Enraged

[Mazzspeed]

The convenience part is definitely fading away. Education about common sense computer practices is the best defense. I never knew Macs could be infested with endless malware, but my cousin proved me wrong. She had literal hundreds of malware and managed to get every possible online account hacked. She also hadn’t updated her OS in years. Took me a week to get her stuff back and just started over with a fresh wipe of the OS, got her an iPhone instead of Android, and put two-factor authentication on everything. She used literally the same password on a hundred different accounts, including social media and her banks. I don’t think I’ve seen anything that bad, especially not on a Mac. She clicks and installs everything that pops up.

It has to fade away, the infection issue on the desktop platform is becoming a joke. Based on experience, I agree, MacOS is by no way immune to viruses, trojans, PUP's and malware - However, in most cases such infections are easier to clean off a Mac with no damage to the underlying OS itself.

 

[Stanley Pain]

Disabling UAC in TYOL 2019.

 

[cybereality]

UAC was designed specifically to annoy users. Microsoft has went on the record saying that.

https://arstechnica.com/information...ac-security-prompt-was-designed-to-annoy-you/

Basically, the idea was that developers would learn to code their apps without needing privilege escalation (which most apps should not need) and I believe that has worked in many cases.

I do recall when I first got Vista those popups were non-stop, but now I only get them in specific situations and they are not too bothersome.

 

[SuperSubZero]

I do recall when I first got Vista those popups were non-stop, but now I only get them in specific situations and they are not too bothersome.

I thought we were past those days, but Apple reaffirms that what is old is new again with macOS Catalina. The sheer deluge of approval prompts particularly in corporate environments puts Vista to shame. Just installing Zoom video conferencing and sharing my screen was more approving stuff than actually installing the app.

Meanwhile my Win10 machines at work and home rarely do any UAC and if they do it's for things I'd expect like installing apps or the occasional legacy app that still keeps it's config files in Program Files. MS still has to work on getting the UAC prompt to always be on top tho.. Occasionally things seem stuck until I see the shield blinking in the taskbar.

 

[Mazzspeed]

I thought we were past those days, but Apple reaffirms that what is old is new again with macOS Catalina. The sheer deluge of approval prompts particularly in corporate environments puts Vista to shame. Just installing Zoom video conferencing and sharing my screen was more approving stuff than actually installing the app.

Meanwhile my Win10 machines at work and home rarely do any UAC and if they do it's for things I'd expect like installing apps or the occasional legacy app that still keeps it's config files in Program Files. MS still has to work on getting the UAC prompt to always be on top tho.. Occasionally things seem stuck until I see the shield blinking in the taskbar.

I actually believe what Vista was doing was good, security should take priority over convenience.

 

[Mazzspeed]

Meanwhile my Win10 machines at work and home rarely do any UAC and if they do it's for things I'd expect like installing apps or the occasional legacy app that still keeps it's config files in Program Files. MS still has to work on getting the UAC prompt to always be on top tho.. Occasionally things seem stuck until I see the shield blinking in the taskbar.

I don't know whether I'm imagining it, but I swear this happens when you install software that's taking functionality away from Windows built in applications - AKA: Edge browser doubling as a .PDF reader.

 

[DeathFromBelow]

UAC was designed specifically to annoy users. Microsoft has went on the record saying that...

No. Privilege escalation is a core security feature of all modern operating systems. It certainly does encourage developers to write their software properly, but that's not the main reason it exists.

UAC is actually 'less annoying' than privilige escalation in Linux and MacOS/iOS by default since you can just click through if you're logged in as an admin, though for maximum security I would reccomend changing your settings to always require your password for any escalation once you've got your drivers and such installed.

FUD and BS about Vista (and UAC) really grinds my gears, it was a terribly underappreciated OS. I've never seen 'endless UAC prompts' and it actually ran great on supported hardware. People forget that Microsoft mandated 64-bit support on all 'Vista compatible' hardware. Things were rough for about a year, but it was necessary.

Now Windows 10... that's a legit trainwreck. I never thought I would be running Linux on everything as my primary OS, but here we are.

 

[Mazzspeed]

No. Privilege escalation is a core security feature of all modern operating systems. It certainly does encourage developers to write their software properly, but that's not the main reason it exists.

UAC is actually 'less annoying' than privilige escalation in Linux and MacOS/iOS by default since you can just click through if you're logged in as an admin, though for maximum security I would reccomend changing your settings to always require your password for any escalation once you've got your drivers and such installed.

FUD and BS about Vista (and UAC) really grinds my gears, it was a terribly underappreciated OS. I've never seen 'endless UAC prompts' and it actually ran great on supported hardware. People forget that Microsoft mandated 64-bit support on all 'Vista compatible' hardware. Things were rough for about a year, but it was necessary.

Now Windows 10... that's a legit trainwreck. I never thought I would be running Linux on everything as my primary OS, but here we are.

No. UAC was initially designed to be more of an annoyance to the end user, thus forcing developers to stop coding software that insisted on running as Administrator - And in this sense it basically succeed. The problem with Vista, apart from it's HDD thrashing, was UAC, people hated it as it used to pop up even when accessing the control panel. Thus a watered down version of UAC was released for latter operating systems. As a method of privilege escalation, it's not as effective as it should be.

You have to remember, UAC was implemented for the first time under Vista. For many it was quite a culture shock.

Malware is getting on Windows machines somehow, UAC's not stopping it and as can be seen there are actually Windows users that proactively 'disable it'!

You're right, sudo is more annoying. That's the difference between security, and convenience. Out of the box Windows has to cater for the useless, thus convenience tends to take priority as it's just too damn hard to enter a password forcing the user to think about their actions for a second.

 

[B00nie]

The problem with UAC is two fold:
- Firstly it pops up way too often and for quite trivial things, so the user quickly learns to just accept it without thinking as it's 'something that just happens'.
- Second it doesn't require a password so accepting privilege escalation is just a mouse click away, which again makes it easy to accept it without thinking.

If I see that sudo is needed on linux or MacOS, that's instant cause of alarm - somethings usually not right unless you're deliberately running tools that need high privileges.

 

[Stanley Pain]

No. UAC was initially designed to be more of an annoyance to the end user, thus forcing developers to stop coding software that insisted on running as Administrator - And in this sense it basically succeed. The problem with Vista, apart from it's HDD thrashing, was UAC, people hated it as it used to pop up even when accessing the control panel. Thus a watered down version of UAC was released for latter operating systems. As a method of privilege escalation, it's not as effective as it should be.

You have to remember, UAC was implemented for the first time under Vista. For many it was quite a culture shock.

Malware is getting on Windows machines somehow, UAC's not stopping it and as can be seen there are actually Windows users that proactively 'disable it'!

You're right, sudo is more annoying. That's the difference between security, and convenience. Out of the box Windows has to cater for the useless, thus convenience tends to take priority as it's just too damn hard to enter a password forcing the user to think about their actions for a second.

1. Not it wasn't implemented to annoy users.

2. Malware gets onto people computers because they are either a) disabling UAC all together b) clicking yes to everything c) opening every single email attachment.exe c) people disabling auto updates leading to d) unavoidable exploits in software or OS (drive by ad based malware).

 

[B00nie]

1. Not it wasn't implemented to annoy users.

2. Malware gets onto people computers because they are either a) disabling UAC all together b) clicking yes to everything c) opening every single email attachment.exe c) people disabling auto updates leading to d) unavoidable exploits in software or OS (drive by ad based malware).

Sorry but it's far from that simple. There are and have been multiple 'fly-by' attacks which infect the computer completely without user interaction. The payload can be embedded in images, javascript etc. which outlook or windows explorer previews automatically or the browser runs. Then there are network worms etc. attacks which again just execute without the user even knowing.

 

[ManofGod]

No. UAC was initially designed to be more of an annoyance to the end user, thus forcing developers to stop coding software that insisted on running as Administrator - And in this sense it basically succeed. The problem with Vista, apart from it's HDD thrashing, was UAC, people hated it as it used to pop up even when accessing the control panel. Thus a watered down version of UAC was released for latter operating systems. As a method of privilege escalation, it's not as effective as it should be.

You have to remember, UAC was implemented for the first time under Vista. For many it was quite a culture shock.

Malware is getting on Windows machines somehow, UAC's not stopping it and as can be seen there are actually Windows users that proactively 'disable it'!

You're right, sudo is more annoying. That's the difference between security, and convenience. Out of the box Windows has to cater for the useless, thus convenience tends to take priority as it's just too damn hard to enter a password forcing the user to think about their actions for a second.

No, UAC was not nor ever has been designed as an annoyance to the end user. Also, this so called hard drive thrashing was anything but and yet, because of the whining, we got slow boot times and application load times in Windows 7, since they essentially eliminated the best part of Windows Vista, loading most used applications in memory immediately at boot time.

 

[Stanley Pain]

Sorry but it's far from that simple. There are and have been multiple 'fly-by' attacks which infect the computer completely without user interaction. The payload can be embedded in images, javascript etc. which outlook or windows explorer previews automatically or the browser runs. Then there are network worms etc. attacks which again just execute without the user even knowing.

Did you gloss over point D? I literally said that

 

[Stanley Pain]

No, UAC was not nor ever has been designed as an annoyance to the end user. Also, this so called hard drive thrashing was anything but and yet, because of the whining, we got slow boot times and application load times in Windows 7, since they essentially eliminated the best part of Windows Vista, loading most used applications in memory immediately at boot time.

Hahaha I remember the gnashing of teeth about MUH MEMORIES!!!! Yes OS please do not cache frequently accessed bits in memory so I can show the largest amount of free memory lol. My server @ home has 1/2 TB of memory and literally 1/2 of that are cached things. Mostly ZFS things but damn is access fast to various media files.

 

[ManofGod]

Hahaha I remember the gnashing of teeth about MUH MEMORIES!!!! Yes OS please do not cache frequently accessed bits in memory so I can show the largest amount of free memory lol. My server @ home has 1/2 TB of memory and literally 1/2 of that are cached things. Mostly ZFS things but damn is access fast to various media files.

Yeah, until I bought my first SSD, that was the one thing I absolutely hated about Windows 7 on my personal computers. Not only did they make the default behavior so that is no longer cached anything for the first 7 minutes after boot up, which made that function essentially useless but, they eliminated the option as well, so you could not even enable it if you wanted too. Despite certain issues, I think Vista SP2 64 Bit was far better than Windows 7 ever was or ever will be.

 

[Mazzspeed]

c) opening every single email attachment.exe

You mean the type of file UAC is designed to halt executing? Patching isn't working as the double extension exploit still exists.

Cybereality posted a link, read it.

No, UAC was not nor ever has been designed as an annoyance to the end user. Also, this so called hard drive thrashing was anything but and yet, because of the whining, we got slow boot times and application load times in Windows 7, since they essentially eliminated the best part of Windows Vista, loading most used applications in memory immediately at boot time.

So did it take the entire time the PC was powered up to 'cache applications'? Funny, my Linux install does the same thing and my HDD doesn't run continuously.

 

[B00nie]

Did you gloss over point D? I literally said that

Ad based attacks yes, but there are multiple other vectors of attack also that work even without ads.

 

[Stanley Pain]

Ad based attacks yes, but there are multiple other vectors of attack also that work even without ads.

Yes I know, that thing in brackets is what's called an example to the previous statement I made.

 

[ManofGod]

You mean the type of file UAC is designed to halt executing? Patching isn't working as the double extension exploit still exists.

Cybereality posted a link, read it.



So did it take the entire time the PC was powered up to 'cache applications'? Funny, my Linux install does the same thing and my HDD doesn't run continuously.

I can always count on you for a complete and total exaggeration. That's ok, I know what I experienced and for a hard drive based system, it ran extremely well and was fantastic.

 

[Mazzspeed]

I can always count on you for a complete and total exaggeration. That's ok, I know what I experienced and for a hard drive based system, it ran extremely well and was fantastic.

The feeling's mutual.

See how you've got to make everything personal, it's a classic example of back against the wall unable to come up with a realistic rebuttal. It's quite sad really.

 

[B00nie]

The feeling's mutual.

See how you've got to make everything personal, it's a classic example of back against the wall unable to come up with a realistic rebuttal. It's quite sad really.

I guess this was a response of some Windoze troll I've long gone muted

 

[ManofGod]

The feeling's mutual.

See how you've got to make everything personal, it's a classic example of back against the wall unable to come up with a realistic rebuttal. It's quite sad really.

I knew you were going to claim that it was being made personal when it fact, I am not feeling anything, just observing the obvious.

 

[ManofGod]

I guess this was a response of some Windoze troll I've long gone muted

Well, ok, if you say so, I will continue using what works, you just go ahead and bash away.

 

[cybereality]

Well, ok, if you say so, I will continue using what works, you just go ahead and bash away.

Bash, you say?