The Engineering 7 blog continues its trend of detailing the real issues that people deal with when it comes to Windows. We have already covered their insights, usage data, and mea culpas concerning the taskbar, as well as their musings on window management. The latest entry on the E7 blog deals with a controversial Windows issue: User Account Control. The usage data has some interesting results, to say the least.
Most of us already know what User Account Control is supposed to do. It’s not only a security feature, making users aware of possible damage that programs and the likes may do to their systems – UAC is also a pressure tool to force Microsoft programmers and software houses to write software that works under limited user accounts. As it turns out, UAC is succeeding in that goal, according to the usage statistics put forth.
A little more than 70% of Windows machines (excl. servers) have only one user account (with administrative privileges). During the first few months of Vista’s availability, people encountered a UAC prompt in 50% of their sessions (with a session being a 24hr period, or the period from log-on until log-off, whichever comes first), produced by 775312 (!) applications. The data for August 2008 shows a dramatic reduction in applications triggering UAC prompts: from those 775312, to 168149 in August 2008. This means that users now experience a UAC prompt in 33% of their sessions, instead of 50%. This echoes claims from a lot of Vista users (yours truly included) that over the course of time, UAC has become a rarity on Vista.
No matter how you look at it, these are some staggering figures, showing that User Account Control – annoying, useless, and broken as some made it out to be – is really working. It’s performing its intended function perfectly. Interestingly, 40% of the UAC prompts are triggered by Windows itself. Windows 7 will make changes to reduce the number of Windows prompts even more.
Based on the data, Microsoft promises to work on the following points:
- Reduce unnecessary or duplicated prompts in Windows and the ecosystem, such that critical prompts can be more easily identified.
- Enable our customers to be more confident that they are in control of their systems.
- Make prompts informative such that people can make more confident choices.
- Provide better and more obvious control over the mechanism.
Microsoft has already done user testing with more informative and simpler UAC dialogs, and responses have been positive. Let’s hope for the best. One final note from me: do not disable UAC. Seriously. You don’t run as root all the time on Linux either, now, do you?
I am loving the windows 7 research blog. its nice feeling liek your part of the development and knowing whats going on. this was somethign that was needed in vista was to get the geek comunity on board with all the under the hood stuff and changes. having everythign walked through like they are doing is great.
now as for UAC, not only is MS rethinking it but other companies are modding it to even symantec http://www.nortonlabs.com/inthelab/uac.php ( just like the norton 2009 rewrite, actualy a decent product. though now that norton redid ther AV and 09 is good i will have to find someone else to hate out of principal, sorry mcafee. haha).
its one thing to have the user aware of system level changes but it doesnt od them any good if they dont know what it means. it would be like a doctor talking ot the family of a patient who has a complex condition and needs a complex treatment. the thought that they are going ot understand enough to truly give an informed consent is insane, such is the same with your average user and UAC. I have a lot of faith in windows 7, but until then i am looking even more forward to Windows Embeded Standard ( http://www.microsoft.com/windowsembedded/en-us/products/westandard/… )fully funtional windows, built to order, and if done right less than a 150 meg insall fully funcional. now why cant that be an option upon install to begin with… a man can dream cant he, a man can dream…
Symantec rethink something? Their proven track record is to buy someone who rethinks something – Norton, Backup Exec, Sygate, etc.
I’m with you though about the Norton branded products – their personal firewall was awful.
It’s hard to imagine Norton making anything that *isn’t* awful (well, other than Ghost).
Even removing Norton’s crap is a hassle – I’ve literally seen the uninstall process for their “Internet Security Suite” take an hour and 45 minutes (during which the computer couldn’t be used at all, because uninstalling required a reboot & the uninstall process loaded *before* / outside of Windows for some reason).
Ghost was written by Binary Research, a New Zealand company which Symantec bought out a few years ago.
What is even worse, the uninstaller never fully uninstalls it, there is always crap sprawled around the hard disk. What is even worse it is forcefully rammed, from my observations, into every single computer shipped with scare tactics employed when trying to remove. There has been a recent clamp down on ‘scareware’ – the current Norton software and the scare tactics used during the uninstall process, they should be prosecuted or atleast sued out of business.
Edited 2008-10-10 15:08 UTC
Ah, that would explain why it went to crap after the 2003 version or thereabouts (I think they replaced it with PowerQuest DriveImage, re-branded).
Yeah, that’s especially sleazy. Windows uninstallers are bad enough without “Are you sure? Cause your computer might OMG EXPLOAD!” pop-ups.
…the ideas are great and no doubt in my mind so are the people. They have fantastic charts and great presentation and are presenting a lot of data, but the question for me remains and this is because of the cynic in me…this is all great and all but are they just theorizing and thinking about these ‘issues’ or are they actually implementing solutions in to their product?
More importantly, what difference does all this blogging make to the actual end product? How fairs the Engineer to PHB ratio at Microsoft? And where is it going?
Yes that’s pretty much what I meant you just worded it better for me thanks
The people who post on that blog are more on the PHB end than on the engineering end. I think that’s a good thing, because they actually do seem pretty in touch with things.
i agree with you, thats my biggest fear. they had 6 years to collect statistics like this and there were plenty of opportunities ot in xp “would you liek to join the user bla bla bla program?”
with that being said, where was the thought process when making vista? but i am not mad at them for vista, they needed a flop to make them rethink things, make them go with this more open comunication model. it appears they have learned from this mistake.
so to anyone from MS who reads this. Don’t rush Windows 7, dont set a date and extract features or enhancements to get there. if it gets done “when it’s done” thats fine. just do it right and continue this open dialog you have going via the blog. we, the consumers, will be happy to wait for a polished product, but will be far less forgiving if the mistakes of the past are repeated. that being said, so far so good, you have my attention and i am impressed. keep it up.
I was reading a trade journal the other day where sinofsky was talking about the expectations they built up during vista development by the transparency in the communication. People expected everything that was talked about every step of the way, and felt ripped off when they didn’t get it. He said with 7 they are going to try being translucent instead of transparent, and I assume this blog is how they moved forward on that.
Don’t expect anything except high level stuff from the windows team until they are almost ready to ship. All communication is going to be about process rather then progress.
“Enable our customers to be more confident that they are in control of their systems.”
first step, get rid of product activation ones and for all…
I really don’t get when people say that UAC is annoying. For last 6 months I only seen it when installing software, nothing else. And when I hear people comparing to Linux, seriously Ubuntu anyone, writing every frecking time password! I like this new view on security where every user might be biggest idiot in world and that all software was written by those idiots and thus is bigger threat than viruses. Because thats how things are. Device that gives electic shocks to users should be mandatory in security suites, giving nice stun to idiot who loads next “Britney Spears nude” virus.
You show your lack of understanding of well Linux based Distributions in general(I’d argue Gnome or KDE), I can only assume you are making the point to others.
What is interesting is the notion that people who fall foul to nasties are the ones who are not just at fault they are painted as perverts, why is the example not an e-greeting card(very popular) or someone in your office fancies you.
but why not discuss the 26 places that Vista spys on you or terms like greyware both unique to the windows platform, or even crapware like Microsoft Office their term not mine.
I’m sure Ms. Spears is perfectly capable of passing on her own viruses, thank-you-very-much. The nude part goes without saying.
Seperated at birth? Well… maybe not:
http://tinyurl.com/3wtkkt
The fact that UAC prompts me when I want to delete a shortcut from the desktop, is precisely what’s wrong with UAC.
Passwords should be entered at UAC prompts, and MS should not try to reinvent the wheel in this scenario. Not the blind click (yesyesyesyes) at dialog boxes.
That is because you’re trying to delete global desktop icon, not your own.
then they can hide it from that specific desktop and shut up about it…
what the hell is something global doing on a personal desktop in the first place?!
Probably because you installed the application for all users to use.
Not that I like desktop shortcuts at all. Or installers. I hate installers. I’m going to kick someone now.
What a poor concept. Sad ..
The fact there is anything like a ‘global desktop icon’ is utter and insane bullshit. The people who made windows able to handle multiple users should be put to a wall and shot. It’s simply the most horrible implementation of a multi-user OS one can imagine.
But then again, there are lots of things in windows someone would almost commit suicide for… Working with it is a constant horror. (sorry, but after another almost-full day at work, using XP-something, that’s how I feel).
From the sucky windowmanagement to the horrible start menu (how can anyone find anything in there?) or the totally inconsistent and unexplainable behavior of the applications (ESP the MS ones like in Office). Blegh.
If I didn’t smoke already, I would after a few days with Windows. It is amazing how other people ever got used to it – when I ask, they go like “well, there is nothing you can do about it, get used to it”. Boy, with that attitude, humanity would’ve never gotten past the stoneage. Yet it’s the only way of surviving a working week behind a Windows PC.
(again sorry for spewing this frustration but I’ve just been shitted upon by Excell who decided it was time to clear my clipboard with important data for no apparent reason)
(again sorry for spewing this frustration but I’ve just been shitted upon by Excell who decided it was time to clear my clipboard with important data for no apparent reason)
I can understand and sympathize with your frustration, but Clipboards are not a place to store important (and unique) information for a longer period of time. Certainly not on Windows. Although Windows XP SP2 is far from bad in the crash department.
I have to work on Windows at my employer too. [CTRL] + [S] has become second nature to me in MS Office applications. So much so, that I even give OpenOffice.org under GNU/Linux the same treatment. On Windows it is Save Early and Save Often…
“The fact there is anything like a ‘global desktop icon’ is utter and insane bullshit. The people who made windows able to handle multiple users should be put to a wall and shot. It’s simply the most horrible implementation of a multi-user OS one can imagine.”
Care to explain your position? My wife and I use both our laptop and desktop with two separate accounts. We love fast user switching, and have had no problems with our separate user accounts. Perhaps you could back up your bluster with some facts?
With just two users it won’t bite that hard. But see my comment to Thom – in a corporate environment, it’s messy. Very messy. At least XP does a horrible job at clearly separating the useraccounts. I’ve heard Vista does a better job at it – but then again, imho it’s a fundamental design issue if this CAN go wrong at all.
The whole multi-user thing feels like the result of spaghetti code to me. Some things change, others don’t, it’s not consistent. But then again, multi-user is rather new to MS, and windows wasn’t designed for it – apparently. Just like it still sucks at multitasking.
Oh? I think administrators who control hundreds, maybe even thousands of machines, are pretty happy they have the ability to control shortcuts for ALL users in one convenient place – but that might just be me. Who knows, maybe they prefer to control them user-by-user, that might just be my ignorance.
Soms moet je even verder kijken dan je neus lang is
.
It’s not just the shortcut thing. It’s the way things one user does influence other users on the system. If I install software as root on a linux system, it becomes available for all users as well, so that’s not such a weird thing. But I have used windows systems at quite a few different companies (part of my trade – management consultant, so I work in many different companies) and everytime I’m amazed by the differences between different physical computers. No two computers behave the same, even if I log in with my own user account. Things like the standard search provider in Internet Explorer – or even the standard browser – I have to set it every time I work on another pc. I get weird, new icons in the systray, different toolbars in IE, language settings and shortcuts change all the time. WTF. Separate user accounts? Hell, no. It’s a big mess.
This bites hardest with flexible workplaces (as is the case in the company I work at right now). PPL want to sit at the same place because at least their computer doesn’t change behavior all the time. Kind’off defeats the whole idea of flexibility…
Ook als je langer kijkt dan je neusje lang is blijkt dat het een rotzooi is
Agreed. I haven’t seen any annoying UAC prompts with any of the apps I use. I get an occassional prompt with Directory Opus (best file manager in the world), but that’s only when I am manipulating a system file or something. But that’s a hell of a lot better than Windows Explorer. See here for an example of what I’m talking about:
http://nudel.dopus.com/opus9/page4.html#vistauac
It’s pretty bad when 3rd party apps are less annoying in this regard than the ones bundled with the OS. I even get prompted when I bring up the date & time settings from the task tray. I didn’t know that was a huge security risk
Ummm, no. Do that and I will most certainly turn it off. The trick is to make sure the system prompts intelligently, not to annoy the hell out of the user even more with password prompts. I hated it on Linux, and I’d hate it on Windows.
Edited 2008-10-10 05:30 UTC
The trick is to make sure the system prompts intelligently,
With this I agree. Sensible prompts serve as a reminder that something significant is happening.
I don’t believe UAC is all that intelligent in this regard, though. I agree with the OP. A prompt for system access, which stores the admin password, and then makes it an OK button click fest, does nothing to make the user aware of the implications of his actions. It is just another click-click-click action in the sea of such dialogs, which compromised security on Windows many times before.
not to annoy the hell out of the user even more with password prompts.
Depends how the password prompts are implemented. On most GNU/Linux Distro’s this is done very sensibly. When then actions of a normal user move out of the home directory, there will be a password prompt. It is a very good reminder that something system wide is happening.
I hated it on Linux, and I’d hate it on Windows.
Don’t know which Distribution you were on that it made you hate it, but I’ve never found the password prompts annoying. The only times I see them is when I want to install software (with Synaptic this is a one time action per Synaptic session) or when I want to change settings which have system wide implications.
I agree that password input boxes in the current UAC implementation would drive people up the wall.
Even if done sensibly, I’m not going to be very happy if I have to type in a damn password instead of click OK. Even if it doesn’t pop up that often, it’s an insult to my ingelligence. Basically, it’s saying, “We think you’re too stupid to actually READ a dialog if we just give you an OK button, so we’re going to prompt you for a password instead.” Of course, this isn’t going to help the stupid people whom this was intended to serve, as many would just blindly enter the password, as they now just blindly click OK.
But if you’re going to do the password thing by default, at least let there be an option somewhere so that power users can turn it into an OK dialog. It’s either that, or we’re just going to turn it off completely (as many already do with UAC), so might as well go for the lesser of 2 evils
More like saying “you’ll have to verify your identity again, as the actual legit user might have gone to have a coffee”.
And that’s only because your user is being trusted enough to not be asked for the root password, thanks to the sudoers rules.
You could also override the password prompt for certain commands executed by certain users, if convenience is above security concerns.
This is precisly what is wrong with developers, using global shortcuts. All shortcuts should be personal, only global should be list of those shortcuts so when you create new user they all appear on them. I would guess this kind a system doesn’t exist Vista, which points that Microsoft failed to bring purely personal desktop experience.
Why oh why, I mean if I already logged in to system it should know it’s me and not ask my password. I have over 20 char password usually, how user friendly is that.
Why oh why, I mean if I already logged in to system it should know it’s me and not ask my password.
Not quite. If you care about security (and you password length suggests it), when you log in, you should be a normal user and not an admin. Then it is perfectly normal for the system to ask for your admin credentials if you try to reach beyond your normal user privileges.
I have over 20 char password usually, how user friendly is that.
This is of your own volition. You could bite the bullet and enter it or you could be more lax with the length. It does illustrate though, that the current UAC is broken. If entering a password in UAC seems daunting, the system asks for permission too much. If it were designed properly, it should only bug you for important stuff when you move out of your user area.
How would it know it’s you and not soma malicious program that is running in your session?
Malicious programs running in your session can’t dismiss UAC dlg boxes (whether they require a password or merely a click of a button) because UAC dlg boxes run in their own session.
I guess there is a perk with being gay – when ever I see ‘nude [insert female name]’, my instant reaction is ‘eww yuck’ and delete it instantly
Yes, I do support remote shock therapy. I also would like to see a total ban on Incredimail as well – and people who attach multimegabyte files to their emails and not telling the receiver in advance.
Edited 2008-10-10 15:18 UTC
So it’s only the users fault?! Come on! An overly complex and bad architected systems like Windows is the main problem here! UAC is only the duct tape so they can blame users.
Umm … not in Windows Vista 64bit. Every time I need to launch visual studio? I need Admin rights. What about playing zoo tycoon 2? Or Spore? Admin rights.Dreamweaver? Admin rights.
WTF Microsoft, get your crap together. Vista does not “learn” in any way shape or form. It keeps asking the same d*mn question for the same d*mn application every d*mn time.
You do not need admin rights for any of the things you mentioned, except possibly zoo tycoon (never tried it). If you are getting elevation prompts, something is very wrong.
“You do not need admin rights for any of the things you mentioned, except possibly zoo tycoon (never tried it). If you are getting elevation prompts, something is very wrong.”
Actually Dreamweaver, depending on the version, does require admin rights. As scary as that may seem…
Well, I have cs3, and it launches fine without them.
If it didn’t, I would do something like this.
Admin Tools-> Manage Computer -> Local Users and Groups -> right click groups -> New Group… -> Call it Dreamweaver Users
Right click the new group -> Add Users To Group -> put in my user name -> ok out of everything.
Right click dreamweaver directory -> properties -> security -> edit -> add the Dreamweaver users group and give them full control -> ok out of everything
I don’t find this particularly difficult, but I have used windows for awhile now and I tend to pick up how operating systems work fairly easily. I would consider these steps outside the reach of the average person.
“Well, I have cs3, and it launches fine without them.”
CS3 doesn’t have the issue. That is why I mentioned versions. Some of the older versions actually store stuff outside of that directory.
For an app that is fully contained in one directory..yes, that is the way to do it
I agree
It’s called Vista 64bit, SP1 .. Never had the problem with the non-sp version of Vista 32bit.
is this a clean install? if you did an upgrade maybe some security stuff got borked.
I have vista ultimate 64-bit sp1 (technet plus FTW
) and I dont get prompts for studio, spore, or dreamweaver, and I do not need admin rights to make them work.
No upgrade. Upgrades from Microsoft is like Lindsay Lohan, nothing but disease and a mess… never a good thing.
Here’s something someone should have asked – the blog cites -actual- UAC numbers… how did they get them?
As far as I remember (and it’s been a long while since I worked w/ Vista, so correct me if I’m wrong) the UAC dialog box doesn’t include “report problem to Microsoft”. (And/or an option to disable this “feature”)
– Gilboa
If you had read the article, you would know the answer.
I -have- read the article.
I must have missed something.
Could you please refer me to the actual explanation.
– Gilboa
Sure. Here you are:
Edited 2008-10-10 07:56 UTC
Thanks for the quote, I saw it… I assumed that the blog will include far more specific information as for how the numbers were collected.
Beyond the obvious privacy issues (I am a Linux developer / user but also a Windows 2K3/8 developer / user and I am concerned about possible automated “call-home” systems) – the method used to gain the numbers also has huge bearing on the actual quality of these numbers and the quality of the information obtained by analysing these numbers.
– Gilboa
From the article:
“No matter how you look at it, these are some staggering figures, showing that User Account Control – annoying, useless, and broken as some made it out to be – is really working. It’s performing its intended function perfectly.”
I mean… when has Microsoft ever failed at annoying the hell out of their users?
In response to the poster complaining about un-deletable desktop icons and the person who responded to that claiming that they’re “global”:
I have had the same problem, only while trying to delete entries from the start menu instead of desktop. Why the HELL does the OS and applications for it create so-called “global” shortcuts, which are in a totally different location and off-limits compared to the user-specific ones, and mash them together to the point where–to the user–there appears to be no difference whatsoever?
Even if you know the difference, it can get confusing. Good luck sorting those out, moving them from “global” to “user” and vice versa, and getting them organized in a sane way–especially if you’ve got multiple user accounts set up besides the usual Admin-privileged account. These “global” shortcuts should be reserved for truly system-wide programs deep down in the OS (ie. typical desktop applications should place any shortcuts in each user’s directory, which can be modified by them).
Never mind the “install for current user” and “install for all users” and all that crap, plus the fact that some installers support one but not the other or both. Windows’ software installation system (if you can even call it that, considering virtually every application has its own method, defaults, and installer) is a train wreck.
UAC is just more of the same… a Band-Aid to fix the boo-boos from outright stupid design decisions from an era long gone, instead of a proper fix. And a dumbed down one at that… anyone who thinks clicking “OK” for the millionth time in a day to poorly-written and too-frequent error messages, instead of actively thinking and typing out their admin password has been brainwashed by Microsoft’s so-called “ease of use” propaganda. Sure, requiring a password is an option, but why not default? Leave it to Microsoft to try to make it “easy” by sacrificing the user’s data and computer by default.
Great little rant, but how do you, then, explain the fact that UAC is actually WORKING? As in, DRAMATICALLY reducing the number of applications that require it?
I too believe that Microsoft really made one bad decision after another when it comes to NT, totally squandering its potential – but they’re trying to fix it, and apparently, it’s working.
Edited 2008-10-10 07:55 UTC
Yes, of course it works. It’s just how it works. It clobbers the user with incomprehensible messages and it does it too often for stuff that shouldn’t require such a prompt anyways.
The improvements with UAC aren’t in the user area, as the blog mentions, but vendors scrambling to get their products to be less annoying on Vista. That is not really an improvement in my book, because UAC still teaches home users to just click yes and not bother why they are doing it. In other words, malware doesn’t have to spoof UAC prompts, it just needs to invoke a real UAC prompt and have the majority of user click it; as they still do being used to the dialog jungle.
Before UAC becomes significant, as in really alerting users of something “fishy”, it will take a long time of cleaning up Windows’ crufty user space and the applications running on top. Even when UAC warns only about the important stuff in a few years, it will take significant time for the effects of dialog fatigue to subside enough for home users to even take notice of a Windows dialog. So in regard to protecting average users, UAC in Vista has failed.
The sadly-amusing thing is that, shortly after OS X came out, many Windows advocates lambasted it for encouraging “authentication fatigue” (aka, exact the effect that you described).
The vast majority of people are not installing applications every day, or doing system wide config changes. There is a certain class of user who do not use their computers for work, but instead just constantly install and configure things, but those are not your typical home user. I work with studio 2k8 in vista business all day every day, and i see a uac prompt on average about once a week.
The only problem with the prompts are applications which do not conform to standards that have been around for almost a decade, and store user specific configuration files in system directories. It wouldn’t be so bad if windows had a simplistic security system like unix, but ACLs are not exactly something home users can just figure out on their own, so they aren’t really able to grant themselves access to those folders.
Maybe that’s because there’s absolutely no reason why you would *need* to run as root all the time in Linux, since there have been proper privilege escalation tools available in the UNIX world for at least 20 years now?
UAC is a band-aid solution to a problem that shouldn’t have existed in the first place. And now, thanks to their lack of foresight and need to maintain backwards compatibility, Microsoft is pretty much stuck with it.
I used to complain about all the silly hoops that you had to jump through in order to run 2k or XP as a non-admin user (E.g., can’t use Run As on a Control Panel applet directly, but it works if you make a shortcut to it). But UAC has been infinitely more obnoxious in every experience I’ve had with Vista.
Stupid. Most users simply allow everything everytime, just to see the damn dialog go away as quickly as possible. After a while, if you allow everything, the dialog comes up less frequently. Is that really the intended use ? I doubt that.
Gee, you really believe everything Microsoft blogs about?
After so many years of Microsoft consistently proving that they don’t care about their customers at all, you still fall for their bs?
No, but when I do, I don’t get any stupid prompts and I’m in control of my system.
I only enter my password once and then I go about my administrative work.
You try to do that on Vista and you get blasted by endless UAC prompts until a brink of insanity.
Edited 2008-10-10 18:15 UTC
All I know is that the people managing the Windows 7 team are not the people who managed the Vista release disaster. Sinofsky, and Green too, are people who have a track record of getting things done, and delivering on promises.
You can’t reduce a 70000+ employee company to one entity. That’s rather simplistic.
And, as the financial crisis is showing us once again – past results are not necessarily indicative of future results. This goes both ways.
People, please refrain from posting useless “+1 insightful” posts. I will remove them anyway.
Whilst you’re at it, why don’t you also ban those people who moderate but never reply to the post which they moderated.
Anyone notice the trend on this story; bash Microsoft and get plenty of points, show the flaws in end user education and there are idiots screaming and moaning over ‘design issues’ they know nothing about.