Linked by Eugenia Loli on Sat 28th Apr 2007 00:53 UTC, submitted by applesource
Privacy, Security, Encryption Microsoft Australia has defended the company's User Account Control (UAC) system as being "misunderstood" and said it should be the type of technology that all operating systems aspire towards.
Thread beginning with comment 234714
To read all comments associated with this story, please click here.
Windows Vista
by Southern.Pride on Sat 28th Apr 2007 01:24 UTC
Southern.Pride
Member since:
2006-09-14

This is the last in the line on this code base, I have tried it out and you have to click on prompt boxes.

* When trying to change almost anything the screen dims in the background and a prompt box appears asking if this is what you want to do. Of course it is why on earth would I click on it in the first place? It is out of control, why can't it be like my Linux distro Fedora with a regular user account that can run programs/applications and perform computing functions. Then have the admin account to install what you need or make system changes. From the time I spent on it in a Office Depot store it was slow, actually one of the laptops blue screened with the 'infamous IRQ NOT EQUAL' that means it was a buggy driver.

Basically, this is nothing more than a rehashed Windows NT Workstation code base that was unstable until about SP5 or SP6 it actually was not to bad.

Anyways, the UAC will not protect the system completely since deviant people sit around and write viruses, trojan and spyware for Windows because they like to cost companies money which in turn pass it on to the consumer. I gave up on Windows NT Workstation when I performed by first install of Red Hat Professional 6.0 boxed set back around 1999.

In the Enterprise at work, I run Fedora Core 6 on my laptop/workstation and the Corp runs Windows XP Pro however, just as previous Windows versions you have to run as Administrator on a Windows machine to run certain programs. I use the VPN or Citrix client to log in on my laptop, but the security in Windows is there but it is not correctly implemented.

I just don't understand why in previous Windows releases why you need to run as Administrator? It should have been locked down years ago, but they created this monster and they are having the worst time trying to correct it.

Just as a Professor told me in College years ago, 'Always grant the LEAST amount of permissions to get the job done, because you can always add but it is almost impossible to start taking them away'........

How true that quote is, and I do not understand a Corps non-nonchalant attitude with data security being at the utmost importance.

Reply Score: 5

RE: Windows Vista
by kaiwai on Sat 28th Apr 2007 02:43 in reply to "Windows Vista"
kaiwai Member since:
2005-07-06

I just don't understand why in previous Windows releases why you need to run as Administrator? It should have been locked down years ago, but they created this monster and they are having the worst time trying to correct it.


And you call yourself a 'professional'? anyone who has half a brain will tell you that the reason for Administration by default with Windows XP and below is for compatibility reasons relating to how things are written to the hard disk and how some poorly written applications interact with the system itself.

Oh, and btw, when you run Windows Vista, you're not running in Administrator mode, hence the reason for UAC - it teporarily elevates privilages for that given application, its no different than the use of sudo/gksu in the *NIX world.

Just as a Professor told me in College years ago, 'Always grant the LEAST amount of permissions to get the job done, because you can always add but it is almost impossible to start taking them away'........


Ah, the professor. If I had 10 cents for every professor I met who never stepped foot into a company, I would be a millionaire by now. Just because a professor says something, doesn't make it gospel or some new revelation.

Microsoft *KNOW* about security, the problem is that third parties would rather refuse to update their software and write their programmes properly to take into account restricted access when running.

Microsoft only provides it for backwards compatibility - I swear there is a legion of pea brain people like you out there claiming that Microsoft makes these decisions for shits and giggles.

Microsoft is a multibillion dollar organisation with some of the smartest people in the industry, you really think they go out of their way to deliberately bone head and stupid things? ever thought there was more it than just what appears on the surface?

Edited 2007-04-28 02:49

Reply Parent Score: 5

RE[2]: Windows Vista
by topos on Sat 28th Apr 2007 03:06 in reply to "RE: Windows Vista"
topos Member since:
2005-07-28

Microsoft can be a multi billion dollars company and be beaten by the monster they created!
Microsoft own product have a hard time playing nice with UAC. Why is it recommended to run Visual Studio 2005 as administrator every time you launch it? Never seen that on any development tools on any other OS! Why did it take 5 month for providing compatibilty on something like SQL 2005 or Visual Studio 2005?
Also you go to control panel, run network setting just to check (read only). Oops, "Please confirm..."... What's the point for a read only operation? The truth is that Microsoft did not take time to carefully check every windows component so that the user is not prompted abusively.

Reply Parent Score: 4

RE[2]: Windows Vista
by dylansmrjones on Sat 28th Apr 2007 08:49 in reply to "RE: Windows Vista"
dylansmrjones Member since:
2005-10-02

UAC and sudo are not at all the same. They work in quite different ways. Sudo grants the user temporary extended rights (depending on the configuration of sudo - visudo) while UAC prompts _everytime_ the user goes out of his/her normal domain. Two very different approaches and behaviour. UAC is no more like sudo than bananas are like strawberries.

Reply Parent Score: 5

RE[2]: Windows Vista
by SEJeff on Sun 29th Apr 2007 10:56 in reply to "RE: Windows Vista"
SEJeff Member since:
2005-11-05


Oh, and btw, when you run Windows Vista, you're not running in Administrator mode, hence the reason for UAC - it teporarily elevates privilages for that given application, its no different than the use of sudo/gksu in the *NIX world.


Have you ever used sudo/gksu? They require you to enter your password unless expressly configured to do so which is insecure. Does UAC ask you for a password? Not that I can tell.

Reply Parent Score: 2

RE[2]: Windows Vista
by peiffman1 on Sun 29th Apr 2007 15:31 in reply to "RE: Windows Vista"
peiffman1 Member since:
2007-04-29

"Microsoft only provides it for backwards compatibility - I swear there is a legion of pea brain people like you out there claiming that Microsoft makes these decisions for shits and giggles."

Remember that one time when Apple made a transition to a new platform and the developers came with them?
(Hint: they did it 3 times in just over a decade: 68k -> PowerPC, Mac OS 9 -> Mac OS X, PowerPC -> x86).

I'm not trying to spark a Mac v PC argument, I'm just suggesting that Microsoft's strategy and your argument in favor of it are fundamentally flawed. Microsoft has way more clout with developers than Apple, it is there decision to continue to base things off the same/a similar kernel. If they wanted to they could completely rewrite the OS in about a 3 year period, provide an emulation layer in the initial release of said OS for it's first release, and drop support at the second release. They would lose very few customers in the process, and a ninety some percent market share is unsustainable anyway. So they might as well give up a few customers now and have a solid base instead of waiting for legions to find something better.

Reply Parent Score: 1

RE: Windows Vista
by Robocoastie on Sat 28th Apr 2007 13:10 in reply to "Windows Vista"
Robocoastie Member since:
2005-09-15

so true. Windows is a couple decades behind in that they finally implemented running in user mode vs. admin.

Reply Parent Score: 2

RE[2]: Windows Vista
by mym6 on Sat 28th Apr 2007 13:46 in reply to "Windows Vista"
mym6 Member since:
2005-08-26

On the network I control, 99.99% of the client workstations have users running at nothing more than Domain User and Local User on the machines. They can't install anything unless it's something I've defined in the GPO. The other 0.01% is my workstation.

I think there are a lot of Windows "administrators" that need to take a share of the blame.

Reply Parent Score: 2

RE[3]: Windows Vista
by hobgoblin on Sat 28th Apr 2007 17:47 in reply to "RE[2]: Windows Vista"
hobgoblin Member since:
2005-07-06

thats a office network i guess. UAC and its like is a creation for the home computer, where win9x was king, and everyone had admin rights.

Reply Parent Score: 2