Is UAC really needed ?

[Milhouse Van Houten]

As for now, developers are grasping with what Vista releases have done to
the standard installs. For example of the hassles of installing true
Vista programs, even for seasoned developers, install Adobe Reader 8.0
Vista and watch what happens. To avoid its hassles, try then an install
by invoking XP SP2 compatibility mode, and all the hassles dissappear.

I just happened to read about that today here:
http://www.extremetech.com/article2/0,1697,2104588,00.asp

It says that there's a problem with installing 8.0 with UAC *off*, and the
fix is to install with it on! Though it also describes what you mention, so
I guess you're damned either way. I happened to install it with UAC on but
using "Run as administrator," and it worked fine.

I'd be interested to know what was meant a few posts up, when someone said
that "some older programs don't work because registry and file
virtualization work differently with UAC off."

What programs are broken with it turned off assuming they were installed
with it on?

 

[Ronnie Vernon MVP]

NotMe

If you have a program that is behaving like this, it needs to be updated to
make it Vista compatible.

I rarely see a UAC prompt anymore and all of the developers out there are
working to make their software compliant. It won't be long before you
realize that you very rarely need to click that UAC prompt.

Being able to flag a program to always run as admin, automatically, is a
really bad idea. This would be inviting any malicious code to piggy back on
that program and have complete access to your computer.

You'll understand what UAC is all about the first time that the screen dims
and that prompt pops up when you are simply reading an article on the
internet and says that bigbadtrojan.exe wants to access the system, do you
want to continue?

 

[Not Me]

And I thought that was the purpose of things like Windows Defender,
Spybot/TeaTimer, Norton/McAfee (et al) Security suites & AntiVirus software.
For many MS programs & my AV software to require permission to run seems
like overkill to me.

 

[Stephan Rose]

None. Per Microsoft itself, UAC is the first layer in multilayered
security configuration by removing admin as the typical user, you can
have a 'weak admin' now as standard user.

If you turn it off, you still have the other layers, but each layer is
then labored with having to troubleshoot issues UAC could avoid, i.e.,
installing potential rouge software.

Currently, few full Vista apps exist, and the UAC is invoked in most XP
programs running in Vista, thus annoying. You can turn it off for now
until more full Vista compliant versions are released.

As for now, developers are grasping with what Vista releases have done to
the standard installs. For example of the hassles of installing true
Vista programs, even for seasoned developers, install Adobe Reader 8.0
Vista and watch what happens. To avoid its hassles, try then an install
by invoking XP SP2 compatibility mode, and all the hassles dissappear.

Yea I am still trying to figure out what or if I will have anything to deal
with in my software with regrads to Vista. Don't have a Vista test system
at this moment. I am wondering what all this software is doing to trigger
prompts.

Is it just at install time or also when you actually use the software?

Seeing how any software I write is always just a single exe that does not
even look at the registry or touch anything system-specific, I am hoping
that I won't have any issues to deal with in my code. It always amazes me
how developers manage to write apps with 100 dlls that fill a friggin DVD.

--
Stephan
2003 Yamaha R6

å›ã®ã“ã¨æ€ã„出ã™æ—¥ãªã‚“ã¦ãªã„ã®ã¯
å›ã®ã“ã¨å¿˜ã‚ŒãŸã¨ããŒãªã„ã‹ã‚‰

 

[Guest]

Utter f**king crap.
you say that in the future UAC will rarely pop up due to software being made
compliant wuth Vista.
Then why the f**king hell does UAC ask for a prompt to let ME into system
restore, etc, ?
You are just a microsoft stooge.
defender and UAC is out of my system, and it works fine.

 

[Joseph Johnson]

I just happened to read about that today here:
http://www.extremetech.com/article2/0,1697,2104588,00.asp

It says that there's a problem with installing 8.0 with UAC *off*, and
the fix is to install with it on! Though it also describes what you
mention, so I guess you're damned either way. I happened to install it
with UAC on but using "Run as administrator," and it worked fine.

What that demos is if we can expect glitches with Adobe's powerhouse
programming skills, imagine noobs.

In another thread on this group, their is a minor issue with Grisoft AVG
7.5 claimed Vista ready, which has installed flawlessly in both XP and
Vista. Several days later after virus definition downloads, UAC messages
start appearing and Grisoft FAQ recommend reinstalling AVG again, but
only in Vista.

Having installed 3 claimed Vista ready apps to date, only one was
glitchless, Truecypt V 4.3

I'd be interested to know what was meant a few posts up, when someone
said that "some older programs don't work because registry and file
virtualization work differently with UAC off."

Vista writes to the registry through a new API which allows for the UAC
level user. By default, XP apps write at the Admin level thus violating
the UAC user priveleges.

What programs are broken with it turned off assuming they were
installed with it on?

For Adobe, it appears its the install program, and watching it
'register' programs over the old way to install, and the time it took is
a look into the future of other apps.

 

[Joseph Johnson]

Yea I am still trying to figure out what or if I will have anything to
deal with in my software with regrads to Vista. Don't have a Vista
test system at this moment. I am wondering what all this software is
doing to trigger prompts.

Is it just at install time or also when you actually use the software?

Most of it is 'registering' components, like dlls into Vista. Vista
compliant apps have to 'sign' all the components of its software with the
registry so if a rouge application overwrites those apps, it can be
detected.

Seeing how any software I write is always just a single exe that does
not even look at the registry or touch anything system-specific, I am
hoping that I won't have any issues to deal with in my code. It always
amazes me how developers manage to write apps with 100 dlls that fill
a friggin DVD.

A single exe should be no problem, in theory your app is Vista problem free
but 'not' Vista enabled. A legit vista install app will register your exe
into Vista. I run gmplayer as a stand alone exe for example, and it
creates no issues, and requires no installation.

 

[Chris Barnes]

if a virus and malware tries to install and take over then you MAY (its not
sure that you will) get an UAC window.

MS itself does not say that UAC is a good protection.. but it MAY help in
some situations....

I personally hate it and turn it off!!!

its a stupid idea implemented in a even more stupid way. See my
"lets do the math" post to understand what I would like to do to
the person who thought of it.

I would say it's a good idea implemented badly.


Asking before programs INSTALL is a good thing.
Asking before programs run for the first time is a good thing.

Asking about the same program that is run every single day is just tiresome.


I turned it off as well. For a brief while, I was running the TweakUAC
program to turn it off for just "Administrators", but then I realized
that every user on my machine is an administrator. So I just turned it
off completely.

 

[Chris Barnes]

"If it can't give you the option to 'always allow', it needs to go
away."
No, what needs to happen is for the software manufacturer to write
secure code without needing Administrator access when not necessary.
If you have that much noncompliant software,

??

Right click on Computer and select Manage (to do a meaningless task like
add a user, format a new disk, etc) generates a UAC message.

Is Vista non-compliant?

 

[Stephan Rose]

Most of it is 'registering' components, like dlls into Vista. Vista
compliant apps have to 'sign' all the components of its software with the
registry so if a rouge application overwrites those apps, it can be
detected.

Ahh yea that I don't do any of. Since I write cross platform code I
can't even have any DLLs. That would be a nightmare to deal with!

I do use a 3rd party library to abstract the OS but it is statically
linked and has no DLL dependancies.

A single exe should be no problem, in theory your app is Vista problem free
but 'not' Vista enabled. A legit vista install app will register your exe
into Vista. I run gmplayer as a stand alone exe for example, and it
creates no issues, and requires no installation.

Well that's the installers problem then, not mine. In which case I
figure the latest version of Install Shield is will do that correctly.

Thanks for the info, I appreciate it.

 

[Kerry Brown]

??

Right click on Computer and select Manage (to do a meaningless task like
add a user, format a new disk, etc) generates a UAC message.

Is Vista non-compliant?

In any secure OS you need to either use an account that has system
privileges or elevate your existing session to make system changes like
adding users or any other system wide change. UAC is Vista's way of
elevating an account. In Linux you would use su or sudo. I don't know of any
secure OS that would allow you to add a user without having admin
privileges. In a secure OS getting admin privileges normally involves a
prompt of some kind. If it doesn't it's not secure.

 

[Kerry Brown]

I'd be interested to know what was meant a few posts up, when someone said
that "some older programs don't work because registry and file
virtualization work differently with UAC off."

With UAC on writes to protected areas of the registry and file system by
programs are redirected to a virtual store in the user profile. This allows
some older programs to work. The system areas of the file system and
registry are protected by restricted ACLs. With UAC off the virtual store is
not used. Writing to the system areas of the file system or registry may
fail unless the ACLs are changed to allow this. This will cause the program
to fail. Changing the ACLs will drastically lower the security of the
system. If you really need to use older programs that can't deal with this
then leave UAC on and use compatibility mode for the program or go back to
using XP. Vista is very different from XP. UAC is an integrated part of the
security. Turning it off can have unexpected consequences.

 

[Chris Barnes]

In any secure OS you need to either use an account that has system
privileges or elevate your existing session to make system changes like
adding users or any other system wide change. UAC is Vista's way of
elevating an account. In Linux you would use su or sudo. I don't know of any
secure OS that would allow you to add a user without having admin
privileges. In a secure OS getting admin privileges normally involves a
prompt of some kind. If it doesn't it's not secure.

You are absolutely correct.

But it does this from an Account with Administrator privileges.
That is akin to Linux asking for the root password when you're already
logged in as root.

 

[Kerry Brown]

You are absolutely correct.

But it does this from an Account with Administrator privileges.
That is akin to Linux asking for the root password when you're already
logged in as root.

I actually see this as an advantage for Vista. If UAC evolves it may blur or
eliminate the line between admin and non-admin users. Using accounts for
security boundaries is an outmoded concept that needs to change. It is too
easy to use social engineering to trick a user. I can imagine an OS with a
UAC like security system that doesn't have different classes of users. I
don't think Vista will get to this point but it may be a stepping stone to
it. In the mean time UAC allows older, poorly programmed applications to
work while improving security.

 

[thetruthhurts]

I am the only user of this computer - seems to me , that
UAC is a security item for newbies or for multiple users .
I am inclined to turn it off ; is there something else that I
missed ?

Decent idea, stupid, arrogant implementation. In a few years when the
software vendors catch up and play by MS's new rules it maybe worth
turning back on. I'd recommend Kaspersky's Internet security product
and turn off MS firewall, defender, and UAC.

 

[Jimmy Brush]

Hello,

In the case where an administrator is logged in, UAC is not there to
control access to a resource - it is there to make sure a human (who
is already logged in and is already known to have access to the
resource) is the one intiating such access.

This prevents software from using the full privileges of the current
user without the user intiating the action.

This is how UAC relates to sudo in Linux - sudo requires the input of
a shared secret between the user and the OS in order to elevate an
app, which (assuming an app doesn't know the user's password) prevents
the app from doing this itself. In Vista, this same assurance is
achieved by other means.

 

[Jimmy Brush]

Hello,

UAC prompts you to ensure that YOU are actually the one that is using
System Restore.

It is NOT asking you: "Do you want to let yourself use system
restore?" This would be absurd.

What it is asking you is: "I see system restore is running. System
restore can do some pretty nasty things to your computer, and I just
want to check with you to make sure YOU are the one that is opening
it, and not some malicious program."

The UAC prompt is not there to protect you from yourself, as that
would kind of rediculous ... it is there to protect you from
malicious applications that would use system utilities or any other
programs that you trust against you.

 

[Jimmy Brush]

Hello,

UAC is not just for newbies or multiple users .

UAC helps to make your computer more secure by preventing programs
that do not ask you for permission ("Windows needs your permission to
continue") from having full access to your computer.

The UAC prompt ("Windows needs your permission to continue") is
displayed whenever a program runs that wants full control over your
computer.

These prompts are not there to protect you from yourself ... rather,
they are there to make sure that YOU are the one opening whatever
program is listed inside the prompt, as opposed to it trying to start
itself or be started from another program.

This allows you to stop programs from running that you did not start.

This prevents two kinds of attacks:

1- Some cases where a malicious or unknown program is dropped onto
your computer and starts without you wanting it to run

2- Where a malicious program would attempt to use trusted, system
components to take over your computer (for example, a malicious
program starting format.exe to wipe your computer clean)

In case #2, you would see a UAC prompt out of the blue for format.exe,
and knowing you did not start it, you would click cancel. (This is why
UAC does not let you trust programs to always run without prompting,
to prevent this attack).

This obviously does not solve all computer security issues by itself,
however it is an important part of a comprehensive security solution,
one that includes antivirus, antimalware, firewall, etc.

 

[Jimmy Brush]

Hello,

Unfortunately, UAC must ask every time or it would not be effective.

UAC is there not to protect you from yourself, but to protect you from
programs that would try to run themselves or trusted system components
without you wanting them to.

If UAC did not prompt every time, then malicious programs could simply
start programs that you trust and use them to take over or damage your
computer.

Imagine a simple case with a command prompt. If UAC did not prompt to
make sure you are the one who is starting a command prompt with admin
privileges every time it was opened, then a malicious program could
simply start an admin command prompt and use it to start itself with
admin privileges.

Think of all the system utilities and other programs that prompt on
your computer... do you really want to allow any program that runs on
your computer to be able to start and use those, without you knowing
about it?

 

[Jimmy Brush]

Hello,

This is a good explanation of how UAC ensures that the human sitting
in front of the screen (and not another program) wants a program to
run, and in fact, symbolizes the point of UAC.

UAC is not there to protect you from yourself; UAC is there to protect
you from programs that would run themselves or trusted system programs
without you knowing about it.

UAC does not stop malware or in fact make any decision; it just makes
sure that the person using the computer is in fact the one who is
running programs, and not the other way around (the programs running
the user .