Vista and Windows 7 - reactions

[raven1001]

I promptly disable UAC after a OS install, sure its great for those that are not so knowledgeable when it comes to PC security.

[dangel]

I promptly disable UAC after a OS install, sure its great for those that are not so knowledgeable when it comes to PC security.

And why, on Windows 7 would you do that then?


Just asking the question, as a developer who's made all his software UAC compliant because he happens to believe it's a bloody good idea.

[Splash]

I also run without a firewall, any form of antivirus, password protection, encryption and backups because I know what I'm doing. I leave my front door unlocked, don't bother wearing a helmet or using lights when I ride my bike, see no need for traffic lights or the emergency services or satellite navigation, the ministry of defence or... I think you get the picture.

[j.o.s.h.1408]

I also run without a firewall, any form of antivirus, password protection, encryption and backups because I know what I'm doing. I leave my front door unlocked, don't bother wearing a helmet or using lights when I ride my bike, see no need for traffic lights or the emergency services or satellite navigation, the ministry of defence or... I think you get the picture.

haha lol. i hate the UAC. annoying as hell

[lodore]

why do people hate UAC?
I have got used to it.
there is alot less prompts than there used to be.
I think its mainly because applications are now designed for UAC.
people dont complain about sudo prompts on linux yet complain about UAC on vista why?
I use a standard user account.
as stated above finaly microsoft finaly got the idea right. the problem is that alot of devopers still expect everyone using windows to have admin rights. thats why somepeople get alot of UAC prompts. the fault of the program and not a fault of Microsoft.

btw some applications still need improving. such as opeoffice preview in webpage opens IE7 with protected mode off.
not sure how much rights it has.
sometimes when installing programs the help file at the end opens IE7 with admin rights.

Best Practices for Developing for Windows
Standard User its a video from PDC

[Splash]

haha lol. i hate the UAC. annoying as hell

As annoying as finding out that because you run your browser with root level privileges an ad-banner served on a site you trust has sneakily rooted your machine? How about that USB key that used a cleverly disguised prompt to get you to "open folder to view contents" yet secretly infected your PC?

People dislike UAC for the same reason that they dislike not running as Administrator for day to day use: because they don't understand the security implications. The most amusing part is that these are the self same people who say that they can do this because "they know what they're doing". I WANT to know when something is trying to make a system level change to my system - it's not often it happens and if it's while I'm setting up an application I'll choose to allow it. I have my firewall setup the same way - I want the prompts and the choice rather than just blindly assuming I want to allow an application access to my network.

[format]

The UAC in W7 is massively improved IMO, the prompts are so few are far between that it doesn't bother me at all

[dangel]

people dont complain about sudo prompts on linux yet complain about UAC on vista why?

Years of indoctrination by MS - run as admin, everything as admin.

I have my firewall setup the same way - I want the prompts and the choice rather than just blindly assuming I want to allow an application access to my network.

That's quite a good analogy - turning off UAC allows every application absolute acces to your whole system.

I do know what i'm doing - i'm paid for it - and yet i run with UAC on *unless I absolutely have to turn it off*. All my home PCs have it firmly on and I hardly see any prompts (and that's on Vista, let alone W7). If you're seeing LOADS of prompts it's crap software or you just need to change your (bad) habits somewhat.

[j.o.s.h.1408]

As annoying as finding out that because you run your browser with root level privileges an ad-banner served on a site you trust has sneakily rooted your machine? How about that USB key that used a cleverly disguised prompt to get you to "open folder to view contents" yet secretly infected your PC?

People dislike UAC for the same reason that they dislike not running as Administrator for day to day use: because they don't understand the security implications. The most amusing part is that these are the self same people who say that they can do this because "they know what they're doing". I WANT to know when something is trying to make a system level change to my system - it's not often it happens and if it's while I'm setting up an application I'll choose to allow it. I have my firewall setup the same way - I want the prompts and the choice rather than just blindly assuming I want to allow an application access to my network.

i have never had those issues or problems on my win xp. infact i have NEVER in my life have thsoe issues as i am not dumb enough to go on dodgy websites, click on random files or put in any usb stick on my pc either.

No i dislike UAC because its bloody annoying. not because of its security feature ., its because its down right annoying. i know what im installing and clicking so i dont need no UAC rubbish to warn me. i have lived without it from windows 3.1 so i can still live without it now. if you know what your doing you dont need this UAC.

When i did have UAC on for a while i still clicked yes yes and yes to the stupid popup window.it really doesn't protect me from anything as i would simply click yes on it anyway

[Splash]

i have never had those issues or problems on my win xp. infact i have NEVER in my life have thsoe issues as i am not dumb enough to go on dodgy websites, click on random files or put in any usb stick on my pc either.

No i dislike UAC because its bloody annoying. not because of its security feature ., its because its down right annoying. i know what im installing and clicking so i dont need no UAC rubbish to warn me. i have lived without it from windows 3.1 so i can still live without it now. if you know what your doing you dont need this UAC.

When i did have UAC on for a while i still clicked yes yes and yes to the stupid popup window.it really doesn't protect me from anything as i would simply click yes on it anyway

So for instance when you go to w trusted website that is serving banner ads, and the host of the ads has been compromised - knowing what you're doing protects you there does it? "Knowing what you're doing" prevents you from being exploited by a 0-day vulnerability before you read about it?

I'm sorry Josh, but your final paragraph shows just quite how much you don't "know what you are doing". You may disagree, and you probably think I'm being offensive but you're introducing unnecessary risk to your system because of the way that you are using it, and not making use of the tools given to you to help reduce that risk. The sad thing is that you won't know about the drive-by malware that just installed on your PC until your bank gets cleaned out, and you could have stopped it just by receiving a single popup and thinking "hmm, I'm not aware that anything should be making changes to my system - perhaps I should deny that or investigate further?"

The Windows 3.1 security model was... well, pretty nonexistent. But you also probably didn't have your Windows 3.1 machine permanently connected to the internet, did you? Just because you didn't need something in the past does not mean that you don't need it for the future.

Anyhoo, I'm taking this thread *way* offtopic (for which I sincerely apologise) - I'll start another thread for this discussion.

[dangel]

The question is, what are you doing *all the time* that means you get prompted so darn much? And then.. why?

[j.o.s.h.1408]

So for instance when you go to w trusted website that is serving banner ads, and the host of the ads has been compromised - knowing what you're doing protects you there does it? "Knowing what you're doing" prevents you from being exploited by a 0-day vulnerability before you read about it?

I'm sorry Josh, but your final paragraph shows just quite how much you don't "know what you are doing". You may disagree, and you probably think I'm being offensive but you're introducing unnecessary risk to your system because of the way that you are using it, and not making use of the tools given to you to help reduce that risk. The sad thing is that you won't know about the drive-by malware that just installed on your PC until your bank gets cleaned out, and you could have stopped it just by receiving a single popup and thinking "hmm, I'm not aware that anything should be making changes to my system - perhaps I should deny that or investigate further?"

The Windows 3.1 security model was... well, pretty nonexistent. But you also probably didn't have your Windows 3.1 machine permanently connected to the internet, did you? Just because you didn't need something in the past does not mean that you don't need it for the future.

Anyhoo, I'm taking this thread *way* offtopic (for which I sincerely apologise) - I'll start another thread for this discussion.

no your not being offensive and your right in a way. your saying this UAC is more effective then a anti virus and firewall? i know of some people that dont even have a anti virus system and laugh at me whenever i say i use one. what about windows xp. That never had a UAC yet you, me and others have safely gone without this UAC throughout using xp.

[kalniel]

your saying this UAC is more effective then a anti virus and firewall?

They all do different jobs. Firewalls stop communications. UAC prevents programs from working outside of their designated environment (for example, to initiate communications or to alter other files), and Anti-virus attempts to prevent programs themselves from coming onto your computer in the first place/actively remove malicious programs.

In an ideal world anti-virus software would be the most effective solution - if no malicious programs or scripts are ever allowed to run (or even onto) your computer or network then you wouldn't need much else.. but it's too much to ask that they cover all the possible ways of getting something malicious onto your computer or that they detect every possible peice of malicious software out there, hence why UAC is a good next defense, as it prevents malicious programs from doing more damage when they are on your computer. Firewalls act as a third defense in stopping communications, for example data to/from a malicious program or attempts to discern routes into your computer to put malicious code there in the first place.

[Splash]

no your not being offensive and your right in a way. your saying this UAC is more effective then a anti virus and firewall?

No, I'm saying that it's part of a layered security strategy that will help keep you safe when used appropriately.

i know of some people that dont even have a anti virus system and laugh at me whenever i say i use one.

In which case they are idiots.

what about windows xp. That never had a UAC yet you, me and others have safely gone without this UAC throughout using xp.

...I'm intrigued by your use of the word "safely". I'm guessing (as I have no stats that I can use - if anyone has any to hand) that a large percentage of the suspected 10 million Conficker botnet (http://www.f-secure.com/weblog/archives/00001589.html) are XP boxes. There are probably a number of Vista boxes too, but I'd wager that they have UAC disabled.

I'll try to find stats as the afternoon goes on, but those 10 million are certainly not "safely" using whichever OS they're using.

Anyhoo - I created a new thread for this - if a mod could move the relevant posts that'd be awesome and this one can get back on-topic.

[Zadock]

I'm intrigued by your use of the word "safely". I'm guessing (as I have no stats that I can use - if anyone has any to hand) that a large percentage of the suspected 10 million Conficker botnet (http://www.f-secure.com/weblog/archives/00001589.html) are XP boxes. There are probably a number of Vista boxes too, but I'd wager that they have UAC disabled.

I'll try to find stats as the afternoon goes on, but those 10 million are certainly not "safely" using whichever OS they're using.

I've dealt with a couple of connficker incidents for friends now, both were on XP boxes... not that that provides any statistical evidence!

In terms of windows 7, I haven't noticed any difference with vista the UAC interupts just as much as ever which isn't very often.

On reflection I spent a lot more time worrying about security on XP than I do on vista. I've had no malware or spyware to speak of since I moved to vista. I don't think my browsing habits have changed (perhaps I cut back on the pRon ). My Eee on the other hand, which is running xp, tends to pick up one or two dodgy cookies.

[dangel]

In terms of windows 7, I haven't noticed any difference with vista the UAC interupts just as much as ever which isn't very often..

The big one is that UAC has 'levels' (rather than on/off) which by default means it doesn't prompt you when you change system settings via the control panel (the downside is that this is effectively a security hole).