Jump to content
Sign in to follow this  
cmunson

Vista User Account Control - Friend or Foe?

Recommended Posts

ms (gates & balmer ) said a few years ago they didn't think of security, i wish i can find the video, if i do i will surely post it ;)

 

 

after that was said it made clear sense to me that they were behind in security for at least from there very first release up until vista!

 

i don't think till this day they anticipated such security threats, or they could not properly implement security features, it is stunning to see how they include such features without thinking of the novice users inability to correctly use its functionality.

 

 

i' not being a novice user is intrigued on just how far these security features will go, as the novice user could care less that they even exist :)

Share this post


Link to post
Share on other sites

It's not difficult, it is just foriegn to Windows users.

 

UAC isn't the problem, not really anyways.

 

It is Microsoft's total lack of regard for security over the past 2 decades that is the problem.

 

They created a monster, they single handedly created the massive malware, virus, spyware, worm, trojan issues that are rampant today. They did this because they refused to ship an Operating system with the most basic securty features enabled.............proper user accounts.

 

Now after 2 decades they finally decide to do so. I say it was long past due.

 

Did they do a fantastic job of implementing it?

 

Nope they sure didn't, they did it so poorly that it is annoying beyond belief.

 

Does it work?

 

Yes it does, and I think anyone who is recommending that others disable it is doing everyone on the internet a disservice.

 

Microsoft should have looked at Unix, Linux, Apple............and they would have seen how simple a thing it can be, and how to do it properly.

 

I think while they are 20 years late, and very short of hitting the mark, they will eventually get it right. In the mean time folks should learn to live with it, they should never recommend others disable it.

 

The job they have done with it, is just about what I expected from them, it is about the quality of work they always do.

 

Just say WoW :lol:

Share this post


Link to post
Share on other sites

Bruce,

 

I agree with you to a point. I had to disable UAC on my Vista PC. My productivity was down so far, and when it sees a danger, all action stops. A good example is WinRAR. I get a lot of zip files and immediately, the entire screen turns blank and I cannot do anything other than respond to UAC. Too annoying.

 

I believe the reason that Microsoft cannot get security right is because their legacy is an unsecure operating system. Therefore, they cannot break the eco system while at the same time trying to plug enormous security holes.

 

I have felt for a long time was that the only way was to create a new secure operating system. Over a long period of time like 5 years, the software developers will start making changes to their code so that it will run on both operating systems, and then over a longer period of time they can eliminate the legacy operating system.

 

Clearly Vista is not the ticket.

Share this post


Link to post
Share on other sites

cancel or allow when attempting to run or install an application, i must ask, would this only protect the system if in fact the user wasn't executing the file ?

 

i admit i used vista during its development stages and was wondering if the user accounts functioned well when installing apps verses xp user accounts ?

Share this post


Link to post
Share on other sites

i guess what i meant to add was is there any problems running a user account that prevents the user from installing software?

 

xp was by far the worst when it came to that, many were forced to log on as admin!

Share this post


Link to post
Share on other sites

it's just that its implementation is not easy enough for the "average" user.

mr. hogan, is it really that difficult to click the mouse on cancel or allow?

Share this post


Link to post
Share on other sites

BB,

 

It's not whether it is difficult. If you are hitting allow 99.9% of the time, do you really think that you are going to hit cancel that .1% of the time? What if the phone rings? Or you are in a hurry? Chances are you are going to mis click anyways.

 

It needs to be the other way around. The whole screen turns dark and there is a threat and 99.9% of the time, there is a problem.

Share this post


Link to post
Share on other sites

then the user is hopeless. i'm sorry, but that's the absolute truth. they should be either completely locked out so they can't change anything blindly, or they shouldn't be using a computer.

Share this post


Link to post
Share on other sites

I turned it off. It's freaking annoying. Although I only game on Vista, hardly ever surf with it. If I do hit the net I have anti-spam and anti-virus installed. :yucky:

 

I stick to Linux when surfing and emailing. :tup:

Share this post


Link to post
Share on other sites

i guess what i meant to add was is there any problems running a user account that prevents the user from installing software?

 

xp was by far the worst when it came to that, many were forced to log on as admin!

 

yes i am replying to my ow post, any answers to my question :)

Share this post


Link to post
Share on other sites

Hey Mr. binary. Yep I think it gets a little old. Also I think it's a good thing that owning and operating a computer doesn't require a license or permission from anyone. I hope it stays that way.

 

Like Kram says "it's freaking annoying." :P

Share this post


Link to post
Share on other sites

i can't disagree with that statement.

 

i think you're doing a great job with your contributions in the opinion department here. your articles have been fairly thorough and well thought out. keep up the good work.

Edited by badbinary

Share this post


Link to post
Share on other sites

i can't disagree with that statement.

 

i think you're doing a great job with your contributions in the opinion department here. your articles have been fairly thorough and well thought out. keep up the good work.

 

I agree whole heartedly, Steve is writting some good articles.

Share this post


Link to post
Share on other sites

:P Oh, oh, Now I'm worried!! I'm pretty comfortable with us all disagreeing. LOL

Thanks guys,

 

duanester, it's not that there's a problem with it. It's that configuring the user accounts can take quite a bit more time than the casual user is willing to spend. If computers are your hobby or job then it's no big deal, but for most, it's daunting.

 

BB, and I know Bruce also, recognize it as a big improvement over the security of XP and of course they are right. It makes me wonder what sort of "dumbing down department" MS has to ready this stuff for the masses, like me.

Share this post


Link to post
Share on other sites

the accounts should function as follows............

 

 

root separate from user accounts on a different partition.

 

root must be accessed from recovery console, ( this keeps the newbs out ) put up a special wallpaper saying you don't belong here, get out :P

 

must enter a password to install software apps or modify system components.

 

 

this way the admin never has to log on as admin, a password grants that individual administrative rights for one single task, this task will expire after fifteen minutes without activity, but of course it will have to function in order for it to be successful :mrgreen:

Share this post


Link to post
Share on other sites

duanester I don't think there's much going on with roots in windows. I don't think I've seen roots mentioned anywhere but in the Linux forums and at the weekly orchid society meetings. :P J/k

Share this post


Link to post
Share on other sites

fertilizer & compost added frequently will strengthen the roots, i guess a little horse crap will do as well :lol:

 

anywho this is what we see if you log on as root in suse linux Posted Image

 

not a pretty site, but it makes ya say uh oh :)

Edited by duanester

Share this post


Link to post
Share on other sites

I just hope that M$ gives the UAC a memory, like a software firewall uses, when the first service pack emerges. The premise of the security function works, but is just silly to have to give permission everytime that I want to run my defragger. :rolleyes:

 

I've been nosing around the "secpol.msc" and have downloaded the Application Compatability Toolkit to see if I can alter the UAC prompts on an application level. Gonna take some time though.

 

It just seems a shame that at this point, the UAC has 2 choices, tolerate it or turn it off.

 

:)Y

Share this post


Link to post
Share on other sites

I just hope that M$ gives the UAC a memory, like a software firewall uses, when the first service pack emerges.

 

I guess I could test that for you seeing as I have the beta installed, but that would involve turning UAC back on.

Share this post


Link to post
Share on other sites

In the email, the topic includes a question that is not including in the article itself. This question is:

"Are the Vista User Account controls more trouble than they are worth?"

 

I think the answer is obvious, and dependent upon the operator's experience level. For me, UAC has always been more trouble than it's worth. Although for most computer users with less knowledge about how malware works and gets onto their machines in the first place, UAC is probably completely necessary.

 

The author points out that "I just can't see the average soccer mom or Grammy studying this for more than about 45 seconds...". Quite true, and Grammy wouldn't understand it even if she spent a month reading it. What he doesn't mention is that as a computer geek, I spent only 5 seconds scanning it over. I can't be bothered reading and adjusting UAC for hours to do what I can do myself in seconds by disabling it and using my 3rd party AV/Anti-Spyware tools. I can also get any malware that happens to slip through in much less time than tweaking UAC takes.

 

I've said it before and I'll say it again. UAC is a total failure as is. The novice will continue to allow everything that pops up on it because they have no knowledge of what is necessary and what is harmful to their system. Or worse, they will not allow anything and make their system completely useless to them.

 

What UAC should have been in the first place is an automatic filter that distinguishes between malware and necessary software for performing tasks that the operator wants to perform. Thus, the popup would only show when malware was being installed, and make it useful for the vast number of novice users in the world. But then this would put Microsoft in the AV/Anti-Spyware business, something they've shown no competency with in the past.

 

It's ridiculous to expect people to have to be geeks to use a computer. It's ridiculous to think that the average user will know the difference between malware and legitimate software. The average user has just as much right to use a computer as someone who spends several hours per week learning about hardware/software/coding/etc.. It's not the average user who's made UAC so complicated, and thus it's not the average user who should be held accountable for not understanding it.

 

At any rate, I think the article was well written and states my own opinion of UAC very well. :)

Edited by dark41

Share this post


Link to post
Share on other sites

then the user is hopeless. i'm sorry, but that's the absolute truth. they should be either completely locked out so they can't change anything blindly, or they shouldn't be using a computer.

 

Excuse me , but that is not exactly the right approach (putting it very mildly and politely) :cr@sh:

If this is what happens to the average user then the designers /programmers/ everybody else involved need to go back to their work table really quickly with their tails between there legs!

As far as I know (and correct me if I am wrong) the P.C was invented to make the our lives (us being the users) easier...faster....

saying the user is useless is just a lame excuse for the industry not to do there jobs properly.

Share this post


Link to post
Share on other sites

I'd say it is the right approach. To truly be able to use a computer, or piece of software, you have to understand how it works What makes it tick, what makes it crap out, and the like. Most people just aren't interested in understanding them, which is why computer maintainence is so lucrative.

 

You can't drive before getting a license, and you can't drive without having a basic understanding of the laws & rules of the road, and it should be the same for computer (you shouldn't use one without understanding it).

 

Microsoft got security mostly right with Vista, Linux has had it right all along, OSX has had it right all along, so has Unix, and pretty much every operating system but OS/2, DOS, and Windows.

Edited by brandon

Share this post


Link to post
Share on other sites

Excuse me , but that is not exactly the right approach (putting it very mildly and politely) :cr@sh:

If this is what happens to the average user then the designers /programmers/ everybody else involved need to go back to their work table really quickly with their tails between there legs!

As far as I know (and correct me if I am wrong) the P.C was invented to make the our lives (us being the users) easier...faster....

saying the user is useless is just a lame excuse for the industry not to do there jobs properly.

 

i didn't say the user is useless, i said the ignorant user is useless, in fact dangerous. unfortunately this makes up a very large section of computer users. a computer can be as complex or as simple as you want it to be, that's what is so great about them.

 

the worst part is that understanding your computer isn't difficult and does not require high intelligence. some of the smartest people i've met, doctors, executives, and other very successfull people, get this 'deer in the headlights' attitude with their computers. they have this expectation that everything should work perfectly without interaction of their own. this is like trying to drive a car without knowing what the steering wheel does or the gas pedal does. really the only way to protect these people is to protect them from themselves.

 

 

 

 

edit: i just want to note that i wrote my analogy without reading brandon's first. :lol:

Edited by badbinary

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...