UAC should have been a Business class feature, not for Home Users

I hate to say so MS, but your average joe, the person you are making UAC
for, is going
to do exactly what they are doing, that is turning UAC off.
Example, my mother is your basic Internet User. She just graduated from AOL
to
a normal broadband connection after me telling her for years how much better
broadband would be for her. She bought a PC that had Vista Home Premium on
it.
Suddenly dial-up became a major pain in the butt because Vista is geared
more toward a constant net connection. No problem there, I agree.
However, 2 days later she calls me up and asks me to put Windows XP back on
her computer.
When I ask her why, the response " I'm sick of the computer asking me
questions every 5 seconds. It didn't do it before. I have an anti-virus, a
firewall, and a anti-spyware program running. Why do I have to OK every
single thing I do?"
I tried explaining the benefits, but she would hear none of it. She has been
told by the Norton's and the AdAware's of the world that as long as she runs
their programs and practices safe netting that she is ok. So it was either
turn UAC off or install Windows XP for her, she was that serious.
And to be honest, I understand how she feels. In 5 years she has never had a
virus, has only had very light malware (Which SpyBot SD quickly removed),
and has nothing of hi-value on her PC for a hacker to have much interest in
other than family photo's of the dog etc.
My point being is that the average user who buys Windows HOME versions are
not going to WANT this elevated security, and as soon as they find a way to
remove it, they will.
MS should have made UAC a Business / Enterprise feature and left the
standard user and admin feature set of XP for the Home licenses of Vista.
I build PC's for a living so I know the problems that John Q Public can make
for their selves on a PC on the net with no protection. But simple education
and running the big 3 (Anti-virus, Anti-spyware and Firewalls) should be
more than enough to protect them. Now if they are stupid enough to store all
their financial information or work related trade secrets and not have the
"the big 3" then they certainly aren't going to tolerate UAC.



--
Thank you,
JD Wohlever

Techware Grafx
techware(dash)grafx(at)hotmail(dot)com

"Kerry Brown" <*a*m> wrote in message
news:...
> There is some pain associated with UAC. Jimmy Brush's post explains it
> very well. I'll add a bit of history as to how we got to UAC and why it's
> needed.
>
> There were two families of Windows, NT based (Windows NT) and DOS based
> (Windows 95). NT was mostly used in business networks and had excellent
> security. Everyone ran as a standard user and only used administrator
> accounts for things like installing programs, maintenance etc. Win95
> really had no security as it was based on DOS and all users had total
> control of the system at all times. Windows 95 became very popular and
> many programs were written for it. Microsoft published guidelines on how
> to program using established APIs and recommended programmers use this
> method. Because the hardware at the time was limited, programming through
> the documented APIs made for slow programs. Most programmers including
> those at Microsoft, ignored the APIs and basically did what they had to to
> get their programs running at the speed end users expected. This is where
> most current programmers got their start and learned their habits. As time
> progressed the DOS based versions of Windows were abandoned and the NT and
> DOS world merged in XP which is NT based. All the end users and
> programmers from the DOS world didn't change their ways. End users ran as
> administrators all the time and programmers bypassed the APIs and expected
> the users to be running as administrators. Around this time the Internet
> exploded. Malware became a major problem exacerbated by the way
> programmers and end users were using Windows. There was no way to secure
> XP given this situation. Microsoft decided to write a new more secure OS.
> There is a lot of changes under the hood but in the end the best security
> is to enforce programmers to use the APIs and not have end users running
> as administrators. Unfortunately this would break almost all existing
> software. Thus we have UAC. It allows most old programs to do what they do
> and tricks them into thinking it worked. It also allows users to run as an
> administrator but gives them a warning when those administrator privileges
> are going to be used.
>
> --
> Kerry Brown
> Microsoft MVP - Shell/User
> http://www.vistahelp.ca
>
>
> "alex" <> wrote in message
> news:8F96CCFA-A18E-44F7-A41C-...
>>
>> Hi Kerry,
>>
>> Here's the problem with Vistas security as I see it.
>>
>> I am a long time Windows user with, at best, an intermediate knowledge of
>> how programs work and how they're supposed to work with computers.
>>
>> Whenever Windows prompts me for confirmation regarding a security issue,
>> to
>> be honest, at times, I haven't the slightest clue whether I should allow
>> or
>> cancel something.
>>
>> Other than the most obvious "A program is trying to destroy your
>> hard-drive
>> and clean out your bank account" message, I'm likely going to let the
>> program
>> do what it wants to do.
>>
>> I minimize my exposure to to malware by not downloading software or
>> opening
>> e-mail attachments with which I'm not familiar. But sometimes I visit
>> CNN.com or MSN or something as seemingly benign and I'm told that an
>> update
>> has to be performed and I'm asked if I trust the source.
>>
>> No, I don't trust the source. But if I'm going want to visit those sites
>> I
>> have to allow changes to be made.
>>
>> The UAC just annoys me and actually puts me in the habit of just clicking
>> "continue" without reading what the window says.
>>
>> Ehhh. Personal preference I guess.
>>
>> BTW: This reminds me of how Microsoft didn't give the user the ability
>> to
>> download attachments in Outlook in Office XP (I think it was XP). What a
>> pain-in-the-a@@ that was.
>>
>>
>> "Kerry Brown" wrote:
>>
>>> Disabling UAC disables much of the improved security in Vista. Once you
>>> have
>>> your computer set up as you want it, it is recommended to turn UAC back
>>> on.
>>> You can do everything you always did with UAC on you just have to do it
>>> in a
>>> new way. UAC actually gives you more control as you now know when a
>>> program
>>> is about to do something that may affect the whole system. This is the
>>> price
>>> of security.
>>>
>>> --
>>> Kerry Brown
>>> Microsoft MVP - Shell/User
>>> http://www.vistahelp.ca
>>>
>>>
>>> "alex" <> wrote in message
>>> news:CC64E5E0-3D62-4752-A16B-...
>>> > Never mind. I found the UAC options.
>>> >
>>> > "alex" wrote:
>>> >
>>> >> How may I disable all the prompts that appear whenever I try to do
>>> >> something
>>> >> like uninstall a program or delete a file or directory?
>>> >>
>>> >> Vista Premium
>>> >>
>>> >> Thanks,
>>> >> Alex
>>>
>>>
>

Not a setup install issue.

CH

"JD Wohlever" <techware-> wrote in message
news:19079D31-44E2-4DBD-BAEF-...
>I hate to say so MS, but your average joe, the person you are making UAC
>for, is going
> to do exactly what they are doing, that is turning UAC off.
> Example, my mother is your basic Internet User. She just graduated from
> AOL to
> a normal broadband connection after me telling her for years how much
> better broadband would be for her. She bought a PC that had Vista Home
> Premium on it.
> Suddenly dial-up became a major pain in the butt because Vista is geared
> more toward a constant net connection. No problem there, I agree.
> However, 2 days later she calls me up and asks me to put Windows XP back
> on her computer.
> When I ask her why, the response " I'm sick of the computer asking me
> questions every 5 seconds. It didn't do it before. I have an anti-virus, a
> firewall, and a anti-spyware program running. Why do I have to OK every
> single thing I do?"
> I tried explaining the benefits, but she would hear none of it. She has
> been told by the Norton's and the AdAware's of the world that as long as
> she runs their programs and practices safe netting that she is ok. So it
> was either turn UAC off or install Windows XP for her, she was that
> serious.
> And to be honest, I understand how she feels. In 5 years she has never had
> a virus, has only had very light malware (Which SpyBot SD quickly
> removed), and has nothing of hi-value on her PC for a hacker to have much
> interest in other than family photo's of the dog etc.
> My point being is that the average user who buys Windows HOME versions are
> not going to WANT this elevated security, and as soon as they find a way
> to remove it, they will.
> MS should have made UAC a Business / Enterprise feature and left the
> standard user and admin feature set of XP for the Home licenses of Vista.
> I build PC's for a living so I know the problems that John Q Public can
> make for their selves on a PC on the net with no protection. But simple
> education and running the big 3 (Anti-virus, Anti-spyware and Firewalls)
> should be more than enough to protect them. Now if they are stupid enough
> to store all their financial information or work related trade secrets and
> not have the "the big 3" then they certainly aren't going to tolerate UAC.
>
>
>
> --
> Thank you,
> JD Wohlever
>
> Techware Grafx
> techware(dash)grafx(at)hotmail(dot)com
>
> "Kerry Brown" <*a*m> wrote in message
> news:...
>> There is some pain associated with UAC. Jimmy Brush's post explains it
>> very well. I'll add a bit of history as to how we got to UAC and why it's
>> needed.
>>
>> There were two families of Windows, NT based (Windows NT) and DOS based
>> (Windows 95). NT was mostly used in business networks and had excellent
>> security. Everyone ran as a standard user and only used administrator
>> accounts for things like installing programs, maintenance etc. Win95
>> really had no security as it was based on DOS and all users had total
>> control of the system at all times. Windows 95 became very popular and
>> many programs were written for it. Microsoft published guidelines on how
>> to program using established APIs and recommended programmers use this
>> method. Because the hardware at the time was limited, programming through
>> the documented APIs made for slow programs. Most programmers including
>> those at Microsoft, ignored the APIs and basically did what they had to
>> to get their programs running at the speed end users expected. This is
>> where most current programmers got their start and learned their habits.
>> As time progressed the DOS based versions of Windows were abandoned and
>> the NT and DOS world merged in XP which is NT based. All the end users
>> and programmers from the DOS world didn't change their ways. End users
>> ran as administrators all the time and programmers bypassed the APIs and
>> expected the users to be running as administrators. Around this time the
>> Internet exploded. Malware became a major problem exacerbated by the way
>> programmers and end users were using Windows. There was no way to secure
>> XP given this situation. Microsoft decided to write a new more secure OS.
>> There is a lot of changes under the hood but in the end the best security
>> is to enforce programmers to use the APIs and not have end users running
>> as administrators. Unfortunately this would break almost all existing
>> software. Thus we have UAC. It allows most old programs to do what they
>> do and tricks them into thinking it worked. It also allows users to run
>> as an administrator but gives them a warning when those administrator
>> privileges are going to be used.
>>
>> --
>> Kerry Brown
>> Microsoft MVP - Shell/User
>> http://www.vistahelp.ca
>>
>>
>> "alex" <> wrote in message
>> news:8F96CCFA-A18E-44F7-A41C-...
>>>
>>> Hi Kerry,
>>>
>>> Here's the problem with Vistas security as I see it.
>>>
>>> I am a long time Windows user with, at best, an intermediate knowledge
>>> of
>>> how programs work and how they're supposed to work with computers.
>>>
>>> Whenever Windows prompts me for confirmation regarding a security issue,
>>> to
>>> be honest, at times, I haven't the slightest clue whether I should allow
>>> or
>>> cancel something.
>>>
>>> Other than the most obvious "A program is trying to destroy your
>>> hard-drive
>>> and clean out your bank account" message, I'm likely going to let the
>>> program
>>> do what it wants to do.
>>>
>>> I minimize my exposure to to malware by not downloading software or
>>> opening
>>> e-mail attachments with which I'm not familiar. But sometimes I visit
>>> CNN.com or MSN or something as seemingly benign and I'm told that an
>>> update
>>> has to be performed and I'm asked if I trust the source.
>>>
>>> No, I don't trust the source. But if I'm going want to visit those
>>> sites I
>>> have to allow changes to be made.
>>>
>>> The UAC just annoys me and actually puts me in the habit of just
>>> clicking
>>> "continue" without reading what the window says.
>>>
>>> Ehhh. Personal preference I guess.
>>>
>>> BTW: This reminds me of how Microsoft didn't give the user the ability
>>> to
>>> download attachments in Outlook in Office XP (I think it was XP). What
>>> a
>>> pain-in-the-a@@ that was.
>>>
>>>
>>> "Kerry Brown" wrote:
>>>
>>>> Disabling UAC disables much of the improved security in Vista. Once you
>>>> have
>>>> your computer set up as you want it, it is recommended to turn UAC back
>>>> on.
>>>> You can do everything you always did with UAC on you just have to do it
>>>> in a
>>>> new way. UAC actually gives you more control as you now know when a
>>>> program
>>>> is about to do something that may affect the whole system. This is the
>>>> price
>>>> of security.
>>>>
>>>> --
>>>> Kerry Brown
>>>> Microsoft MVP - Shell/User
>>>> http://www.vistahelp.ca
>>>>
>>>>
>>>> "alex" <> wrote in message
>>>> news:CC64E5E0-3D62-4752-A16B-...
>>>> > Never mind. I found the UAC options.
>>>> >
>>>> > "alex" wrote:
>>>> >
>>>> >> How may I disable all the prompts that appear whenever I try to do
>>>> >> something
>>>> >> like uninstall a program or delete a file or directory?
>>>> >>
>>>> >> Vista Premium
>>>> >>
>>>> >> Thanks,
>>>> >> Alex
>>>>
>>>>
>>

I like this thread as it explains very well, (thank you JD) my biggest
complaint with this new Vista. I'm assuming UAC is user admin. control and it
sounds like we can turn this annoying thing off totally! Yippee.... where can
I find directions for doing that and maybe uninstalling it forever? And if
so, does that mean our level of security will be only less the "improvements"
and only that of my old XP? (thank GOD I still have and use that computer
too) AVG and Spybot have served me well in over 10 years. That and a little
common sense go a long ways.

Also a simple drop/drag to create a shortcut on my desktop from the program
files pops up two windows... are you sure you want to do this? Does anyone
know how I can stop that popup too?

I do like the "program compability feature"-- Except, when we are installing
a program that is Not compatible and there's no solution---then what? Is it
half installed, do I need to uninstall what was started?

I had trouble finding the add/remove programs section and I notice it does
NOT list everything. That is another big issue with me. It took quite awhile
to remove all the ISP junk and advertising off this new computer and I don't
even know that I did remove it all since MSN, AOL and that other junk were
not listed in add/remove. Everything has been reorganized to the point that
it is difficult and not easier. I am seriously considering the idea of
removing Vista and replacing with Xp, since HP finally mailed me the restore
disks from that class action suit.

Sorry for so many questions. Thank you in advance for those of you that help
answer my questions.

ceece

"JD Wohlever" wrote:

> I hate to say so MS, but your average joe, the person you are making UAC
> for, is going
> to do exactly what they are doing, that is turning UAC off.
> Example, my mother is your basic Internet User. She just graduated from AOL
> to
> a normal broadband connection after me telling her for years how much better
> broadband would be for her. She bought a PC that had Vista Home Premium on
> it.
> Suddenly dial-up became a major pain in the butt because Vista is geared
> more toward a constant net connection. No problem there, I agree.
> However, 2 days later she calls me up and asks me to put Windows XP back on
> her computer.
> When I ask her why, the response " I'm sick of the computer asking me
> questions every 5 seconds. It didn't do it before. I have an anti-virus, a
> firewall, and a anti-spyware program running. Why do I have to OK every
> single thing I do?"
> I tried explaining the benefits, but she would hear none of it. She has been
> told by the Norton's and the AdAware's of the world that as long as she runs
> their programs and practices safe netting that she is ok. So it was either
> turn UAC off or install Windows XP for her, she was that serious.
> And to be honest, I understand how she feels. In 5 years she has never had a
> virus, has only had very light malware (Which SpyBot SD quickly removed),
> and has nothing of hi-value on her PC for a hacker to have much interest in
> other than family photo's of the dog etc.
> My point being is that the average user who buys Windows HOME versions are
> not going to WANT this elevated security, and as soon as they find a way to
> remove it, they will.
> MS should have made UAC a Business / Enterprise feature and left the
> standard user and admin feature set of XP for the Home licenses of Vista.
> I build PC's for a living so I know the problems that John Q Public can make
> for their selves on a PC on the net with no protection. But simple education
> and running the big 3 (Anti-virus, Anti-spyware and Firewalls) should be
> more than enough to protect them. Now if they are stupid enough to store all
> their financial information or work related trade secrets and not have the
> "the big 3" then they certainly aren't going to tolerate UAC.
>
>
>
> --
> Thank you,
> JD Wohlever
>
> Techware Grafx
> techware(dash)grafx(at)hotmail(dot)com
>
> "Kerry Brown" <*a*m> wrote in message
> news:...
> > There is some pain associated with UAC. Jimmy Brush's post explains it
> > very well. I'll add a bit of history as to how we got to UAC and why it's
> > needed.
> >
> > There were two families of Windows, NT based (Windows NT) and DOS based
> > (Windows 95). NT was mostly used in business networks and had excellent
> > security. Everyone ran as a standard user and only used administrator
> > accounts for things like installing programs, maintenance etc. Win95
> > really had no security as it was based on DOS and all users had total
> > control of the system at all times. Windows 95 became very popular and
> > many programs were written for it. Microsoft published guidelines on how
> > to program using established APIs and recommended programmers use this
> > method. Because the hardware at the time was limited, programming through
> > the documented APIs made for slow programs. Most programmers including
> > those at Microsoft, ignored the APIs and basically did what they had to to
> > get their programs running at the speed end users expected. This is where
> > most current programmers got their start and learned their habits. As time
> > progressed the DOS based versions of Windows were abandoned and the NT and
> > DOS world merged in XP which is NT based. All the end users and
> > programmers from the DOS world didn't change their ways. End users ran as
> > administrators all the time and programmers bypassed the APIs and expected
> > the users to be running as administrators. Around this time the Internet
> > exploded. Malware became a major problem exacerbated by the way
> > programmers and end users were using Windows. There was no way to secure
> > XP given this situation. Microsoft decided to write a new more secure OS.
> > There is a lot of changes under the hood but in the end the best security
> > is to enforce programmers to use the APIs and not have end users running
> > as administrators. Unfortunately this would break almost all existing
> > software. Thus we have UAC. It allows most old programs to do what they do
> > and tricks them into thinking it worked. It also allows users to run as an
> > administrator but gives them a warning when those administrator privileges
> > are going to be used.
> >
> > --
> > Kerry Brown
> > Microsoft MVP - Shell/User
> > http://www.vistahelp.ca
> >
> >
> > "alex" <> wrote in message
> > news:8F96CCFA-A18E-44F7-A41C-...
> >>
> >> Hi Kerry,
> >>
> >> Here's the problem with Vistas security as I see it.
> >>
> >> I am a long time Windows user with, at best, an intermediate knowledge of
> >> how programs work and how they're supposed to work with computers.
> >>
> >> Whenever Windows prompts me for confirmation regarding a security issue,
> >> to
> >> be honest, at times, I haven't the slightest clue whether I should allow
> >> or
> >> cancel something.
> >>
> >> Other than the most obvious "A program is trying to destroy your
> >> hard-drive
> >> and clean out your bank account" message, I'm likely going to let the
> >> program
> >> do what it wants to do.
> >>
> >> I minimize my exposure to to malware by not downloading software or
> >> opening
> >> e-mail attachments with which I'm not familiar. But sometimes I visit
> >> CNN.com or MSN or something as seemingly benign and I'm told that an
> >> update
> >> has to be performed and I'm asked if I trust the source.
> >>
> >> No, I don't trust the source. But if I'm going want to visit those sites
> >> I
> >> have to allow changes to be made.
> >>
> >> The UAC just annoys me and actually puts me in the habit of just clicking
> >> "continue" without reading what the window says.
> >>
> >> Ehhh. Personal preference I guess.
> >>
> >> BTW: This reminds me of how Microsoft didn't give the user the ability
> >> to
> >> download attachments in Outlook in Office XP (I think it was XP). What a
> >> pain-in-the-a@@ that was.
> >>
> >>
> >> "Kerry Brown" wrote:
> >>
> >>> Disabling UAC disables much of the improved security in Vista. Once you
> >>> have
> >>> your computer set up as you want it, it is recommended to turn UAC back
> >>> on.
> >>> You can do everything you always did with UAC on you just have to do it
> >>> in a
> >>> new way. UAC actually gives you more control as you now know when a
> >>> program
> >>> is about to do something that may affect the whole system. This is the
> >>> price
> >>> of security.
> >>>
> >>> --
> >>> Kerry Brown
> >>> Microsoft MVP - Shell/User
> >>> http://www.vistahelp.ca
> >>>
> >>>
> >>> "alex" <> wrote in message
> >>> news:CC64E5E0-3D62-4752-A16B-...
> >>> > Never mind. I found the UAC options.
> >>> >
> >>> > "alex" wrote:
> >>> >
> >>> >> How may I disable all the prompts that appear whenever I try to do
> >>> >> something
> >>> >> like uninstall a program or delete a file or directory?
> >>> >>
> >>> >> Vista Premium
> >>> >>
> >>> >> Thanks,
> >>> >> Alex
> >>>
> >>>
> >

JD

Open up Help and Support.. type UAC in the search box.. the second entry
deals with turning UAC on and off..

People ask for more security, and they get it.. UAC was set as default in
the hope that users stop automatically using administrator rights which can
leave the system wide open to security breaches..

Note from the above how easy it is to turn UAC off if required.. no fuss, no
panic.. am I supporter of UAC? well, to be truthful, I sit on the fence re
UAC.. do I use UAC on my own system? when hell freezes over, I may start to
use it..


"JD Wohlever" <techware-> wrote in message
news:19079D31-44E2-4DBD-BAEF-...
>I hate to say so MS, but your average joe, the person you are making UAC
>for, is going
> to do exactly what they are doing, that is turning UAC off.
> Example, my mother is your basic Internet User. She just graduated from
> AOL to
> a normal broadband connection after me telling her for years how much
> better broadband would be for her. She bought a PC that had Vista Home
> Premium on it.
> Suddenly dial-up became a major pain in the butt because Vista is geared
> more toward a constant net connection. No problem there, I agree.
> However, 2 days later she calls me up and asks me to put Windows XP back
> on her computer.
> When I ask her why, the response " I'm sick of the computer asking me
> questions every 5 seconds. It didn't do it before. I have an anti-virus, a
> firewall, and a anti-spyware program running. Why do I have to OK every
> single thing I do?"
> I tried explaining the benefits, but she would hear none of it. She has
> been told by the Norton's and the AdAware's of the world that as long as
> she runs their programs and practices safe netting that she is ok. So it
> was either turn UAC off or install Windows XP for her, she was that
> serious.
> And to be honest, I understand how she feels. In 5 years she has never had
> a virus, has only had very light malware (Which SpyBot SD quickly
> removed), and has nothing of hi-value on her PC for a hacker to have much
> interest in other than family photo's of the dog etc.
> My point being is that the average user who buys Windows HOME versions are
> not going to WANT this elevated security, and as soon as they find a way
> to remove it, they will.
> MS should have made UAC a Business / Enterprise feature and left the
> standard user and admin feature set of XP for the Home licenses of Vista.
> I build PC's for a living so I know the problems that John Q Public can
> make for their selves on a PC on the net with no protection. But simple
> education and running the big 3 (Anti-virus, Anti-spyware and Firewalls)
> should be more than enough to protect them. Now if they are stupid enough
> to store all their financial information or work related trade secrets and
> not have the "the big 3" then they certainly aren't going to tolerate UAC.
>
>
>
> --
> Thank you,
> JD Wohlever
>
> Techware Grafx
> techware(dash)grafx(at)hotmail(dot)com
>
> "Kerry Brown" <*a*m> wrote in message
> news:...
>> There is some pain associated with UAC. Jimmy Brush's post explains it
>> very well. I'll add a bit of history as to how we got to UAC and why it's
>> needed.
>>
>> There were two families of Windows, NT based (Windows NT) and DOS based
>> (Windows 95). NT was mostly used in business networks and had excellent
>> security. Everyone ran as a standard user and only used administrator
>> accounts for things like installing programs, maintenance etc. Win95
>> really had no security as it was based on DOS and all users had total
>> control of the system at all times. Windows 95 became very popular and
>> many programs were written for it. Microsoft published guidelines on how
>> to program using established APIs and recommended programmers use this
>> method. Because the hardware at the time was limited, programming through
>> the documented APIs made for slow programs. Most programmers including
>> those at Microsoft, ignored the APIs and basically did what they had to
>> to get their programs running at the speed end users expected. This is
>> where most current programmers got their start and learned their habits.
>> As time progressed the DOS based versions of Windows were abandoned and
>> the NT and DOS world merged in XP which is NT based. All the end users
>> and programmers from the DOS world didn't change their ways. End users
>> ran as administrators all the time and programmers bypassed the APIs and
>> expected the users to be running as administrators. Around this time the
>> Internet exploded. Malware became a major problem exacerbated by the way
>> programmers and end users were using Windows. There was no way to secure
>> XP given this situation. Microsoft decided to write a new more secure OS.
>> There is a lot of changes under the hood but in the end the best security
>> is to enforce programmers to use the APIs and not have end users running
>> as administrators. Unfortunately this would break almost all existing
>> software. Thus we have UAC. It allows most old programs to do what they
>> do and tricks them into thinking it worked. It also allows users to run
>> as an administrator but gives them a warning when those administrator
>> privileges are going to be used.
>>
>> --
>> Kerry Brown
>> Microsoft MVP - Shell/User
>> http://www.vistahelp.ca
>>
>>
>> "alex" <> wrote in message
>> news:8F96CCFA-A18E-44F7-A41C-...
>>>
>>> Hi Kerry,
>>>
>>> Here's the problem with Vistas security as I see it.
>>>
>>> I am a long time Windows user with, at best, an intermediate knowledge
>>> of
>>> how programs work and how they're supposed to work with computers.
>>>
>>> Whenever Windows prompts me for confirmation regarding a security issue,
>>> to
>>> be honest, at times, I haven't the slightest clue whether I should allow
>>> or
>>> cancel something.
>>>
>>> Other than the most obvious "A program is trying to destroy your
>>> hard-drive
>>> and clean out your bank account" message, I'm likely going to let the
>>> program
>>> do what it wants to do.
>>>
>>> I minimize my exposure to to malware by not downloading software or
>>> opening
>>> e-mail attachments with which I'm not familiar. But sometimes I visit
>>> CNN.com or MSN or something as seemingly benign and I'm told that an
>>> update
>>> has to be performed and I'm asked if I trust the source.
>>>
>>> No, I don't trust the source. But if I'm going want to visit those
>>> sites I
>>> have to allow changes to be made.
>>>
>>> The UAC just annoys me and actually puts me in the habit of just
>>> clicking
>>> "continue" without reading what the window says.
>>>
>>> Ehhh. Personal preference I guess.
>>>
>>> BTW: This reminds me of how Microsoft didn't give the user the ability
>>> to
>>> download attachments in Outlook in Office XP (I think it was XP). What
>>> a
>>> pain-in-the-a@@ that was.
>>>
>>>
>>> "Kerry Brown" wrote:
>>>
>>>> Disabling UAC disables much of the improved security in Vista. Once you
>>>> have
>>>> your computer set up as you want it, it is recommended to turn UAC back
>>>> on.
>>>> You can do everything you always did with UAC on you just have to do it
>>>> in a
>>>> new way. UAC actually gives you more control as you now know when a
>>>> program
>>>> is about to do something that may affect the whole system. This is the
>>>> price
>>>> of security.
>>>>
>>>> --
>>>> Kerry Brown
>>>> Microsoft MVP - Shell/User
>>>> http://www.vistahelp.ca
>>>>
>>>>
>>>> "alex" <> wrote in message
>>>> news:CC64E5E0-3D62-4752-A16B-...
>>>> > Never mind. I found the UAC options.
>>>> >
>>>> > "alex" wrote:
>>>> >
>>>> >> How may I disable all the prompts that appear whenever I try to do
>>>> >> something
>>>> >> like uninstall a program or delete a file or directory?
>>>> >>
>>>> >> Vista Premium
>>>> >>
>>>> >> Thanks,
>>>> >> Alex
>>>>
>>>>
>>

--


Mike Hall
MS MVP Windows Shell/User
http://msmvps.com/blogs/mikehall/

You build computers for a living but your MIL bought a PC with Vista on it -
and didn't ask you for advice first?



"JD Wohlever" <techware-> wrote in message
news:19079D31-44E2-4DBD-BAEF-...
>I hate to say so MS, but your average joe, the person you are making UAC
>for, is going
> to do exactly what they are doing, that is turning UAC off.
> Example, my mother is your basic Internet User. She just graduated from
> AOL to
> a normal broadband connection after me telling her for years how much
> better broadband would be for her. She bought a PC that had Vista Home
> Premium on it.
> Suddenly dial-up became a major pain in the butt because Vista is geared
> more toward a constant net connection. No problem there, I agree.
> However, 2 days later she calls me up and asks me to put Windows XP back
> on her computer.
> When I ask her why, the response " I'm sick of the computer asking me
> questions every 5 seconds. It didn't do it before. I have an anti-virus, a
> firewall, and a anti-spyware program running. Why do I have to OK every
> single thing I do?"
> I tried explaining the benefits, but she would hear none of it. She has
> been told by the Norton's and the AdAware's of the world that as long as
> she runs their programs and practices safe netting that she is ok. So it
> was either turn UAC off or install Windows XP for her, she was that
> serious.
> And to be honest, I understand how she feels. In 5 years she has never had
> a virus, has only had very light malware (Which SpyBot SD quickly
> removed), and has nothing of hi-value on her PC for a hacker to have much
> interest in other than family photo's of the dog etc.
> My point being is that the average user who buys Windows HOME versions are
> not going to WANT this elevated security, and as soon as they find a way
> to remove it, they will.
> MS should have made UAC a Business / Enterprise feature and left the
> standard user and admin feature set of XP for the Home licenses of Vista.
> I build PC's for a living so I know the problems that John Q Public can
> make for their selves on a PC on the net with no protection. But simple
> education and running the big 3 (Anti-virus, Anti-spyware and Firewalls)
> should be more than enough to protect them. Now if they are stupid enough
> to store all their financial information or work related trade secrets and
> not have the "the big 3" then they certainly aren't going to tolerate UAC.
>
>
>
> --
> Thank you,
> JD Wohlever
>
> Techware Grafx
> techware(dash)grafx(at)hotmail(dot)com
>
> "Kerry Brown" <*a*m> wrote in message
> news:...
>> There is some pain associated with UAC. Jimmy Brush's post explains it
>> very well. I'll add a bit of history as to how we got to UAC and why it's
>> needed.
>>
>> There were two families of Windows, NT based (Windows NT) and DOS based
>> (Windows 95). NT was mostly used in business networks and had excellent
>> security. Everyone ran as a standard user and only used administrator
>> accounts for things like installing programs, maintenance etc. Win95
>> really had no security as it was based on DOS and all users had total
>> control of the system at all times. Windows 95 became very popular and
>> many programs were written for it. Microsoft published guidelines on how
>> to program using established APIs and recommended programmers use this
>> method. Because the hardware at the time was limited, programming through
>> the documented APIs made for slow programs. Most programmers including
>> those at Microsoft, ignored the APIs and basically did what they had to
>> to get their programs running at the speed end users expected. This is
>> where most current programmers got their start and learned their habits.
>> As time progressed the DOS based versions of Windows were abandoned and
>> the NT and DOS world merged in XP which is NT based. All the end users
>> and programmers from the DOS world didn't change their ways. End users
>> ran as administrators all the time and programmers bypassed the APIs and
>> expected the users to be running as administrators. Around this time the
>> Internet exploded. Malware became a major problem exacerbated by the way
>> programmers and end users were using Windows. There was no way to secure
>> XP given this situation. Microsoft decided to write a new more secure OS.
>> There is a lot of changes under the hood but in the end the best security
>> is to enforce programmers to use the APIs and not have end users running
>> as administrators. Unfortunately this would break almost all existing
>> software. Thus we have UAC. It allows most old programs to do what they
>> do and tricks them into thinking it worked. It also allows users to run
>> as an administrator but gives them a warning when those administrator
>> privileges are going to be used.
>>
>> --
>> Kerry Brown
>> Microsoft MVP - Shell/User
>> http://www.vistahelp.ca
>>
>>
>> "alex" <> wrote in message
>> news:8F96CCFA-A18E-44F7-A41C-...
>>>
>>> Hi Kerry,
>>>
>>> Here's the problem with Vistas security as I see it.
>>>
>>> I am a long time Windows user with, at best, an intermediate knowledge
>>> of
>>> how programs work and how they're supposed to work with computers.
>>>
>>> Whenever Windows prompts me for confirmation regarding a security issue,
>>> to
>>> be honest, at times, I haven't the slightest clue whether I should allow
>>> or
>>> cancel something.
>>>
>>> Other than the most obvious "A program is trying to destroy your
>>> hard-drive
>>> and clean out your bank account" message, I'm likely going to let the
>>> program
>>> do what it wants to do.
>>>
>>> I minimize my exposure to to malware by not downloading software or
>>> opening
>>> e-mail attachments with which I'm not familiar. But sometimes I visit
>>> CNN.com or MSN or something as seemingly benign and I'm told that an
>>> update
>>> has to be performed and I'm asked if I trust the source.
>>>
>>> No, I don't trust the source. But if I'm going want to visit those
>>> sites I
>>> have to allow changes to be made.
>>>
>>> The UAC just annoys me and actually puts me in the habit of just
>>> clicking
>>> "continue" without reading what the window says.
>>>
>>> Ehhh. Personal preference I guess.
>>>
>>> BTW: This reminds me of how Microsoft didn't give the user the ability
>>> to
>>> download attachments in Outlook in Office XP (I think it was XP). What
>>> a
>>> pain-in-the-a@@ that was.
>>>
>>>
>>> "Kerry Brown" wrote:
>>>
>>>> Disabling UAC disables much of the improved security in Vista. Once you
>>>> have
>>>> your computer set up as you want it, it is recommended to turn UAC back
>>>> on.
>>>> You can do everything you always did with UAC on you just have to do it
>>>> in a
>>>> new way. UAC actually gives you more control as you now know when a
>>>> program
>>>> is about to do something that may affect the whole system. This is the
>>>> price
>>>> of security.
>>>>
>>>> --
>>>> Kerry Brown
>>>> Microsoft MVP - Shell/User
>>>> http://www.vistahelp.ca
>>>>
>>>>
>>>> "alex" <> wrote in message
>>>> news:CC64E5E0-3D62-4752-A16B-...
>>>> > Never mind. I found the UAC options.
>>>> >
>>>> > "alex" wrote:
>>>> >
>>>> >> How may I disable all the prompts that appear whenever I try to do
>>>> >> something
>>>> >> like uninstall a program or delete a file or directory?
>>>> >>
>>>> >> Vista Premium
>>>> >>
>>>> >> Thanks,
>>>> >> Alex
>>>>
>>>>
>>

I do have to agree that UAC can be a pain in the butt. But, it was
designed as a security feature, which Microsoft has been trying to push
a lot lately. To me, security should be strong, yet as transparent to
the end user as possible. UAC kind of goes against that.

Do I have it turned off? Yes. I also run a Smoothwall firewall with
several good modules on the firewall as well as Windows Firewall.
Security is a main concern with me (although I have nothing to secure,
document wise!), as I have fixed many machines that were going "slow",
but were infected with so much spyware, and has "mysterious" SMTP
services running. UAC keeps rogue apps from running and hiding a program
that would comprimise a machine. If it can't run, it can't cause damage.

UAC should have had more of an instruction sheet with it (or at least on
the Welcome Screen!) for the home user. To them, it's permanent and a
pain in the ass, making them not want Windows Vista.

--
Dustin Harper

http://www.vistarip.com

JD Wohlever wrote:
> I hate to say so MS, but your average joe, the person you are making UAC
> for, is going
> to do exactly what they are doing, that is turning UAC off.
> Example, my mother is your basic Internet User. She just graduated from
> AOL to
> a normal broadband connection after me telling her for years how much
> better broadband would be for her. She bought a PC that had Vista Home
> Premium on it.
> Suddenly dial-up became a major pain in the butt because Vista is geared
> more toward a constant net connection. No problem there, I agree.
> However, 2 days later she calls me up and asks me to put Windows XP back
> on her computer.
> When I ask her why, the response " I'm sick of the computer asking me
> questions every 5 seconds. It didn't do it before. I have an anti-virus,
> a firewall, and a anti-spyware program running. Why do I have to OK
> every single thing I do?"
> I tried explaining the benefits, but she would hear none of it. She has
> been told by the Norton's and the AdAware's of the world that as long as
> she runs their programs and practices safe netting that she is ok. So it
> was either turn UAC off or install Windows XP for her, she was that
> serious.
> And to be honest, I understand how she feels. In 5 years she has never
> had a virus, has only had very light malware (Which SpyBot SD quickly
> removed), and has nothing of hi-value on her PC for a hacker to have
> much interest in other than family photo's of the dog etc.
> My point being is that the average user who buys Windows HOME versions
> are not going to WANT this elevated security, and as soon as they find a
> way to remove it, they will.
> MS should have made UAC a Business / Enterprise feature and left the
> standard user and admin feature set of XP for the Home licenses of Vista.
> I build PC's for a living so I know the problems that John Q Public can
> make for their selves on a PC on the net with no protection. But simple
> education and running the big 3 (Anti-virus, Anti-spyware and Firewalls)
> should be more than enough to protect them. Now if they are stupid
> enough to store all their financial information or work related trade
> secrets and not have the "the big 3" then they certainly aren't going to
> tolerate UAC.
>
>
>


--

Businesses generally have their users locked down anyway.

UAC is very much for home users.

Using user privileges in a far superior way to manage security than relying
on anti-malware applications and compliments it extremely well.

It sounds like in this case using a password on UAC would be better, then
perhaps the end user would take it more seriously.

--
Paul Smith,
Yeovil, UK.
Microsoft MVP Windows Shell/User.
http://www.windowsresource.net/

*Remove nospam. to reply by e-mail*


"JD Wohlever" <techware-> wrote in message
news:19079D31-44E2-4DBD-BAEF-...
>I hate to say so MS, but your average joe, the person you are making UAC
>for, is going
> to do exactly what they are doing, that is turning UAC off.
> Example, my mother is your basic Internet User. She just graduated from
> AOL to
> a normal broadband connection after me telling her for years how much
> better broadband would be for her. She bought a PC that had Vista Home
> Premium on it.
> Suddenly dial-up became a major pain in the butt because Vista is geared
> more toward a constant net connection. No problem there, I agree.
> However, 2 days later she calls me up and asks me to put Windows XP back
> on her computer.
> When I ask her why, the response " I'm sick of the computer asking me
> questions every 5 seconds. It didn't do it before. I have an anti-virus, a
> firewall, and a anti-spyware program running. Why do I have to OK every
> single thing I do?"
> I tried explaining the benefits, but she would hear none of it. She has
> been told by the Norton's and the AdAware's of the world that as long as
> she runs their programs and practices safe netting that she is ok. So it
> was either turn UAC off or install Windows XP for her, she was that
> serious.
> And to be honest, I understand how she feels. In 5 years she has never had
> a virus, has only had very light malware (Which SpyBot SD quickly
> removed), and has nothing of hi-value on her PC for a hacker to have much
> interest in other than family photo's of the dog etc.
> My point being is that the average user who buys Windows HOME versions are
> not going to WANT this elevated security, and as soon as they find a way
> to remove it, they will.
> MS should have made UAC a Business / Enterprise feature and left the
> standard user and admin feature set of XP for the Home licenses of Vista.
> I build PC's for a living so I know the problems that John Q Public can
> make for their selves on a PC on the net with no protection. But simple
> education and running the big 3 (Anti-virus, Anti-spyware and Firewalls)
> should be more than enough to protect them. Now if they are stupid enough
> to store all their financial information or work related trade secrets and
> not have the "the big 3" then they certainly aren't going to tolerate UAC.

Richard

It is easier to buy, try, fail and rant than ever it is to ask for advice or
help before making what turns out to be an ill-informed decision..

Imagine if all of these folk were presented with a computer that is entirely
controlled by typing in stuff at a command prompt.. I don't know about you,
but I would turn in my MVP badge and take up professional strawberry picking
or similar..


"Richard Urban" <> wrote in message
news:...
> You build computers for a living but your MIL bought a PC with Vista on
> it - and didn't ask you for advice first?
>
>
>
> "JD Wohlever" <techware-> wrote in message
> news:19079D31-44E2-4DBD-BAEF-...
>>I hate to say so MS, but your average joe, the person you are making UAC
>>for, is going
>> to do exactly what they are doing, that is turning UAC off.
>> Example, my mother is your basic Internet User. She just graduated from
>> AOL to
>> a normal broadband connection after me telling her for years how much
>> better broadband would be for her. She bought a PC that had Vista Home
>> Premium on it.
>> Suddenly dial-up became a major pain in the butt because Vista is geared
>> more toward a constant net connection. No problem there, I agree.
>> However, 2 days later she calls me up and asks me to put Windows XP back
>> on her computer.
>> When I ask her why, the response " I'm sick of the computer asking me
>> questions every 5 seconds. It didn't do it before. I have an anti-virus,
>> a firewall, and a anti-spyware program running. Why do I have to OK every
>> single thing I do?"
>> I tried explaining the benefits, but she would hear none of it. She has
>> been told by the Norton's and the AdAware's of the world that as long as
>> she runs their programs and practices safe netting that she is ok. So it
>> was either turn UAC off or install Windows XP for her, she was that
>> serious.
>> And to be honest, I understand how she feels. In 5 years she has never
>> had a virus, has only had very light malware (Which SpyBot SD quickly
>> removed), and has nothing of hi-value on her PC for a hacker to have much
>> interest in other than family photo's of the dog etc.
>> My point being is that the average user who buys Windows HOME versions
>> are not going to WANT this elevated security, and as soon as they find a
>> way to remove it, they will.
>> MS should have made UAC a Business / Enterprise feature and left the
>> standard user and admin feature set of XP for the Home licenses of Vista.
>> I build PC's for a living so I know the problems that John Q Public can
>> make for their selves on a PC on the net with no protection. But simple
>> education and running the big 3 (Anti-virus, Anti-spyware and Firewalls)
>> should be more than enough to protect them. Now if they are stupid enough
>> to store all their financial information or work related trade secrets
>> and not have the "the big 3" then they certainly aren't going to tolerate
>> UAC.
>>
>>
>>
>> --
>> Thank you,
>> JD Wohlever
>>
>> Techware Grafx
>> techware(dash)grafx(at)hotmail(dot)com
>>
>> "Kerry Brown" <*a*m> wrote in message
>> news:...
>>> There is some pain associated with UAC. Jimmy Brush's post explains it
>>> very well. I'll add a bit of history as to how we got to UAC and why
>>> it's needed.
>>>
>>> There were two families of Windows, NT based (Windows NT) and DOS based
>>> (Windows 95). NT was mostly used in business networks and had excellent
>>> security. Everyone ran as a standard user and only used administrator
>>> accounts for things like installing programs, maintenance etc. Win95
>>> really had no security as it was based on DOS and all users had total
>>> control of the system at all times. Windows 95 became very popular and
>>> many programs were written for it. Microsoft published guidelines on how
>>> to program using established APIs and recommended programmers use this
>>> method. Because the hardware at the time was limited, programming
>>> through the documented APIs made for slow programs. Most programmers
>>> including those at Microsoft, ignored the APIs and basically did what
>>> they had to to get their programs running at the speed end users
>>> expected. This is where most current programmers got their start and
>>> learned their habits. As time progressed the DOS based versions of
>>> Windows were abandoned and the NT and DOS world merged in XP which is NT
>>> based. All the end users and programmers from the DOS world didn't
>>> change their ways. End users ran as administrators all the time and
>>> programmers bypassed the APIs and expected the users to be running as
>>> administrators. Around this time the Internet exploded. Malware became a
>>> major problem exacerbated by the way programmers and end users were
>>> using Windows. There was no way to secure XP given this situation.
>>> Microsoft decided to write a new more secure OS. There is a lot of
>>> changes under the hood but in the end the best security is to enforce
>>> programmers to use the APIs and not have end users running as
>>> administrators. Unfortunately this would break almost all existing
>>> software. Thus we have UAC. It allows most old programs to do what they
>>> do and tricks them into thinking it worked. It also allows users to run
>>> as an administrator but gives them a warning when those administrator
>>> privileges are going to be used.
>>>
>>> --
>>> Kerry Brown
>>> Microsoft MVP - Shell/User
>>> http://www.vistahelp.ca
>>>
>>>
>>> "alex" <> wrote in message
>>> news:8F96CCFA-A18E-44F7-A41C-...
>>>>
>>>> Hi Kerry,
>>>>
>>>> Here's the problem with Vistas security as I see it.
>>>>
>>>> I am a long time Windows user with, at best, an intermediate knowledge
>>>> of
>>>> how programs work and how they're supposed to work with computers.
>>>>
>>>> Whenever Windows prompts me for confirmation regarding a security
>>>> issue, to
>>>> be honest, at times, I haven't the slightest clue whether I should
>>>> allow or
>>>> cancel something.
>>>>
>>>> Other than the most obvious "A program is trying to destroy your
>>>> hard-drive
>>>> and clean out your bank account" message, I'm likely going to let the
>>>> program
>>>> do what it wants to do.
>>>>
>>>> I minimize my exposure to to malware by not downloading software or
>>>> opening
>>>> e-mail attachments with which I'm not familiar. But sometimes I visit
>>>> CNN.com or MSN or something as seemingly benign and I'm told that an
>>>> update
>>>> has to be performed and I'm asked if I trust the source.
>>>>
>>>> No, I don't trust the source. But if I'm going want to visit those
>>>> sites I
>>>> have to allow changes to be made.
>>>>
>>>> The UAC just annoys me and actually puts me in the habit of just
>>>> clicking
>>>> "continue" without reading what the window says.
>>>>
>>>> Ehhh. Personal preference I guess.
>>>>
>>>> BTW: This reminds me of how Microsoft didn't give the user the ability
>>>> to
>>>> download attachments in Outlook in Office XP (I think it was XP). What
>>>> a
>>>> pain-in-the-a@@ that was.
>>>>
>>>>
>>>> "Kerry Brown" wrote:
>>>>
>>>>> Disabling UAC disables much of the improved security in Vista. Once
>>>>> you have
>>>>> your computer set up as you want it, it is recommended to turn UAC
>>>>> back on.
>>>>> You can do everything you always did with UAC on you just have to do
>>>>> it in a
>>>>> new way. UAC actually gives you more control as you now know when a
>>>>> program
>>>>> is about to do something that may affect the whole system. This is the
>>>>> price
>>>>> of security.
>>>>>
>>>>> --
>>>>> Kerry Brown
>>>>> Microsoft MVP - Shell/User
>>>>> http://www.vistahelp.ca
>>>>>
>>>>>
>>>>> "alex" <> wrote in message
>>>>> news:CC64E5E0-3D62-4752-A16B-...
>>>>> > Never mind. I found the UAC options.
>>>>> >
>>>>> > "alex" wrote:
>>>>> >
>>>>> >> How may I disable all the prompts that appear whenever I try to do
>>>>> >> something
>>>>> >> like uninstall a program or delete a file or directory?
>>>>> >>
>>>>> >> Vista Premium
>>>>> >>
>>>>> >> Thanks,
>>>>> >> Alex
>>>>>
>>>>>
>>>
>

--


Mike Hall
MS MVP Windows Shell/User
http://msmvps.com/blogs/mikehall/

"Paul Smith" wrote:
> Businesses generally have their users locked down anyway.
> > UAC is very much for home users.
> Using user privileges in a far superior way to manage security than relying
> on anti-malware applications and compliments it extremely well.<<<

------- How?
> It sounds like in this case using a password on UAC would be better, then
> perhaps the end user would take it more seriously.
> Paul Smith,
> Yeovil, UK.
> Microsoft MVP Windows Shell/User.

------------------- If we are not asking for more security, have not had
any problems for years with XP and we are the only person using our computer,
then what harm is there stopping those annoying popups? (ps: I'm assuming I
know what UAC means and still hoping someone will answer my non-exe, everyday
Joe questions when I replied to JD's post)
thank you, ceece

>
> "JD Wohlever" <techware-> wrote in message
> news:19079D31-44E2-4DBD-BAEF-...
> >I hate to say so MS, but your average joe, the person you are making UAC
> >for, is going
> > to do exactly what they are doing, that is turning UAC off.
> > Example, my mother is your basic Internet User. She just graduated from
> > AOL to
> > a normal broadband connection after me telling her for years how much
> > better broadband would be for her. She bought a PC that had Vista Home
> > Premium on it.
> > Suddenly dial-up became a major pain in the butt because Vista is geared
> > more toward a constant net connection. No problem there, I agree.
> > However, 2 days later she calls me up and asks me to put Windows XP back
> > on her computer.
> > When I ask her why, the response " I'm sick of the computer asking me
> > questions every 5 seconds. It didn't do it before. I have an anti-virus, a
> > firewall, and a anti-spyware program running. Why do I have to OK every
> > single thing I do?"
> > I tried explaining the benefits, but she would hear none of it. She has
> > been told by the Norton's and the AdAware's of the world that as long as
> > she runs their programs and practices safe netting that she is ok. So it
> > was either turn UAC off or install Windows XP for her, she was that
> > serious.
> > And to be honest, I understand how she feels. In 5 years she has never had
> > a virus, has only had very light malware (Which SpyBot SD quickly
> > removed), and has nothing of hi-value on her PC for a hacker to have much
> > interest in other than family photo's of the dog etc.
> > My point being is that the average user who buys Windows HOME versions are
> > not going to WANT this elevated security, and as soon as they find a way
> > to remove it, they will.
> > MS should have made UAC a Business / Enterprise feature and left the
> > standard user and admin feature set of XP for the Home licenses of Vista.
> > I build PC's for a living so I know the problems that John Q Public can
> > make for their selves on a PC on the net with no protection. But simple
> > education and running the big 3 (Anti-virus, Anti-spyware and Firewalls)
> > should be more than enough to protect them. Now if they are stupid enough
> > to store all their financial information or work related trade secrets and
> > not have the "the big 3" then they certainly aren't going to tolerate UAC.
>

"ceece" <> wrote in message
news:A8BA54B2-F588-4CA7-8FEC-...
> ------- How?

Malware can't take down the system if its not running with administrative
rights.

> ------------------- If we are not asking for more security, have not had
> any problems for years with XP and we are the only person using our
> computer,
> then what harm is there stopping those annoying popups? (ps: I'm assuming
> I
> know what UAC means and still hoping someone will answer my non-exe,
> everyday
> Joe questions when I replied to JD's post)
> thank you, ceece

The harm is with UAC off an admin account's applications will be running
with full privileges to the system.

Let's take a game, Battlefield 2 for example, if that game had a
vulnerability with UAC on it wouldn't be able to take out the system. With
UAC off, it would.

Windows Mail, if that had a vulnerability with UAC on it wouldn't be able to
take out the system, with UAC off it would because it would be running with
full privileges to the box.

UAC is much more than just an annoying thing that comes up saying if you
want to give something administrative rights.

Which is why UAC prompts should be turned off (that way the system just
continues everything for you) but never UAC itself via msconfig or similar.

But then well, I recommended security conscious people to run as limited
users on Windows XP, 2000 and so on. The plus side now with Windows Vista
they've got UI to be able to elevate when they need to, they don't need to
go out and click Run as account all the time after an application has failed
because its doing something it shouldn't be.

--
Paul Smith,
Yeovil, UK.
Microsoft MVP Windows Shell/User.
http://www.windowsresource.net/

*Remove nospam. to reply by e-mail*