Linked by Thom Holwerda on Sat 31st Jan 2009 10:45 UTC
Privacy, Security, Encryption Yesterday, we reported on the security flaw in Windows 7's UAC slider dialog, and today, Microsoft has given a response to the situation, but it doesn't seem like the company intends to fix it. "This is not a vulnerability. The intent of the default configuration of UAC is that users don't get prompted when making changes to Windows settings. This includes changing the UAC prompting level." I hope this reply came from a marketing drone, because if they intend on keeping this behaviour as-is in Windows 7 RTM, they're going to face a serious shitstorm - and rightfully so. Let's hope the Sinfoskies and Larson-Greens at Microsoft rectify this situation as soon as possible.
Thread beginning with comment 346419
To view parent comment, click here.
To read all comments associated with this story, please click here.
bornagainenguin
Member since:
2005-08-07

BluenoseJake trolled...

People complained loudly that UAC is annoying and prompts to often. MS put the control in the users hands, made it adjustable because people made such a big deal over the UAC in Vista. So what do people do now, when UAC is broken by the default settings in Win7? More complaining. It can be changed, you know.

You people made your bed, lie in it.


Errr...no. What we complained about was the joke UAC was made into, with even Microsoft itself admitting it was made purposely to be annoying not useful. Don't believe me? do a search on this very site, this was where I first saw the article.

Now if UAC had worked like Ubuntu handles accounts, with requiring an administrator password before proceeding then you wouldn't have seen quite as many complaints on here and elsewhere about it. (I don't say you wouldn't have seen any complaints because we both know there are some people who will never be happy with what Microsoft does no matter what it is.) The problem is instead of requiring escalated privileges UAC behaves like Clippy on steroids prompting:

'Are you really sure you want to do that? Are you sure? really reeeeaaaaallllllly sure?'


...and ultimately resulting in absolutely no change in behavior.

Most users turn it off first thing, and the ones who are unable to do so just click through it without reading it, making the problems UAC was supposedly intended to fix worse!

I'm not saying any of this would fix the current problem, but pretending this is a case of people complaining about UAC without merit is simply trolling and you know it.

--bornagainpenguin

Reply Parent Score: 2

Thom_Holwerda Member since:
2005-06-29

Most users turn it off first thing, and the ones who are unable to do so just click through it without reading it, making the problems UAC was supposedly intended to fix worse!


Screenshots or it didn't happen.

UAC was a success, as the number of applications requiring admin privileges has been drastically reduced. THAT was its intended goal, and it succeeded.

Reply Parent Score: 1

bornagainenguin Member since:
2005-08-07

Thom_Holwerda disputed...

UAC was a success, as the number of applications requiring admin privileges has been drastically reduced. THAT was its intended goal, and it succeeded.


That may have happened as a result, but let's be honest here--it was a nice side effect. For it to have resulted in the changes you suggest would have to mean most users of Windows are running as limited accounts. I don't think anyone wants to pretend that's happened--for the very same reason you point out: 'Everyone' knows installing apps requires admin privileges and so run that way as default.

--bornagainpenguin (who has yet to see a Vista installation in the wild not running with admin privileges)

Reply Parent Score: 2