UAC - what does it mean in simple terms?

Discussion in 'Windows Vista Security' started by tryingtolearn, Sep 29, 2009.

  1. O/S Vista Home Basic 32 bit. I had some IE problems which were also
    interferring with my printer causing it not to print. MS/MVP, PA Bear,
    helped me solve the IE problem in the IE group, which in turn solved the
    printer not working problem. Now I just have 1 little glitch. The printer
    will NOT print as long as UAC is enabled but WILL print when UAC is turned
    off. I did post this question in the printer group 4 days ago but have had
    no responses.
    So my question now is this: Is it important for me to have UAC enabled? In
    the household there is only 1 computer & 1 printer (both wireless) & I am
    the only one who knows how to use the computer. I am not worried about
    people tampering around with my computer in my home. I'm a little foggy as
    to exactly what UAC controls but from what I can make out it seems it only
    involves preventing someone from making unauthorized changes to my computer.
    Thus----do I need to worry so much about it?
     
    tryingtolearn, Sep 29, 2009
    #1
    1. Advertisements

  2. tryingtolearn

    Helroy Guest

    Turn the useless aggravating thing off and enjoy your computer.
     
    Helroy, Sep 29, 2009
    #2
    1. Advertisements

  3. Only you can answer that. Do you do timely backups of both system and
    user data and programs? If you have a good recovery plan, then it should
    be less important to you to have the protection offered by implementing
    limited user accounts.
    Do you run as administrator all of the time, or did you create a limited
    user account for your daily activities?
    Actually, UAC enables a limited user easy access to the administrator
    account's elevated security token. Most of the complaints stem from
    user's inability to settle for limited user rights in their day to day
    operations.
    Those "unauthorized changes" can be programmatic as well as by physical
    access. A program a user runs has the privileges of that user. Running a
    malware program from an administrator level account is *much* worse than
    running it from a limited user account (in most cases).
     
    FromTheRafters, Sep 29, 2009
    #3
  4. tryingtolearn

    Gordon Guest


    Which is one reason why the internet is awash with viruses, trojans and all
    sorts of malware because people like you are totally oblivious to computer
    security.
    All the SECURE operating systems such as Unix, MAC and Linux, ALL have a
    form of UAC......
     
    Gordon, Sep 29, 2009
    #4
  5. NOTE: Please see my inline replies.....tryingtolearn....
     
    tryingtolearn, Sep 29, 2009
    #5
  6. tryingtolearn

    Gordon Guest

    You need to create a space to type your replies. It's very difficult to see
    your replies because everything is prefixed with ">"

    In reply to your comment that you always run as an administrator I would say
    this:

    Please be aware that it is considered bad practice to use an Administrator
    account on a day-to-day basis. Certainly with Vista and Windows 7 there is
    no need to do so, and in fact if you had had experience with 'nix flavours
    of operating systems you would know that users almost NEVER run as root (aka
    "administrator"). That is one reason why those OS's are considerably more
    secure than the Windows varieties.
    Running as an administrator constantly /could/ allow nasty things to act on
    your computer without you knowing anything about it.
    I suggest you create a new Administrator account, call it Tech" or "Admin"
    or something like that, (NOT "administrator"), give it a good strong
    password, and then convert your normal account to a Standard User account.
     
    Gordon, Sep 29, 2009
    #6
  7. Usually, inline replies don't get prefixed with >>>>

    However, I was able to find your inline replies despite the
    irregularities. :eek:)
    That is good, at least where your ability to recover is concerned.
    Still, malware can do damage to a user that is non-reversible.

    [...]
    This is a very bad idea. If by chance you *do* execute malware, it will
    have 'the keys to the kingdom' and can thoroughly infest your system.
    Malware executing in a limited user account has less power to completely
    hose your system - making it a much better idea to run limited
    'day-to-day'.
    It is not just about a 'multiuser' system and having passworded
    accounts, it is about doing inherently risky things (web browsing) as an
    administrator when such things should be done from 'userland' (i.e.
    limited user). Sure, there are malware programs that exploit flaws in
    programming that allow 'userland' programs to escalate privileges - but
    these are usually addressed by the faulty software's vendor in the form
    of 'patches'. Running as administrator all the time completely
    circumvents this scenario.

    Win9x/ME didn't have this ability - everyone was admin - and is most of
    the reason it is less secure on the whole than it's contemporaries.

    [...]
    Yes, as these are all "programs" - and "programs" can be "trojanized" or
    otherwise "infected" (as with a virus for instance). *If* you ran such a
    program as a limited user, it might not have enough privileges to make
    systemwide changes. Where running it from an admin account would give it
    a way to 'sink its claws' in very deeply.
    In some cases it is very subjective - basically, it is software that
    does things against your wishes - to such an extent that you would call
    those actions "malicious" (MALicious softWARE). Sometimes their not
    really *malicious* - and some refer to "badware" as these unwanted and
    yet not actually malicious programs.

    Some may not agree with my definitions for various *ware - yet I'll
    wager they *all* will disagree with much of what is defined on various
    "authoritative" websites - as do I.
    This is a security newsgroup, and computer security *still* involves
    user education. Less so, now that OSes have started *enforcing* many
    "best practices" to the irritation of those not familiar with operating
    under them by choice. So - ask away ... and if my rather general
    knowledge isn't enough, there are real experts hereabouts volunteering
    their time.
     
    FromTheRafters, Sep 30, 2009
    #7
  8. Correction "They're" - not "their" in my last post.

    ....you know ware

    :eek:)
     
    FromTheRafters, Sep 30, 2009
    #8
  9. Gordon and "FromTheRafters": Sorry about all the >>> in my previous in line
    posting. Chalk it up to "newbeeness". ;-) But thanks for bringing it to my
    attention. Lesson learned --- and I consider that a good thing!

    Thank you both for helping me. Sincerely.
    FromTheRafters, your explanations in your last post hit the mark with me and
    I now have a much better understanding of these things. You did a good job
    of explaining things on a level I could relate to. I finally "get it". I am
    no longer going to run day to day as administrator. Am as Gordon suggested
    creating a limited user account. Funny how so many terms in computerland
    seem to mean just the opposite of what they appear to mean. Thanks for
    hanging in there with me! I have much yet to learn but I have learned a few
    more things. Once again my thanks to you. Ann --- tryingtolearn

     
    tryingtolearn, Oct 1, 2009
    #9
  10. tryingtolearn

    Gordon Guest

    Hey you're welcome! We all have to start somewhere. Enjoy your exploration
    and learning - it's a great world out there!
     
    Gordon, Oct 1, 2009
    #10
  11. Here we have a person that calls all MS users Wintards and idiots while
    he is in COLA, and then he comes here and acts like a MS saint. What a
    hypocrite he is what a hypocrite and a snake.
     
    Vista Succubus Hunter, Oct 1, 2009
    #11
  12. tryingtolearn

    Gordon Guest

    All lies again
     
    Gordon, Oct 1, 2009
    #12
  13. The LUA idea is not MS specific. There was nothing wrong with Gordon's
    posts in this thread. This is more about LUA than UAC - and even Linux
    users can understand that concept.

    <me ducks an' runs fer cover>
     
    FromTheRafters, Oct 1, 2009
    #13
  14. tryingtolearn

    whs Guest

    Reading this may help: 'Windows Vista User Account Control (UAC) - Wh
    it's useful « How-To Geek Forums
    (http://www.howtogeek.com/forum/topic/uac-is-good-why-and-mini-faq-thing?replies=32
     
    whs, Oct 1, 2009
    #14
  15. To "whs", I accidently hit not useful by mistake & it won't let me change
    that. Will go back after I sign out & try to at least give it a useful
    rating on another sign in.?????
    I did wake up last night thinking and realized the UAC thing got a little
    bit lost in the whole LUC discussion. But I need *both* lessons. Read the
    link you provided--still digesting the info. contained therein, letting it
    sink in. Thankyou. It did bring a thought to my mind which is this: *until*
    I can solve the printer not printing when UAC is enabled; can I create an
    exception which allows the printer & only the printer to be "exempt" so to
    speak from UAC? Maybe that's a question for a different group---I'm not
    sure. Anyone have any suggestions?
    Thanks, tryingtolearn.
     
    tryingtolearn, Oct 2, 2009
    #15
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.