Prompts, prompts, and more prompts...jeez

Discussion in 'Windows Vista Administration' started by alex, Feb 1, 2007.

  1. alex

    alex Guest

    How may I disable all the prompts that appear whenever I try to do something
    like uninstall a program or delete a file or directory?

    Vista Premium

    Thanks,
    Alex
     
    alex, Feb 1, 2007
    #1
    1. Advertisements

  2. alex

    alex Guest

    Never mind. I found the UAC options.
     
    alex, Feb 1, 2007
    #2
    1. Advertisements

  3. alex

    Kerry Brown Guest

    Disabling UAC disables much of the improved security in Vista. Once you have
    your computer set up as you want it, it is recommended to turn UAC back on.
    You can do everything you always did with UAC on you just have to do it in a
    new way. UAC actually gives you more control as you now know when a program
    is about to do something that may affect the whole system. This is the price
    of security.
     
    Kerry Brown, Feb 1, 2007
    #3
  4. alex

    unvista Guest

    Argh, stop right there. This myth has really started to bug me. As far as I
    can tell the so called "improved security in Vista" is an OK button you have
    to press every few seconds. Microsoft doesn't seem to know what improved
    security means. Trust me, more people are going to either disable UAC in
    Vista, or they are simply going to get so numb pressing the OK button that
    they don't even read what it is about when it happens. Seriously, I can
    already see the poor users:

    "The game you are installing is trying to make a new folder: " OK

    "The new Virus checker is attempting to read some files" OK

    "You are attempting to delete an Icon on the desktop that you don't need" OK

    "Microsoft wants to rummage through your bank accounts for more money" OK

    It's like Microsoft studied what other major Operating Systems do about
    account management, and realized there was a more annoying way to implement
    it.

    The only reason the Microsoft guru's accept this abortion called UAC is that
    they haven't experienced how it is done right elsewhere. Seriously, spend an
    hour doing heavy duty administrative tasks on most Linux distros, or OS X and
    you will appreciate how much Microsoft screwed this feature up.

    Don't trust your system security to an OK button. Think before you install
    software. Know what you are downloading. Don't open anything that you aren't
    100% sure of. If you get something from someone you trust, contact them to
    make sure they really sent it.

    A well educated human brain is many times more powerful as a security screen
    than any OK button, no matter how pretty Microsoft makes it.

    If you have purchased Vista because of this "improved security" feature. You
    got taken by Microsoft.
     
    unvista, Feb 1, 2007
    #4
  5. alex

    Kerry Brown Guest

    I have managed Novell, Unix, Xenix, Linux, and Windows servers in production
    environments. I know how the security works in all the various OS'. UAC
    works and secures Windows very well. If anything it's a little too easy to
    turn off. Given the way Windows works UAC is a very good compromise between
    compatibility with old apps and security.
     
    Kerry Brown, Feb 1, 2007
    #5
  6. alex

    unvista Guest

    This much I can agree with you on. But I'm not seeing any compelling reasons
    to spend hundreds of dollars for compromises. I'd be more than happy for
    Microsoft to wait another one, two or even five years to release Vista, if
    they would do it right.
     
    unvista, Feb 1, 2007
    #6
  7. alex

    alex Guest

    Hi Kerry,

    Here's the problem with Vistas security as I see it.

    I am a long time Windows user with, at best, an intermediate knowledge of
    how programs work and how they're supposed to work with computers.

    Whenever Windows prompts me for confirmation regarding a security issue, to
    be honest, at times, I haven't the slightest clue whether I should allow or
    cancel something.

    Other than the most obvious "A program is trying to destroy your hard-drive
    and clean out your bank account" message, I'm likely going to let the program
    do what it wants to do.

    I minimize my exposure to to malware by not downloading software or opening
    e-mail attachments with which I'm not familiar. But sometimes I visit
    CNN.com or MSN or something as seemingly benign and I'm told that an update
    has to be performed and I'm asked if I trust the source.

    No, I don't trust the source. But if I'm going want to visit those sites I
    have to allow changes to be made.

    The UAC just annoys me and actually puts me in the habit of just clicking
    "continue" without reading what the window says.

    Ehhh. Personal preference I guess.

    BTW: This reminds me of how Microsoft didn't give the user the ability to
    download attachments in Outlook in Office XP (I think it was XP). What a
    pain-in-the-a@@ that was.
     
    alex, Feb 2, 2007
    #7
  8. alex

    Jimmy Brush Guest

    Personally, I think this class of user is going to be the most
    confused/frustrated with UAC; I think beginners and experts will be the ones
    that have a better time with it.

    UAC's job is to confirm that you initiated some action that should require
    complete control over your computer.

    You don't need to know anything technical about what's going on; you just
    need to know that the thing you just tried to do is wanting complete control
    over your computer, and if you aren't ok with that or you didn't try to do
    anything a prompt just appeared out of nowhere, then you know you should
    stop it.

    You also should know that the ONLY WAY a program can get complete control
    (admin power) over your computer is by showing that prompt.

    As long as you understand these concepts, the security in UAC is working
    flawlessly :).

    It's your computer, after all. UAC acknowledges this by putting the power
    over it in your hands. If you want to allow MSNBC to install something on
    your computer but not <insert here>.com, cool beans - that's not a flaw in
    UAC, that's how it works.

    The reason Windows has to ask this via a UAC prompt is because right now
    that is the only way the OS can know for sure that you are intending to let
    a program have full control over your computer.

    Hopefully this will become less obtrusive as time goes on :).

    --
    - JB
    Microsoft MVP - Windows Shell/User

    Windows Vista Support Faq
    http://www.jimmah.com/vista/
     
    Jimmy Brush, Feb 2, 2007
    #8
  9. alex

    Kerry Brown Guest

    There is some pain associated with UAC. Jimmy Brush's post explains it very
    well. I'll add a bit of history as to how we got to UAC and why it's needed.

    There were two families of Windows, NT based (Windows NT) and DOS based
    (Windows 95). NT was mostly used in business networks and had excellent
    security. Everyone ran as a standard user and only used administrator
    accounts for things like installing programs, maintenance etc. Win95 really
    had no security as it was based on DOS and all users had total control of
    the system at all times. Windows 95 became very popular and many programs
    were written for it. Microsoft published guidelines on how to program using
    established APIs and recommended programmers use this method. Because the
    hardware at the time was limited, programming through the documented APIs
    made for slow programs. Most programmers including those at Microsoft,
    ignored the APIs and basically did what they had to to get their programs
    running at the speed end users expected. This is where most current
    programmers got their start and learned their habits. As time progressed the
    DOS based versions of Windows were abandoned and the NT and DOS world merged
    in XP which is NT based. All the end users and programmers from the DOS
    world didn't change their ways. End users ran as administrators all the time
    and programmers bypassed the APIs and expected the users to be running as
    administrators. Around this time the Internet exploded. Malware became a
    major problem exacerbated by the way programmers and end users were using
    Windows. There was no way to secure XP given this situation. Microsoft
    decided to write a new more secure OS. There is a lot of changes under the
    hood but in the end the best security is to enforce programmers to use the
    APIs and not have end users running as administrators. Unfortunately this
    would break almost all existing software. Thus we have UAC. It allows most
    old programs to do what they do and tricks them into thinking it worked. It
    also allows users to run as an administrator but gives them a warning when
    those administrator privileges are going to be used.
     
    Kerry Brown, Feb 2, 2007
    #9
  10. alex

    JD Wohlever Guest

    I hate to say so MS, but your average joe, the person you are making UAC
    for, is going
    to do exactly what they are doing, that is turning UAC off.
    Example, my mother is your basic Internet User. She just graduated from AOL
    to
    a normal broadband connection after me telling her for years how much better
    broadband would be for her. She bought a PC that had Vista Home Premium on
    it.
    Suddenly dial-up became a major pain in the butt because Vista is geared
    more toward a constant net connection. No problem there, I agree.
    However, 2 days later she calls me up and asks me to put Windows XP back on
    her computer.
    When I ask her why, the response " I'm sick of the computer asking me
    questions every 5 seconds. It didn't do it before. I have an anti-virus, a
    firewall, and a anti-spyware program running. Why do I have to OK every
    single thing I do?"
    I tried explaining the benefits, but she would hear none of it. She has been
    told by the Norton's and the AdAware's of the world that as long as she runs
    their programs and practices safe netting that she is ok. So it was either
    turn UAC off or install Windows XP for her, she was that serious.
    And to be honest, I understand how she feels. In 5 years she has never had a
    virus, has only had very light malware (Which SpyBot SD quickly removed),
    and has nothing of hi-value on her PC for a hacker to have much interest in
    other than family photo's of the dog etc.
    My point being is that the average user who buys Windows HOME versions are
    not going to WANT this elevated security, and as soon as they find a way to
    remove it, they will.
    MS should have made UAC a Business / Enterprise feature and left the
    standard user and admin feature set of XP for the Home licenses of Vista.
    I build PC's for a living so I know the problems that John Q Public can make
    for their selves on a PC on the net with no protection. But simple education
    and running the big 3 (Anti-virus, Anti-spyware and Firewalls) should be
    more than enough to protect them. Now if they are stupid enough to store all
    their financial information or work related trade secrets and not have the
    "the big 3" then they certainly aren't going to tolerate UAC.



    --
    Thank you,
    JD Wohlever

    Techware Grafx
    techware(dash)grafx(at)hotmail(dot)com
     
    JD Wohlever, Feb 24, 2007
    #10
  11. alex

    Chad Harris Guest

    Not a setup install issue.

    CH

     
    Chad Harris, Feb 24, 2007
    #11
  12. alex

    ceece Guest

    I like this thread as it explains very well, (thank you JD) my biggest
    complaint with this new Vista. I'm assuming UAC is user admin. control and it
    sounds like we can turn this annoying thing off totally! Yippee.... where can
    I find directions for doing that and maybe uninstalling it forever? And if
    so, does that mean our level of security will be only less the "improvements"
    and only that of my old XP? (thank GOD I still have and use that computer
    too) AVG and Spybot have served me well in over 10 years. That and a little
    common sense go a long ways.

    Also a simple drop/drag to create a shortcut on my desktop from the program
    files pops up two windows... are you sure you want to do this? Does anyone
    know how I can stop that popup too?

    I do like the "program compability feature"-- Except, when we are installing
    a program that is Not compatible and there's no solution---then what? Is it
    half installed, do I need to uninstall what was started?

    I had trouble finding the add/remove programs section and I notice it does
    NOT list everything. That is another big issue with me. It took quite awhile
    to remove all the ISP junk and advertising off this new computer and I don't
    even know that I did remove it all since MSN, AOL and that other junk were
    not listed in add/remove. Everything has been reorganized to the point that
    it is difficult and not easier. I am seriously considering the idea of
    removing Vista and replacing with Xp, since HP finally mailed me the restore
    disks from that class action suit.

    Sorry for so many questions. Thank you in advance for those of you that help
    answer my questions.

    ceece
     
    ceece, Feb 24, 2007
    #12
  13. JD

    Open up Help and Support.. type UAC in the search box.. the second entry
    deals with turning UAC on and off..

    People ask for more security, and they get it.. UAC was set as default in
    the hope that users stop automatically using administrator rights which can
    leave the system wide open to security breaches..

    Note from the above how easy it is to turn UAC off if required.. no fuss, no
    panic.. am I supporter of UAC? well, to be truthful, I sit on the fence re
    UAC.. do I use UAC on my own system? when hell freezes over, I may start to
    use it..


    --


    Mike Hall
    MS MVP Windows Shell/User
    http://msmvps.com/blogs/mikehall/
     
    Mike Hall - MS MVP Windows Shell/User, Feb 24, 2007
    #13
  14. You build computers for a living but your MIL bought a PC with Vista on it -
    and didn't ask you for advice first?
     
    Richard Urban, Feb 24, 2007
    #14
  15. I do have to agree that UAC can be a pain in the butt. But, it was
    designed as a security feature, which Microsoft has been trying to push
    a lot lately. To me, security should be strong, yet as transparent to
    the end user as possible. UAC kind of goes against that.

    Do I have it turned off? Yes. I also run a Smoothwall firewall with
    several good modules on the firewall as well as Windows Firewall.
    Security is a main concern with me (although I have nothing to secure,
    document wise!), as I have fixed many machines that were going "slow",
    but were infected with so much spyware, and has "mysterious" SMTP
    services running. UAC keeps rogue apps from running and hiding a program
    that would comprimise a machine. If it can't run, it can't cause damage.

    UAC should have had more of an instruction sheet with it (or at least on
    the Welcome Screen!) for the home user. To them, it's permanent and a
    pain in the ass, making them not want Windows Vista.

    --
    Dustin Harper

    http://www.vistarip.com


    --
     
    Dustin Harper, Feb 24, 2007
    #15
  16. alex

    Paul Smith Guest

    Businesses generally have their users locked down anyway.

    UAC is very much for home users.

    Using user privileges in a far superior way to manage security than relying
    on anti-malware applications and compliments it extremely well.

    It sounds like in this case using a password on UAC would be better, then
    perhaps the end user would take it more seriously.

    --
    Paul Smith,
    Yeovil, UK.
    Microsoft MVP Windows Shell/User.
    http://www.windowsresource.net/

    *Remove nospam. to reply by e-mail*
     
    Paul Smith, Feb 24, 2007
    #16
  17. Richard

    It is easier to buy, try, fail and rant than ever it is to ask for advice or
    help before making what turns out to be an ill-informed decision..

    Imagine if all of these folk were presented with a computer that is entirely
    controlled by typing in stuff at a command prompt.. I don't know about you,
    but I would turn in my MVP badge and take up professional strawberry picking
    or similar.. :)


    --


    Mike Hall
    MS MVP Windows Shell/User
    http://msmvps.com/blogs/mikehall/
     
    Mike Hall - MS MVP Windows Shell/User, Feb 24, 2007
    #17
  18. alex

    ceece Guest

    ------- How?
    ------------------- If we are not asking for more security, have not had
    any problems for years with XP and we are the only person using our computer,
    then what harm is there stopping those annoying popups? (ps: I'm assuming I
    know what UAC means and still hoping someone will answer my non-exe, everyday
    Joe questions when I replied to JD's post)
    thank you, ceece
     
    ceece, Feb 24, 2007
    #18
  19. alex

    Paul Smith Guest

    Malware can't take down the system if its not running with administrative
    rights.
    The harm is with UAC off an admin account's applications will be running
    with full privileges to the system.

    Let's take a game, Battlefield 2 for example, if that game had a
    vulnerability with UAC on it wouldn't be able to take out the system. With
    UAC off, it would.

    Windows Mail, if that had a vulnerability with UAC on it wouldn't be able to
    take out the system, with UAC off it would because it would be running with
    full privileges to the box.

    UAC is much more than just an annoying thing that comes up saying if you
    want to give something administrative rights.

    Which is why UAC prompts should be turned off (that way the system just
    continues everything for you) but never UAC itself via msconfig or similar.

    But then well, I recommended security conscious people to run as limited
    users on Windows XP, 2000 and so on. The plus side now with Windows Vista
    they've got UI to be able to elevate when they need to, they don't need to
    go out and click Run as account all the time after an application has failed
    because its doing something it shouldn't be.

    --
    Paul Smith,
    Yeovil, UK.
    Microsoft MVP Windows Shell/User.
    http://www.windowsresource.net/

    *Remove nospam. to reply by e-mail*
     
    Paul Smith, Feb 24, 2007
    #19
  20. After the computer is setup and all applications are installed, you
    should rarely see a UAC prompt. But how many users buy a new Dell and it
    has all the programs (that you WANT) installed on it? I run the firewall
    as an added level of security, not as a replacement of other methods of
    security.

    As a PC tweaker, I am constantly making changes to my PC, registry,
    installing new programs, hardware, etc. UAC can be a pain.

    Another example... Elderly people that want email and web browser. If
    they see 2 UAC prompts, they are annoyed and want XP. UAC may not be as
    frequent, but it still happens.

    If you do it right, turning off UAC won't help spread the disease, and
    my network can still be safe. Although I do see your point in having an
    average joe turning off UAC with no other protection, puts in almost as
    the same risk as XP. The user will still have a user account, rather
    than an administrator account, though.
     
    Dustin Harper, Feb 24, 2007
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.