Linked by Thom Holwerda on Thu 5th Mar 2009 13:27 UTC
Windows For Windows 7, Microsoft has made some changes to User Account Control to counter the criticism that UAC was too intrusive. It didn't take long before several holes were poked in Windows 7's default UAC settings, and now one is left to wonder: is it wise to sacrifice security for (perceived?) usability? Ars has an editorial that deals with this question.
Thread beginning with comment 351825
To read all comments associated with this story, please click here.
That's just crazy talk
by MrDoe on Thu 5th Mar 2009 15:54 UTC
Member since:

This article forgets two things:
1. I'm an advanced computer user. With over 20 years of experience I know when I install a video driver it requires root/administrator access. I don't mind typing in a password but I do mind a uber-modal dialog blocking everything but the UAC window asking permissions (multitasking anyone?).

2. The average computer user doesn't know much about security. How the hell does he know when to press Yes/No when it pops up every few minutes?

The only solution seems to set administrator access so that it requires a password (like unix has done since the beginning, shame on you author for ignoring that fact).
The sad reality is that most windows programs are just so crappy they "integrate" too good. Today, flashplayer suddenly updated and required a reboot. For crying out loud, why is such a piece of crap so tightly integrated into the core of my OS that it needs to restart? Until software companies fix their act this problem persists. So just make administrator access a little more difficult to find so software companies have to create better software.

Reply Score: 4

jabbotts Member since:

Flashplayer ActiveX plugin will require a reboot becuse it touches IE which forces itself to be deep-throated by the kernel.

Flashplayer plugin standard did not require any reboot when I updated it yesterday. Of course, this is the FF plugin and FF is not bound to the kernel in such an intimate way.

Reply Parent Score: 3

PlatformAgnostic Member since:

That's BS and you know it. IE is a program that ships with Windows, just like calc.exe. I dare you to say that calc.exe is integrated with the kernel :-p.

The reason Flash wants a reboot is that it needs to replace previous binaries which may be in use by some running instance of IE. The installer could just ask you to shut down all instances of IE before running, but they took the easier engineering approach of just saying restart the machine (the new files are copied over the old files when the machine next boots).

Reply Parent Score: 2

RE: That's just crazy talk
by hraq on Thu 5th Mar 2009 20:01 in reply to "That's just crazy talk"
hraq Member since:

You are smart; this is exactly what I want to say.

Add that 99% of applications out their are single threaded and administrator-sensitive and buggy and not well written and has .... oh my god

I still have to see 1 decent game that uses the quad or octa cores on any system.

Reply Parent Score: 2

RE: That's just crazy talk
by Morph on Thu 5th Mar 2009 21:00 in reply to "That's just crazy talk"
Morph Member since:

I don't mind typing in a password but I do mind a uber-modal dialog blocking everything but the UAC window asking permissions

The `uber-modality' is by design, and it has a very important reason. Only the true UAC can create such a window, no other app can grey out the screen, etc. This means that malicious apps cannot create a replica UAC window in an attempt to fool the user, like phishing. If you ever get a UAC prompt that's not `uber-modal' then you know it's a fake.

This is the same reason some systems require you to press ctrl+alt+delete to open a login window; no regular app can capture ctrl+alt+delete because it is handled specially by the hardware and keyboard drivers. So when a login window appears as a result of you pressing ctrl+alt+del, you know it must be genuine.

Reply Parent Score: 2

jabbotts Member since:

The screen is simply an image. I don't see why an app could not be written to fake the UAC overbearing parent aproach. I would like to think it's a unique effect to grey the screen and post a message box over it.. then I remember changing the window theme.. greyed until done.. shutting down.. greyed until shutdown method is selected...

Three finger solute to login? My login prompt is a third party app that waits for a finger print scanner input or, accepts crtl-alt-del and rolls over to the windows login prompt. My remote software provides a command to send crtl-alt-del to a remote session so the key sequence can be generated by software; this being the Windows remote desktop and rdesktop on other platforms. Here, I actually just wish it was easier to implement in a non AD setup. Getting the login prompt without crtl-alt-del and finding the previous username left in place unless you do some reg editing sucks.

I do see the reason for both functions though. UAC locks out the rest of the screen so the user knows it's authentic (assuming the user is aware enough to realize that), and I always figured it was to keep the user from clicking on other windows while the system was waiting for the privileged elevation.

Reply Parent Score: 2