User Account Control is easily one of the most hated features of Windows Vista, according to readers. The seemingly endless stream of UAC pop-ups, asking you to confirm this action or that action, just get in the way (and aren't particularly zippy, given the screen redraw). Others don't mind UAC, but there's no doubt it's a controversial 'feature' of the OS. At the RSA 2008 confab in San Francisco, Microsoft admitted that UAC was designed, in fact, to annoy. Microsoft's David Cross came out and said so: "The reason we put UAC into the platform was to annoy users. I'm serious," said Cross. Cross had more to say than just that: Microsoft is going to put more emphasis on whitelisting.
Post a Comment
Member since:
2007-01-22
Fans: 0
"Hi Billy Mays here for Windows Vista! Am I annoying? Am I annoying?"
"Vista! Apply directly to the forehead! Vista! Apply directly to the forehead! Vista!"
"Here's Bob! Bob is doing well! Very well indeed... That's because not long ago, he heard of Vista, the once-a-day OS for natural male enhancement"
Member since:2005-12-04
Fans: 0
Member since:
2006-01-08
Fans: 1
First thing to be changed in Vista when I install it. (came preinstalled, but I've still had to re-install it twice since then!)
I love the way it warns you with a dialog box that it's going to request UAC.. then requests UAC.
Trying to move Start menu items around is just amazing.
Prompt - going to show you the uac dialog
prompt - uac dialog
prompt - move or copy
prompt - are you sure/ overwrite?
UAC is to vista what the fecking paperclip was to Office... a PITA and counter productive
so counter productive that you HAVE to disable it in order to be anything useful, thereby negating it's purpose... bit like banks who give you so much "security information" to remember you end up having to write it down somewhere - thus negative the point of security in the first place.
Member since:2007-05-20
Fans: 0
:) Yes I love these UAC "pre-warnings" myself. They way UAC is meant to work effectively is like this:
- Create a standard user account. NON administrative. Give it a password if you wish (optional).
- Create a password for the administrators account
- Use the standard account for doing all your everyday work.
- While working with the standard account, if administrator access is required, Vista is usually smart enough to request (via UAC) for privilege elevation asking at the same time for the PASSWORD you assigned to the administrative account. This makes a lot more sense, and gives you a moment to think what you are about to do rather than clicking an OK button like a monkey
IMHO, this should have been the default behavior. MS is probably getting there - they are just preparing the way with Vista. Probably Seven will have this much more sane system.
Member since:2005-07-06
Fans: 0
Member since:2006-02-05
Fans: 11
That is absolutely the way to do it, but here are two "additions" ;-)
On win 2k8, the Administrator account has no UAC prompts at all. This makes sense, because if you are logged in as administrator, you damn well be knowing what you are doing and why you are doing it. This app http://www.tweakuac.com/ will squelch the grey overlay prompts for administrative users, while not touching the elevation prompts for normal users.
Second tip is something I got used to in Linux a long time ago, change your admin account background to something like a bright orange/red. This helps to remind you where you are, and to do what you gotta do then get out again. I also turn off aero for the admin account on vista for the same reason.
Member since:2006-11-24
Fans: 1
You must be doing something wrong, all of you. I have Vista on a system for over a year now and I don't see UAC often. In fact 90% of the time is when I update definitions for Spybot. I just checked for you how many apps I am running: 54.
What's with arranging icons/entries..? Do you do it on a daily basis? There are people who seem to be tinkering with their wall paper, icons, etc.. all day long. Also, some people had to re-install XP all the time and I guess it is those people who have to reinstall Vista all the time.
Btw, I am a self-declared Vista hater here, but I think you guys have a serious UAC condition
Member since:2006-01-19
Fans: 0
I did not know until today, that Vista is THAT bad. I have zero experience with Vista, and always thought that it now has a clean seperation between users and admin, similar to the UNIX-like systems.
For example, if I wanted to move the START button or change the desktop background, this is an action which only affects one user, naturally admin rights are not required.
I can understand that some 3rd party software might constantly ask for privilege escalation if implemented uncleanly, but that Vista itself is inconsistent is something I did not expect.
Although I have the same order of buttons in the task bar and the same desktop background for years, I would be annoyed by this unnecessary behaviour.
Especially as it does not enhance the security, since something that constantly cries "wolf" all the time tends to get ignored after a while.
Member since:
2005-10-01
Fans: 0
UAC Proved that people don't care that much about security and would rather run as admin.
My Only complaint about UAC is the secure desktop effect (how the screen goes black and can only interact with the dialog box) It just causes too many problems, from getting in the way of what you want to do to crashing video and games when it pops up.
Secure desktop can be disabled keeping UAC mostly intact but it requires a registry edit on home versions of windows. really needs to be an option in the control panel.
the reg key if anyone cares is PromptOnSecureDesktop (change to 0 to disable) located at
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Poli cies\SysteÂm
Member since:2007-02-07
Fans: 0
Member since:2006-01-02
Fans: 7
It's also done for the opposite reason: so that no program can read data entered into the UAC Consent password box. I don't know anything about the OS X input/windowing architecture, so maybe this ability for one app to read/write to the windows tree of another app is not something Apple has to worry about.
Member since:
2006-11-01
Fans: 0
Sure its going to be annoying... how else are you going to pay attention?
I leave it on, its about as annoying as the root prompt in Linux, if you don't go in there and change admin stuff every hour. I don't see much to complain about, except that it comes up too often on simple tasks -deleting machine-wide program group should only prompt once.
Member since:2008-03-18
Fans: 0
Member since:2005-07-06
Fans: 1
Member since:2005-11-12
Fans: 3
If a hacker was to get into your machine as your user then all they need to do is do what the user does. I can do what I like on my wifes Vista machine.
If a hacker did the same thing on Linux they still would need your root(sudo) password(my wife can't do what she likes on my machine). This also goes for local security as well.
Member since:2006-02-28
Fans: 0
Member since:2005-07-01
Fans: 0
That's not necessarily true. Linux is a kernel not an OS. I'll keep saying that 'til people listen.
In Ubuntu, for example, you only need the user's password. And in some configurations of sudo, once you've entered the password you can sudo freely for fifteen minutes or more before it's needed again.
Exactly how exploitable these facts are is debatable. But a system is only as secure as it's sysadmin makes it, and most home desktops don't really have a sysadmin. The Linux distros don't always take this fact into account.
Member since:2006-01-19
Fans: 0
I would not call Vista per se less secure than Linux, as security is not inherently given in an operating system, it is a PROCESS. And Microsoft has gotten much better at providing patches during the last few years of contantly being beaten up by the crackers.
But one thing is for sure: The ratio of annoyance vs. system security is still MUCH better at all of the UNIX-like systems than with Windows.
Member since:2005-09-21
Fans: 5
No, it's much more annoying. And here's why: In linux, I need to enter my root pwd if I install software. That's it. I don't ever see it otherwise.
In vista, I see it all the time, for several reasons. Firstly, software installation and updating is decentralized, so whenever some random crappy app is updated, it has to pop up the UAC prompt. So just from software installs and updates alone, the UAC prompts are far more common than on Linux.
Then there's prompts for completely random actions that I don't even understand what you need it for. Screw around in the start menu? UAC prompt. Go into the performance monitor? UAC.
They tried to bolt on security far too late, and it's going to be really difficult to make it less annoying now. Just the fact that each app on windows has its own updating check means that you will always have far more UAC prompts on Windows than on Linux.
Edited 2008-04-12 04:39 UTC
Member since:2006-01-02
Fans: 7
Screwing around with the Start Menu engenders UAC prompts because large parts of the start menu are stored on a system-wide basis. I did a thought experiment about how one would implement this on a per-user basis with a shared system view, but I couldn't think of anything great because you'd have to merge any changes to the global start menu groups into a potentially changed set of per-use groups. I just tend to use the start menu search feature and igore the particulars of my start menu's organization.
On the reliability and perf monitor, I think it should require admin access because the program needs information about the specific Disk, CPU, and Network activity of everything on the system. Allowing untrusted users to see this information would be classiied as an Information Disclosure Vulnerability.
Member since:2006-01-19
Fans: 0
Well, how about how the Linux desktops do it (Gnome as well as KDE). They are TWO different desktops and manage to have the same menu entries no matter if you log into a Gnome session or a KDE session.
Additionally there are system-wide setings for the Start menu (changeable by root) and user-specific changes to that system-wide settings.
Therefore, when root installs a new program, the entry is made to the system-wide settings, and as no modification entry is in the user-specific setting, the new program is displayed.
It is very easy and works well. The same is done with mime-type settings (which kind of file to be opened with which application).
Quite the opposite is the reality. In the company I work for we calculate stresses and safety factors of engine parts with FiniteElement software. We need to know which machine is under which load when we start another number-crunching job. Needing admin rights just to get the information is ridiculus. I agree that priority enhancing ones process or priority changes to an other users process require admin rights, but not for getting information. Security by obscurity does not work, so why even try that approach. If the system becomes insecure when somebody finds out about it's load, network, memory and disk status, it's security is not worth much.
Member since:2006-01-02
Fans: 7
I agree that there are some reasonable scenarios where you'd want someone who's non-admin to be able to access performance statistics. Thus there exist two built-in groups on my Vista Business installation: "Performance Log Users" and "Performance Monitor Users." I haven't tested those myself, but based on their names and description strings I believe that these groups give you what you want: the ability to grant non-admin users the right to view perf data for the whole machine.
Member since:2006-01-06
Fans: 0
Member since:2006-01-02
Fans: 7
First of all, I don't exactly see what you consider to be a flaw (or how you'd design it differently). Second, I don't see your implementation of a time machine that I could use to fix flaws 10 years ago before apps took reasonable dependencies on whatever design decision you're complaining about.
Member since:2006-02-05
Fans: 11
On Vista Business, maybe, on Server 2k8, definately. But Vista Home/Ultimate?
Member since:2006-01-02
Fans: 7
If you want to grant people that right, there are ways (see my earlier response).
On the Home vs. Business distinction, I think it's general practice to keep the SKUs of an OS as similar in shared configuration as possible so that it's clear what should happen when you move from one SKU to the other (like through Windows Anytime Upgrade).
Maybe the people who own that MMC snap-in will make some tweaks to make it accessible securely to less-privileged users, but that was apparently not a priority so far (it's far more important to have something which you can later tweak given the feedback of the first version than to not have that thing at all).
Member since:2005-11-12
Fans: 3
The difference with Linux is that you get to know your password prompts and work by them, switching XP users or upgraders get annoyed with it because their not used to it.
Fact is Windows should have done this from day one and learn their users to use passwords for admin stuff, it's really that simple. If you learn something from the outset it really becomes a process like everything else but Microsoft like to nanny their users with popups rather than teach them.
Edited 2008-04-12 07:16 UTC
Member since:2006-10-08
Fans: 6
I hope it does not sound impolite, but... users don't care to learn anything. Furthermore, passwords are too complicated, you need to learn / know them (or at least look them up from the sticker placed beneath the mouse pad). Security is another concept no average user seems to be interested in. Clicking OK buttons does not provoke any intellegence based examination with a certain circumstance, it just starts a kind of "automated mechanism" - clicking the button - to continue what has been intended anyway. And I think the guys at MICROS~1 know about this habit. But I cannot imagine why they didn't get rid of something nobody wants (said UAC) and turned it into something that simply annoys the users...
Member since:
2006-02-10
Fans: 1
Member since:
2006-09-15
Fans: 0
Of course UAC was going to be annoying. Geez people, most folks using a computer haven't a clue and have been reared on the school of being able to do anything on their systems without thinking of the consequence.
UAC isn't designed for techies, it's designed for them. The ones who need constant reminding that although they can do the following system operation on thier OS, there are consequences that need to be thought of when doing it.
I'd prefer UAC than the current spate of XP spam bots that exist. Turn it off if you want but don't come winging to us when your system gets pwnd by malicious code. For the corporate world there is the sane approach where User accounts can have all UAC requests elevated to Admins. Without passwords this makes it a crap load easier for keeping the system safe from user stuff ups. Same in OS-X and Linux.
Member since:2006-04-18
Fans: 0
Erm...that's a great theory, except UAC doesn't pop up a message saying "are you sure you want to do this? These are the consequences..." It merely annoys with a somewhat generic pop up...
...here's hoping you're not a system admin somewhere, because if you believe that your system isn't going to be "pwnd" because of UAC being turned on (which has already proven to be easily turned off), you're clearly mistaken
Member since:2006-09-15
Fans: 0
If I was to admin outside of the home environment I would be utilising user accounts and admin accounts with the systems users being just that, users.
Biggest problem with UAC is that many apps still require installing in Program Files (x86) which MS seamed to require Admin access. If you change the install path to another area with User Security privileges, then UAC will not bug you as much. Vista will also not bug you as much (at least not so annoyingly) if you restrict the main User Account and setup an Admin Account. Why it doesn't install this way as default, god only knows why.
Maybe the miraculeous Windows 7 will fix all as so many seem to be hoping for (that or Linux really does gain traction). Still, when it comes to everyday computing and user experience, Linux and Windows are on the same level of being a right PITA.
Member since:2005-07-17
Fans: 0
Exactly, the real purpose of UAC is to get PROGRAMMERS to stop writing programs with sloppy security and just telling you to "run as admin" to make it go away. Mac and Linux have always been that way so programmers write safely so as not to annoy the user. Windows programmers basically refused to update from the Win98 days of do whatever for far too long.
Member since:
2006-01-06
Fans: 7
There's an easy way for experienced users to enable/disable UAC on the fly (without rebooting):
Tweak-UAC
http://www.pcworld.com/downloads/file/fid,67530-order,1-page,1/desc...
Member since:
2006-08-22
Fans: 0
Member since:
2007-04-11
Fans: 0
Member since:
2005-08-12
Fans: 1
I am not expert but its main advantage is preventing manupilation on your system by hacker after remote login. Thats why even if hacker gets full admin access (which is possible) he cant do anything without physical presence in front of desktop....
BTW isnt it same as su login? and many modern distros event dont allow root login to begin with. So each time i have to install something i have to go through su route...
Member since:2006-10-08
Fans: 6
I think that's an aspect of a growing tendency: Disabling or bypassing means of security to increase individual feelings of comfortability. Please get me right: I don't think it's a good solution to disable UAC, but it should have been implemented more... appealing? It seems that most users of "Vista" get annoyed by the way authorisation requests are performed. So maybe a better selection of where it is needed / recommended and where not would have been welcome.
Spoken by a "Windows" layman: UAC's ability to prevent the system from remote login exploits would be present if UAC wouldn't look at local interventions, wouldn't it? So it would be less annoying to the user?
Most Linux distributions come with an application called sudo. It temporary elevates user previleges in order to perform an operation. If sudo is setup correctly, no root password is needed. Any sudo operations are logged. Users who are not present in the sudo database cannot use sudo, so they cannot destroy anything outside their home directory. The su command is mostly used by root to "mulate" an ordinary user; su means "substitute identity". The "plain" BSDs have a more strict concept. Here, it's neccessary for a user to be in a special group in order to do security related tasks (with possibilities for fine differentiations of what can be done - inclusion in different groups, e. g. wheel, operator, mount, dialer enables or disables special abilities, such as mounting media, connecting to network or accessing system files or interfaces). Performing operations does not only include installation of applications, but modification of system files, too. So a sudo-enabled user account with no password would be as dangerous a a password-free root login (if it's allowed). While sudo performs the previlege elevation just for one commmand, su leaves you in administrator mode as long as you wish. To prevent the nasty habit to do everything as root (NB: Comfortablilty feelings!), many distributions do not allow direct root logins or can be configured to do so.
Examples from the UNIX / Linux world:
Ordinary user installs an application system-wide (without password):
% sudo pkg_add -r nmap
% _
Ordinary user removes does stupid things (with password):
% su -
Password:
# rm /etc/fstab
# rm -rf /home/*
# exit
% _
The means of su and sudo, as well as UAC, don't replace a good system administration layout. :-)
Member since:2005-09-15
Fans: 0
Member since:
2006-02-22
Fans: 0
Personally I don't really mind UAC â€" it's certainly better than the no security in XP, if it's annoying this is only a mild irritation compared with Vista's:
slowness
horrible overly wizard driven interface
slowness
running out of memory when opening a small spread sheet etc.
slowness
failure for the mouse to wake up after resume
slowness
The on-off-logout button
Failure to run common MS programs like MS office
Slowness
horrible blue screen
Horrific slowness when connecting to network shares / printers
and slowness
Member since:
2005-07-06
Fans: 4
Member since:
2006-12-30
Fans: 0
The real security would be being prompted to what services/programs to install at the start of the installation Win95 had that i dont see xp or vista having it.
Having an installed 90 mb xp would prove more secure than a 1 gb xp same goes for vista.
But Vista cant run my favourite win32 programs so i rather switch to reactos if i definitly gotta switch OS some day.
Member since:2005-12-02
Fans: 0
"But Vista cant run my favourite win32 programs so i rather switch to reactos if i definitly gotta switch OS some day."
Which programs by any chance? I have yet to find a program that does not run under Vista that ran under XP. I have "read" about that happening, but have not seen one myself. Please expound on it...
Member since:2005-07-24
Fans: 33
Member since:2005-12-02
Fans: 0
"Nomachine NX Client consistently locks up after 1 - 2 minutes of use under Vista."
Thanks for actually posting an app. That is something I don't use so would not see. I would report that to the software vendor, since Vista is claimed to be supported under version 3.2. Granted that was just released April 8 though, so you may not have had time to know that yet.
Member since:
2005-11-12
Fans: 3
Member since:
2006-01-20
Fans: 0
Member since:
2006-01-08
Fans: 1
to the average user, they don't care. Sure they dont' want to get virii and spyware and malware etc, but for most people this doesn't happen as they have firewalls, anti-virus and anti-spy/malware. UAC doesn't remove the need for these, and for most people, just doesn't seem to do anything except annoy people.
Myself, I have my user account (like most ppl it's the only account on my machine) - I'm set up as an administrator and I've turned UAC...
I've NEVER ever been infeced by a virus. and I don't know anyone that has. Do we really need UAC at all?
Member since:2005-09-21
Fans: 0
Niether have I, or any of my friends, but you have to remember, we probably know alot more about what we are doing than most people out there.. I never get viruses, but the people who own the computers I work on, nearly always do, because they click on anything that occupies time. where as someone like you and me, may research for whats the best trusted program/activity to occupy our time.. example...
I wanna play online poker, and that banner on my favorite warez site that im downloading porn from is waving it right in my face. Click. virus
whereas we.. would be downloading only the finest pr0n and hitting up the legit sites... or ... something like that..
people wont be bothered to do anything reasonably intelligent, because thier computer is suppost to be intelligent for them. and it probably wont change ever, so software developers will keep trying to dummy up things as much as they can to protect the user from him/herself. It hurts us geeks, but we are a minority in the buying market, and they know we could figure out how to disable it anyways.
Its a painful process to go through, but for the sake of joe.user we will suffer. But... lets hope they keep failing, because I sure do looove making insane amounts of money doing something I love because someone else cant be bothered.. I know enough not visit sites that are mischevous, close my firewall up, shut down unsafe services, but them not knowing pays oh so well.
Member since:2006-10-08
Fans: 6
You're frightening me! :-)
But then, why doesn't it work? Why is more than 90% of the email amount travelling the Internet just spam? Why are home PCs so often compromized and then working as storage points for illegal file sharing software?
Please get me right: I'd say it's okay to annoy the people you've described above if it would help to protect the Internet and its users from crap like viruses, trojans and spam.
Hehe. :-)
Member since:
2005-07-12
Fans: 0