User Access Control: what are the advantages and/or disadvantages?

  • Thread starter Thread starter Ross M. Greenberg
  • Start date Start date
R

Ross M. Greenberg

I have found that most of my problems with Vista and start-up programs (such
as AtomTime and Desktop Weather) are due primarily to UAC. Figuring that I
sort of know what I'm doing, what are the actual pros and cons of running
with or without UAC?

Ross
 
The pro is considerably increased security; the cons are that it's too
intrusive. I have very little problem with it anymore. I cursed it during
the early beta builds because every time I wanted to drag and drop a file
from one drive to another or rename it was in my face. You might want to
take a look at this article Russ:

http://blogs.zdnet.com/microsoft/?p=277

These discussions by people familiar wtih UAC or on the team at MSFT should
help you a bit:

http://windowsvistablog.com/blogs/windowsvista/archive/2007/01/25/accessible-uac-prompts.aspx

http://windowsvistablog.com/blogs/w...7/01/23/security-features-vs-convenience.aspx

http://windowsvistablog.com/blogs/windowsvista/archive/2006/09/06/454416.aspx

CH
 
Chad Harris said:
The pro is considerably increased security; the cons are that it's too
intrusive. I have very little problem with it anymore. I cursed it
during the early beta builds because every time I wanted to drag and drop
a file from one drive to another or rename it was in my face. You might
want to take a look at this article Russ:
Click to expand...

<snip a bunch of great discussion on UAC stuff!>
Thanks Chad!

The extra security stuff inherent in UAC is understandable. I can see lots
of reasons for such. However, there should be some place for exceptions --
programs that I run constantly and have been safe to run for years and
years should be protected from change by Malware by the UAC, then should be
flagged somehow (ask me multiple times if this application is safe to run,
if it has been scanned for a malware, etc.) And then remember the flagging!
I would have no problems with Vista so far aside from very safe programs
having to be blocked in the name of better security!

I used to design, program, implement, test, and support antivirus and
security programs. The most constant and consistent complaint users had
about perfectly functioning programs (under DOS, and under early cuts of
Windows) was when forced "Nanny" mode features, such as those exhibited by
UAC, had no alternative! Force me to do something once, not every time I
reboot!

Ross
 
Ross M. Greenberg said:
Chad Harris said:
The pro is considerably increased security; the cons are that it's too
intrusive. I have very little problem with it anymore. I cursed it
during the early beta builds because every time I wanted to drag and drop
a file from one drive to another or rename it was in my face. You might
want to take a look at this article Russ:
Click to expand...

<snip a bunch of great discussion on UAC stuff!>
Thanks Chad!

The extra security stuff inherent in UAC is understandable. I can see
lots of reasons for such. However, there should be some place for
exceptions -- programs that I run constantly and have been safe to run
for years and years should be protected from change by Malware by the UAC,
then should be flagged somehow (ask me multiple times if this application
is safe to run, if it has been scanned for a malware, etc.) And then
remember the flagging! I would have no problems with Vista so far aside
from very safe programs having to be blocked in the name of better
security!

I used to design, program, implement, test, and support antivirus and
security programs. The most constant and consistent complaint users had
about perfectly functioning programs (under DOS, and under early cuts of
Windows) was when forced "Nanny" mode features, such as those exhibited by
UAC, had no alternative! Force me to do something once, not every time I
reboot!

Ross
Click to expand...



Have you ever used any OS' other than Windows? All of the secure ones
require that users somehow approve system wide changes. It is the price of
security. UAC is a compromise between security and compatibility for legacy
applications. Microsoft could have easily made Vista secure without UAC.
This would have broken almost all legacy applications because most of them
were poorly programmed from a security standpoint.
 
Have you ever used any OS' other than Windows? All of the secure ones
require that users somehow approve system wide changes. It is the price of
security. UAC is a compromise between security and compatibility for
legacy applications. Microsoft could have easily made Vista secure without
UAC. This would have broken almost all legacy applications because most of
them were poorly programmed from a security standpoint.
Click to expand...

Of course I have! If UAC had a " ask me only once and remember my answer"
we wouldn't be having this discussion now! It is the damned silly " ask me
every time you can" UAC default with no means of turning off the default
that vista - in my opinion - got entirely wrong!

Ross
 
Back
Top