Just curious, how many turn off UAC

[therealjustin]

I keep UAC on. I've lived with it for a few weeks now and it really doesn't get in the way that much at all. At Vista's launch last year I read hundreds of comments about how UAC displayed a prompt every 5 minutes. That's just not the case. It's a security feature that should be left on.

 

[TechieSooner]

I keep UAC on. I've lived with it for a few weeks now and it really doesn't get in the way that much at all. At Vista's launch last year I read hundreds of comments about how UAC displayed a prompt every 5 minutes. That's just not the case. It's a security feature that should be left on.

I remember one jackass that was on here claiming it prompts you when you booted your computer, when you logged on, logged off, emailed someone, shut the computer off... Tons of BS.

 

[Gorankar]

I remember one jackass that was on here claiming it prompts you when you booted your computer, when you logged on, logged off, emailed someone, shut the computer off... Tons of BS.

It will do all of that, if you have programs that need escalated privileges set to run at log on, log off, and shut down. Or have some freaky, 3rd rate, e-mail proggy. But yeah it is B.S. for the most part.

If anything, UAC is training me to avoid poorly written apps that require admin privileges, usually for no reason.

UAC = MS's attempt to nag, users into using apps that don't require privilege escalation, and coders into writing apps that don't require privilege escalation.

 

[TechieSooner]

It will do all of that, if you have programs that need escalated privileges set to run at log on, log off, and shut down. Or have some freaky, 3rd rate, e-mail proggy. But yeah it is B.S. for the most part.

If anything, UAC is training me to avoid poorly written apps that require admin privileges, usually for no reason.

UAC = MS's attempt to nag, users into using apps that don't require privilege escalation, and coders into writing apps that don't require privilege escalation.

It's more MS forcing developers into writing decent programs... They've said that themselves.

 

[cybereality]

It's more MS forcing developers into writing decent programs... They've said that themselves.

Yeah, people seem to miss the fact that these are legacy issues. Once Vista is standard and devs get with it there won't be these annoying problems.

 

[Sovereign]

I leave it on. I used to turn it off but I later realized it is worth the so-called annoyance. While it has not "saved" me, it is what it is, and that's how the OS is designed to run. If you turn it off, be sure to disable its driver from loading at boot, as this will speed up your boot time (since you don't need the UAC driver).

It is worth noting that if you change your mind and toggle UAC, some of your programs which have custom settings (Call of Duty 4 comes to mind) will apparently "break." The user profiles will appear to disappear. However, this is because UAC reroutes write requests by these programs, including CoD4, so when the rewrite it toggled on/off, settings disappear. Either move your files/settings or revert UAC to its previous setting.

 

[illuminate]

I turned it off. I know its just 1 click, and no im not lazy. But when i would start speed fan, and coretemp, i would get 2 UAC things, and then the screen flicker... they wouldnt always come up right away either, it would take 10-15 seconds. So, i just disabled it. But, i trust my browsing, and apps that i use. Everything that i install/use/write to, i scan before. *shrug*

 

[aldamon]

I turned it off on my main rig but left it on my wife's computers.

Can someone explain what Vista does when it finds a rootkit?

Does the popup describe what's happening or is it ambiguous like every other UAC popup?

 

[Azhar]

I turned it off on my main rig but left it on my wife's computers.

Can someone explain what Vista does when it finds a rootkit?

Does the popup describe what's happening or is it ambiguous like every other UAC popup?

Simply "Are you sure you want to install (name of root kit file)".

 

[aldamon]

Simply "Are you sure you want to install (name of root kit file)".

Since UAC does this for everything, why wouldn't I click Yes, or I should say why wouldn't the average user click Yes?

 

[Azhar]

Since UAC does this for everything, why wouldn't I click Yes, or I should say why wouldn't the average user click Yes?

Then you brought it upon yourself.

 

[aldamon]

Then you brought it upon yourself.

That's not security. That's a blame game.

 

[Azhar]

That's not security. That's a blame game.

Uh no. It's security. It's not Microsoft's fault you don't read anything you sign. You were warned and what you do after that is entirely up to you.

No security would be like XP where root kit installs without your ever knowing until a virus scanner picks it up.

 

[DeaconFrost]

That's not security. That's a blame game.

So, if you finance a TV from Best Buy at no interest for 2 years. Your finance agreement states that if you don't pay the full balance off by the end of the 2 years, you will be charged interest of 24.99% on the entire original balance. You fail to pay off the TV in full and are subsequently charged the full interest amount. You aren't happy about this. Who's fault is it?

 

[aldamon]

Uh no. It's security. It's not Microsoft's fault you don't read anything you sign. You were warned and what you do after that is entirely up to you.

No security would be like XP where root kit installs without your ever knowing until a virus scanner picks it up.

I work in documentation. In documentation, you don't label warnings the same way you label simple notes because the consequences of not reading them differ or, even worse, the user may miss a warning completely and get seriously injured or break a piece of equipment. Since UAC just tells you a program wants to do something how is the average user supposed to know the difference between innocent software and malware? How will they know when something will break something?

Would it be so hard for MS's popup to say DANGER DANGER THIS IS A ROOTKIT and explain what a rootkit is? By being ambiguous, overly intrusive, and not really the telling users what the consequences may be for installing something, UAC is treating every program the same even if the consequences may differ. That's wrong and useless, except for playing the blame game.

IMO, UAC needs to be more than just notification, but if it can't be, then it needs to be more descriptive to be effective.

 

[Grimmda]

We have it shut off in our corporate image... sure only 4 people are USING it right now... but I forsee it being disabled when/if we roll Vista out.

 

[ScretHate]

Why buy a new OS just so you can disable its core features?

 

[Mithent]

Would it be so hard for MS's popup to say DANGER DANGER THIS IS A ROOTKIT and explain what a rootkit is?

Probably, yes? All the OS knows at the point of elevation is that the program is requesting administrator privileges. There's no way for it to know what the program might do with those privileges. To try to heuristically detect rootkits, every instruction that could potentially be used by a rootkit installer would have to be intercepted by code trying to work out whether what it was doing was sufficiently malicious to prompt warning the user. This would probably result in imperfect detection, and also slow down the system because there's extra code being run all the time. UAC doesn't work like that, it's just "do you trust this program with administrator privileges?".

If you want something to try to detect malware based on signatures in the installer, that's the role of an anti-malware program (Defender comes with Vista, of course - I would hope that it can detect rootkits, although I don't know).

 

[DeaconFrost]

Would it be so hard for MS's popup to say DANGER DANGER THIS IS A ROOTKIT and explain what a rootkit is?

I'd love to see this happen, but if Microsoft put that much scanning in, I can see Symantec, TrendMicro, Mcafee, etc building a legal team to sue for anti-competitive practices.

 

[DeathFromBelow]

I'd love to see this happen, but if Microsoft put that much scanning in, I can see Symantec, TrendMicro, Mcafee, etc building a legal team to sue for anti-competitive practices.

Exactly, plus all the Vista haters would just complain about how Vista is slowing their system down by scanning when they didn't ask for it.

 

[milkweg]

If anything, UAC is training me to avoid poorly written apps that require admin privileges, usually for no reason.

I'm starting to find this to be quite an issue with a lot of older games. It really pisses me off when you have to give admin privileges to a game installer and you don't know if it is going to dump crap into your system folders or not. Matrixgames games put their uninstaller in the Windows folder and leaves them there when you uninstall the game. They do that so the uninstaller never gets deleted by accident so you can't uninstall the game properly. Putting files in the Windows folder is just incompetent IMO when they could just have the uninstaller go to a separate folder in the User\Documents folder.

 

[aldamon]

Exactly, plus all the Vista haters would just complain about how Vista is slowing their system down by scanning when they didn't ask for it.

UAC stops a program completely and displays a popup. It's hard to get slower than a complete stop.

 

[Mithent]

UAC stops a program completely and displays a popup. It's hard to get slower than a complete stop.

Actually UAC prevents the program from starting until you say yes. If you allow it, no further UAC code runs, the application just gets on with its work with the administrative security token. UAC does not monitor programs waiting to see whether they'll try to do something administrative, it's something the program or you must request when it first starts.

I get what you mean, but if there was extra UAC code within every potentially administrative instruction (like, say.. read/write to files..) then people would complain about unnecessary code slowing down the computer.

 

[aldamon]

Actually UAC prevents the program from starting until you say yes. If you allow it, no further UAC code runs, the application just gets on with its work with the administrative security token. UAC does not monitor programs waiting to see whether they'll try to do something administrative, it's something the program or you must request when it first starts.

I get what you mean, but if there was extra UAC code within every potentially administrative instruction (like, say.. read/write to files..) then people would complain about unnecessary code slowing down the computer.

I know. You basically repeated what I said with a lot more words.

I would want a scan only when a popup occured. No extra scans needed. The program is already blocked so it's a perfect time to gather more information about it.

 

[Arainach]

I know. You basically repeated what I said with a lot more words.

I would want a scan only when a popup occured. No extra scans needed. The program is already blocked so it's a perfect time to gather more information about it.

It's impossible to tell exactly what a program's going to do. It's also extremely difficult and probably impossible to tell a rootkit from any other diagnostic utility. How is it supposed to know the difference between the tool you're developing to remove a virus from your MBR and the virus itself?

 

[darkpaw]

On my gaming and development system it is off, on all other systems it is on.

 

[Dan-515]

I tried to endure it but did turn it off and have left it off

 

[sdotbrucato]

I have it on, on all four machines. I don't use any apps that require admin rights so after initial install its smooth sailing. I took it one step further and anytime a UAC prompt does come up, it requires Admin password. I've been doing this for years with OS X so really its no bother to me.

 

[milkweg]

Just moving shortcut files around in the Start menu kicks in UAC so it would bother the hell out of me if I had it set to require a password too.

 

[Joe Average]

Just moving shortcut files around in the Start menu kicks in UAC so it would bother the hell out of me if I had it set to require a password too.

Doesn't do this for me when I run Vista, not sure what's up with your particular situation but... that should not trigger a UAC prompt.

 

[Mithent]

Doesn't do this for me when I run Vista, not sure what's up with your particular situation but... that should not trigger a UAC prompt.

Editing the shared "All Users" user Start menu requires elevation (since it affects all users), but your personal Start menu does not. Since a lot of programs put their shortcuts into the shared Start Menu, moving them would cause a prompt for elevation.

As an aside, it took me ages to find the location of the Start Menu shortcuts in Vista.

 

[V99]

Turned it off and it's never coming back on.
Stupid Users Ballon which comes up saying your settings are wrong is annoying though.

 

[dreamer3kx]

Turned it off and it's never coming back on.
Stupid Users Ballon which comes up saying your settings are wrong is annoying though.

you can get rid of the balloons, I believe you have to go into security settings.

 

[EnderW]

I just turned it off because I'm copying over/cleaning off some old hard drives and it keeps asking me everytime I delete a file

 

[UncleDavid218]

All of my computers have it off. With a combination of diligent surfing/downloading and good anti-virus protection I've been doing alright.

None of my machines are mission critical so if something ever were to happen I can afford to spend the time getting everything back up.

 

[Silus]

I turned it off. I believe it's a good feature for unexperienced users, but for experienced users, it becomes annoying really fast.

 

[Mithent]

I turned it off. I believe it's a good feature for unexperienced users, but for experienced users, it becomes annoying really fast.

Again, though, it really isn't about protecting inexperienced users - it's not asking you "are you really sure you want to run this program?", it's a security mechanism that means that most programs run without administrative privileges, and you have control over the ones that are granted them.

 

[CrimsonKnight13]

I have it turned off all of the way. I see no need for it & would rather run my PC smoothly instead of having to verify that I did want to do what I just did.