poorly written or the user can't stand the software second guessing their actions when it's there for their protection.

With all the flash exploits lately anyone not running software at user level, or in protected mode is possibly giving malicious software a change to gain full admin access. The problem with uac in general is people, not the software. People want it now, they don't want to wait, and one more extra click is just an annoyance to them. Microsoft is helping the user protect the system from their actions, but some don't realize that.
--
My hourly rates:
$25 per hour.
$35 per hour if you want to watch.
$45 per hour if you want to help.
$75 per hour if you tried to fix it, and failed.
$125 per hour if you called tech support, and didn't fix the issue while making things worse

reply to Tech9
Like Blitzen said, the reason it causes issues is because most software is still not written to run as a user. So, although the flaws with UAC are not directly the fault of MS, they are the indirect fault of MS for taking too long to get with the multi-user OS community. If MS had designed Windows from day one to be like Unix, instead of waiting until NT/XP, we wouldn't have this problem now.

All that said, if you run Windows, it is smart to leave UAC on (or better yet run from a LUA).
--
Linux and BSD: operating systems the way they were meant to be -- secure, fast, free, and open.

reply to Tech9
Also uac sometimes will prompt...Or it won't prompt at all if it does Not like the specific software

reply to Tech9
I found UAC very useful and wonders why it is officailly turned off in Win 7... UAC prevents me from accidenatlly running sth nasty

reply to Tech9
I applaud UAC's intent, but I dislike the execution. I much prefer the approach several third-party programs take- if the program has been approved before, the user checked the "remember this action" box, and the program has not changed, don't pester the user with another "Are you really, REALLY sure?" box.

As soon as Online Armor puts out a 64-bit version, UAC is getting turned off on this box.
--
[Beeth] Progress (n.): The process through which the Internet has evolved from smart people in front of dumb terminals to dumb people in front of smart terminals.

reply to KodiacZiller
I find that most software programmers didn't really start making software that ran correctly on user account until Vista when UAC introduced, and this just compounded the problem of when people tried to use user accounts on XP.

Hell even games wanted full admin access just to verify that their damn copy protection software was installed, otherwise it would install it on every execution of the game.

Some business software was bad at this also, and when you have a office of people you really don't want to give the majority of them admin access as the bad habits they have at home will cause problems in the workplace. People clicking on .doc.exe files...
--
My hourly rates:
$25 per hour.
$35 per hour if you want to watch.
$45 per hour if you want to help.
$75 per hour if you tried to fix it, and failed.
$125 per hour if you called tech support, and didn't fix the issue while making things worse

reply to Rogue Wolf
That would only work if there was active crc checking, and there was not easy way to corrupt the crc database. With how Microsoft implements their tools, I doubt they would get that involved in their users security, but I hope I'm proven wrong.

reply to Tech9
I prefer to use the Norton Labs version of UAC:

»www.symantec.com/norton/theme.js···thpath=0

reply to Tech9
Apparently an anon user can post random trash-talking without any citations to back up his opinions, or indeed without being specific about anything.

Got any informed postings on the 'many ways' UAC is flawed, mr. anonymous?

reply to Tech9
I am using UAC on my new Windows 7 laptop and I don't find it annoying or intrusive at all. In fact, I'm considering changing my XP Pro box account to limited user (especially since my son is now using that box).

I too would like specifics on what the OP is talking about; I'm not using Vista, but his claims of UAC disaster on Vista seem far fetched. I see no "dysfunctional" issues with it on Windows 7, but I'd be interested in seeing some proof of his claims about Vista.

edit:spelling
--
You can chain my body to the earth, but still my spirit flies!

KEEP THE GOVERNMENT OUT OF HEALTHCARE

14,796 DEADLY TERROR ATTACKS SINCE 9/11

reply to Tech9
The UAC issues in Vista I think, are as others have said, more the result of bad programming decisions made by application writers rather than anything Microsoft did when setting up UAC in the first place except when it comes to the installation of newer versions of programs.

At that stage, since the program was already given permission once, wouldn't it make sense that installing a newer version of an installed program should be automatically allowed?

If there is a concern about a "fake" newer version of a program, I'm sure that the UAC could have been programmed with the granularity to allow users to decide whether a newer version of an installed program requires permission or not.

NefCanuck

reply to Tech9
I love UAC and use it in combination with Outpost Firewall Pro's Host protection for win7 x64...works just fine.
I like being alerted to what is being done without my interaction and with my interaction.

reply to Tech9
To be honest UAC is pretty much useless aside from stopping a stealth install. Even if a stealth install tripped the UAC, all it does is teach the users to click Yes/Next/Continue even faster than they could before.
--
"I like to refer to myself as an Adult Film Efficienato." - Stuart Bondek

That's my feeling as well, only based on the lack of information UAC offers as explanation(s).

reply to Steve

reply to munky99999

reply to munky99999