UAC - How do I configure this to bring some sanity to my desktop?

[Jimmy Brush]

In a similar vain, Microsoft, the 800 pound gorilla, has decided it,
not you, determines how to restrict use of your software, without your
input.

This is obviously untrue. "Windows needs YOUR PERMISSION to continue"

If you think this is giving users "so much more control" you're
delusional pal. In the example I gave I clearly detailed how Microsoft
prevented me from running software installed on XP and capable of
running on Vista (it is right now with UAC turned off) after I did a
install in place which obviously as you know keeps your installed
software. NOTHING I do allows me to change the permissions on some of
MY software. The so-called security tabs are either grayed out the
boxes to check options are missing totally.

You can change any security settings on your computer. You just have to know
how.

Blaming Microsoft on your misunderstanding of its operating system /
unwillingness to learn is outrageous. You could have brought your problems
to this newsgroups and received support like everyone else; instead, you
blindly accuse Microsoft of redicious things, unwilling to listen to anyone.

If you continue to defend such moronic practices as "good things" I
think we will have some interesting discussions in the future.

lol. I wouldn't use the term "interesting" to describe it.

 

[Jimmy Brush]

Microsoft's OS isn't unsafe - the applications that run on it are.

LOL! That's the biggest whopper I've seen posted here yet. If
Microsoft's OS was "safe", why does Microsoft constantly issue
"SECURITY" updates, CRITICL patches and Service Packs for Windows?
SP2 was 250MB in size!

They do it for the same reason everyone else does.

Translation: Microsoft has thrown in the towel accepting its Windows
versions are so buggy and primed to be easy hacker targets the only
thing it can do short of weekly "critical updates" is constantly
challenge much of the software on your system by asking moronic
questions like are you sure you want to do this or that which do
little other than to offer a sense of false security.

Translation: UAC had to get into windows SOMEHOW, and this was the best form
for it to take with an "acceptable loss" on the application compatability
front.

You just can't flip a switch and make everything better, as you have to
support legacy software somehow, as you have pointed out in earlier posts.

So that's just your way of saying that the current form of UAC sucks
big time and is more of a nussiance than a help and accept that the
vast majority of users after seeing what a total mess it is and how
clumsy it is to work with will simply turn it off.

No; UAC in its current form adds an incredible level of security and trust
to the OS, in a way that (unlike MS) works to increase security in a
architectually sound way, without relenting to the pleas of application
developers to make their old, buggy, insecure programs work correctly
regardless of the security implications of doing so.

I concede that it is annoying and has rough edges on usability in certain
scenarios, and this is what I was referring to here when I said that it
could be better.


--
- JB
Microsoft MVP - Windows Shell/User

Windows Vista Support Faq
http://www.jimmah.com/vista/

 

[Adam Albright]

This is obviously untrue. "Windows needs YOUR PERMISSION to continue"

Sure right, of course. I told it to pop up a "needs Administrative
Rights" nag screen just so it will annoy me. Doesn't everyone?

You can change any security settings on your computer. You just have to know
how.

So fine, tell me HOW when there is nothing but grayed out options or
no options at all. I'm all ears. TELL ME right now =====>

Blaming Microsoft on your misunderstanding of its operating system /
unwillingness to learn is outrageous.

Stop with the self-righteous bullshit, it actually makes you sound
stupid. I've documented several serious issues in the last week in
this newsgroup and in the setup newsgroup. Neither you, not any MVP,
not any Microsoft employee, not any other poster has been able to
explain any of them or offer any fix or reason why they happened. That
suggests there are many unresvolved unknown issues with Vista. You can
continue to live in your fantasy land and pretend otherwise.

You could have brought your problems
to this newsgroups and received support like everyone else; instead, you
blindly accuse Microsoft of redicious things, unwilling to listen to anyone.

Typical "support" offered: do a clean install. Go back to XP. Nobody
forced you to upgrade. All OS's have bugs...blah, blah, blah.

 

[Adam Albright]

They do it for the same reason everyone else does.

That sounds like a cop-out. If Windows was half as good as you pretend
why does it need a never ending supply of patches, critical updates
and Service Packs to fix it?

No; UAC in its current form adds an incredible level of security and trust
to the OS, in a way that (unlike MS) works to increase security in a
architectually sound way, without relenting to the pleas of application
developers to make their old, buggy, insecure programs work correctly
regardless of the security implications of doing so.

GREAT job of finger pointing. All the problems are vendor's errors.
Windows is perfect, everybody else writes buggy software, but not the
Boys of Redmond. Thanks for the chuckle, I needed that.

May I suggest you visit Microsoft's Knowledge Base and just start
reading its own monument to gross incompetence. There are literally
THOUSANDS of KB posts that admit oops, we goofed, no fix for that, oh
so sorry, we know that don't work, etc.. No, I don't expect Microsoft
to be perfect. I do expect better after having 20 years to get Windows
right and being totally unable to yet.

 

[Captain Roberts]

Adam, run msconfig and from there click on tools and scroll down and click
on disable UAC. Now reboot. Next run the attachment remove.bat and answer
YES. Now reboot once more. Now you have complete control of your system
again. Or at least as much control as you had in XP.

 

[Joseph Geretz]

to be perfect. I do expect better after having 20 years to get Windows

right and being totally unable to yet.

Wow, you're right. It's just about 20 years! I remember my first glimpse of
1.1. Must have been about late '97 early '98. Basically just a File Manager
shell.

20 years...

- Joseph Geretz -

 

[Joseph Geretz]

reg delete "HKCR\CLSID\{FD6905CE-952F-41F1-9A6F-135D9C6622CC}"

What does this do?

- Joe Geretz -

 

[Captain Roberts]

reg delete "HKCR\CLSID\{FD6905CE-952F-41F1-9A6F-135D9C6622CC}"

What does this do?

- Joe Geretz -

This turns off the notification that you have turned off UAC.

 

[Guest]

why on earth is everyone recommending to shut all of UAC off
its easy to adjust the settings in 3 easy steps

1. To get started, open up the Local Security Settings MMC to show the local
security policies by running secpol.msc.

2. Navigate through Local Policies and Security Options.

3. Scroll through the list on the right of the various security settings
until your reach the User Account Protection settings. Refer to the list
below of the various settings, to change them, just right click and select
Modify. Items in bold are the default values.

this one here is probably the only one you want to change, leave the rest
alone

* User Account Control: Behavior of the elevation prompt for administrators
in Admin Approval Mode
o Elevate without prompting

 

[Captain Roberts]

why on earth is everyone recommending to shut all of UAC off
its easy to adjust the settings in 3 easy steps

UAC is meant for the casual PC user, not for those that are comfortable with
determining what runs and what doesn't.

 

[Alun Jones]

Problem in a nutshell. If an OS can't tell when I explicitly ask for
something, then it needs to be torn down and rebuilt so that it can.

Then you need to discard every operating system ever built, except for the
occasional scientific curiosity(*).

Let's take keyboard input as an example. You press a key, two partial
circuits are joined, and a current flows. This signal travels into a hole in
the back of your computer, and eventually hits the I/O bus in your system.

After that, everything's software - and there are numerous layers of the
software between the signal's first arrival into the system and the target
application.

So, no, your OS can't tell when you explicitly ask for something, as opposed
to when "software" asked for it, because it's all software from the moment
that signal is detected at the I/O bus.

Throw away your computers, because you're asking for them to do something
that you don't understand is impossible.

Alun.
~~~~
(*) Microsoft themselves have some of these scientific curiosities under
development - the "Next Generation Secure Computing Base" at one time had
the concept of a mouse and keyboard that would cryptographically sign every
keystroke, every mouse move, every button click. Needles to say, with that
kind of overhead, we aren't going to be seeing that in a consumer OS any
time soon.

 

[Robert Firth]

For starters, don't write files to "c:\program files" except during
installation. That isn't for you to write to, and is not specific to any
language. That is one of the problems.

--
/* * * * * * * * * * * * * * * * * *
* Robert Firth *
* Windows Vista x86 RTM *
* http://www.WinVistaInfo.org *
* * * * * * * * * * * * * * * * * */

 

[Robert Firth]

You've forgotten that all code has bugs, especially large programs like
Windows that contain 50 million lines of code.

Does this mean that there are security advisories for linux as well? Gasp!
http://www.frsirt.com/english/linux-advisories/2

The fact of the matter is not all programs need complete control of your
computer. A sidebar gadget should not be allowed administrative privileges
if it is only a clock.

Secondly, it doesn't matter how good the OS is, it can't know what you
intend to do. Sure, you clicked the button. Perhaps you wanted that spyware
to install. Perhaps the latest malware make you feel warm and fuzzy inside.

--
/* * * * * * * * * * * * * * * * * *
* Robert Firth *
* Windows Vista x86 RTM *
* http://www.WinVistaInfo.org *
* * * * * * * * * * * * * * * * * */

 

[Robert Firth]

Turning UAC off is for the casual PC user, not for those that are
comfortable with
determining what runs and what doesn't.

"Windows needs YOUR PERMISSION to continue".

Obviously this means that you need to be comfortable with determining what
runs if Windows is asking you if you want something to run... Otherwise you
are blindly accepting prompts - which means that there is no reason for
them. At least you still get Internet Explorer's Protected Mode with it on.

--
/* * * * * * * * * * * * * * * * * *
* Robert Firth *
* Windows Vista x86 RTM *
* http://www.WinVistaInfo.org *
* * * * * * * * * * * * * * * * * */

 

[Gabriel Lozano-Moran]

I could not agree more. There are enought articles available on the MSDN
Library for developers writing apps targeting Windows Vista. For starters:

http://msdn2.microsoft.com/en-us/library/aa480150.aspx

Gabriel Lozano-Moran

 

[Adam Albright]

Turning UAC off is for the casual PC user, not for those that are
comfortable with determining what runs and what doesn't.

Boy Bobby, that's sure is a self-serving ego stroking statement if I
ever seen one. I've seen you cackle a lot how "expert" you think you
are but not actually explain anything other than to hint you know
something which implies the rest of us are dummies. That's ammusing to
me.

So here's a little challenge, explain step by step how to use UAC,
what all the terms mean, how to change permissions, add/remove groups,
users, what's wrong with the current implementation, etc.

In other words put up or shut up or maybe time permitting I'll just
have to show you up and do it for ya. <wink>

 

[Captain Roberts]

Robert, you are a newb. Just admit it. <grin>

 

[Joseph Geretz]

The following are examples of problematic applications.

a.. An ActiveX installation to facilitate Web scenarios.
Ha, Ha. Having touted the benefits of ActiveX for just about a decade,
Microsoft now admits its problematic nature. Proving I guess, that it's not
about having the best ideas or the best technology, but rather the best
marketing.

- Joe Geretz -

 

[Guest]

Turning UAC off is for the casual PC user, not for those that are
comfortable with
determining what runs and what doesn't.

"Windows needs YOUR PERMISSION to continue".

Obviously this means that you need to be comfortable with determining what
runs if Windows is asking you if you want something to run... Otherwise you
are blindly accepting prompts - which means that there is no reason for
them. At least you still get Internet Explorer's Protected Mode with it on.

--
/* * * * * * * * * * * * * * * * * *
* Robert Firth *
* Windows Vista x86 RTM *
* http://www.WinVistaInfo.org *
* * * * * * * * * * * * * * * * * */

hmm...isnt that the logic as to why xp has so much malware complaints? turn
it off completely and there will be exploits to take advantage of those who
choose that route
be happy its on be default as hopefully it will help tone down the malware
for it and adware bundled crap on free apps