I have always thought that UAC needs to stay on.
I will say though, that if what duby says is true, that UAC is trully hacked already, then it really does leave little purpose for it being left on.
BUT that is if he is actually correct..
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Have you disabled UAC
- Thread starter mket
- Start date
I have always thought that UAC needs to stay on.
I will say though, that if what duby says is true, that UAC is trully hacked already, then it really does leave little purpose for it being left on.
BUT that is if he is actually correct..
On a related note I know this guy who clicks allow to every app and component in his ZA firewall just because has has no idea what should be allowed and what shouldn't. IMO most people will do the same with UAC, they will just keep clicking allow because most of the time that is the correct response and then one day they will click allow for the wrong thing and it's welcome to computer hell time.
http://en.wikipedia.org/wiki/Criticism_of_Windows_Vista#User_Account_Control
Security company Kaspersky Lab claimed that Vista with UAC disabled is less safe than Windows XP with Service Pack 2.
Security company Kaspersky Lab claimed that Vista with UAC disabled is less safe than Windows XP with Service Pack 2.
96redformula
2[H]4U
- Joined
- Oct 29, 2005
- Messages
- 2,578
Um... What have 50% of people not disabled it? Bunch of noobs 
try running a registry cleaner with UAC on, lol. Nightmare.
I disabled it but I'm thinking about enabling it and seeing if it goes away. Still, I do like to run ASO registry cleaner occasionally and I'll tell you that's a real mess with UAC on.
I disabled it but I'm thinking about enabling it and seeing if it goes away. Still, I do like to run ASO registry cleaner occasionally and I'll tell you that's a real mess with UAC on.
Very interesting results on the poll so far.
I feel that its use depends a lot on what and how you use your system. If you are doing a large of admin tasks then it does seem to get in the way. After system setup and after all the imports, moves, tests and other myriad of things done to get the whole hardware and software up and running, its pretty smooth sailing.
I view UAC as the traffic cop or signals. In town they are on every block, you run into them a lot. Once you get on the freeway and start cruising it may be hours before you see one again. Its only the CHP with its siren glowing that should get your attention.
When I run as standard user I want the protection.
However, as an admin, I expect just that, full privileges with little or no interference. Its assumed I am a 1000lbs canary and I know what I am doing. After all, it assumes I know the answer to "continue or cancel'. The best I can ever answer to that is "I really dont know but relieve you of resposibility".
What I would have preferred, is if I log into an Admin account disable the prompt if the task or job was initiated at the system console. If I log in a user account, enable the prompt by default. However, in both cases have UAC functional. If wishes where horses we'd all take a ride.
I have it off right now, but I'm still in city traffic. I look forward to cruising, listening to tunes and enjoying the scenery.
I feel that its use depends a lot on what and how you use your system. If you are doing a large of admin tasks then it does seem to get in the way. After system setup and after all the imports, moves, tests and other myriad of things done to get the whole hardware and software up and running, its pretty smooth sailing.
I view UAC as the traffic cop or signals. In town they are on every block, you run into them a lot. Once you get on the freeway and start cruising it may be hours before you see one again. Its only the CHP with its siren glowing that should get your attention.
When I run as standard user I want the protection.
However, as an admin, I expect just that, full privileges with little or no interference. Its assumed I am a 1000lbs canary and I know what I am doing. After all, it assumes I know the answer to "continue or cancel'. The best I can ever answer to that is "I really dont know but relieve you of resposibility".
What I would have preferred, is if I log into an Admin account disable the prompt if the task or job was initiated at the system console. If I log in a user account, enable the prompt by default. However, in both cases have UAC functional. If wishes where horses we'd all take a ride.
I have it off right now, but I'm still in city traffic. I look forward to cruising, listening to tunes and enjoying the scenery.
Games that trigger UAC are a sign of programming that takes admin for granted. One of the reasons XP was unsecure is because the user had all these processes running that had free rein of admin powers, and you'd see ridiculous stuff like applications writing back settings to program files instead of to the users folder. Now that Vista has put that to a stop you'll start to see more responsible programing with respect to admin privileges. Upcoming games (and really any applications) will avoid using admin powers unless it is absolutely necessary (installing/patching, and thats about it), and you won't see UAC nearly as often as you do now.
There's been quite a bit of throwing about the word ASS early in this thread and, whilst I don't personally consider duby229 to actually be an Ass at all, it's surprising that nobody is mentioning that this line of thinking is unsound. The very fact that it "..breaks compatibility.." is evidence that it's doing the job it is designed to do. Why does compatibility get "broken" for some apps? Because those apps are written in such a way that they create a potential exploit on your system is why! Sure, you can expect a prompt when you're installing the thing. But once installed you shouldn't be getting prompts when you launch or use the application. If you are then that application isn't behaving itself as it should be!
You want a secure system? Then deal with the fact that a fair whack of your existing software library will be part of the problem!
duby229 is quite correct in suggesting that, in itself, UAC does not constitute a 'security measure' which makes you PC bulletproof. Plenty enough people from within the MS development teams have openly acknowledged that, in fact, one of the main purposes of the current UAC measures is to 'force' software developers to produce more well behaved code. Disable it for compatibility purposes and you become part of the problem that permeates the Windows world. In effect, you become no better than the 'uninformed' end-user who is naive about computers, so please don't go parading your superiority on the basis of having disabled the thing. All you are really doing by disabling it (and encouraging others to do so) rather than tolerating the prompts is encouraging software developers to continue writing crappy, badly-behaved programs!
And, in any case, you don't need to disable UAC altogether to get rid of much of the "annoying" prompting. Instead, all you need to do is to tweak it for "elevate without prompting". That'n attends to much of the so-called "annoyance" whilst leaving UAC in place for the protections it actually DOES provide! Has as much impact on keeping prompts to a minimum as the "Install as administrator, run first time as administrator" technique, actually.
The argument that "everyone will just click OK" is similarly flawed. If you are spouting that one then you are part of the reason people who do that do what they do! Yes, you might well be only a miniscule part of the problem but you're part of it nevertheless. Face facts! You're here on a supposedly 'tech-savvy' forum blathering on to everyone who fires up Google and putting across poor advice! Simple fact? A UAC warning is indicating that a system change is about to occur, and people who don't understand what the effect is going to be and how to reverse it should not "Continue" until they find out a bit more. UAC isn't just about malware! It's a measure which warns about stuff which can pose a potential threat to both security AND stability.
UAC might prompt, as Gatticus mentioned, a "..hell of a lot more than Unix OS's" but then you simply don't see the compromised software in the *nix world that you see in the windows world. *nix software HAS to behave itself. People should be embracing the opportunity to force a situation in which Windows software eventually will. However 'flawed' Microsoft's UAC is at present, it's a step in the right direction. It's the people turning it off at first sight who are acting like "n00bs". However 'hardcore' they might consider themselves to be!
Well said.
@ Catweasle... Thank you for the innuendo, well hidden...
I can certainly understand your point, and I agree that applications need to be written in a manner that is conclusive to unprivileged accounts. I just dont think that UAC is going to accomplish that. If MS wanted that then they would have quite making the administrator group default for the first user.
I think that what MS needs to do is adopt a "escalation" model instead of the "exception" model that UAC currently uses... Let me explain. In a escalation model, a user has a set of applications that they will use on a day to day basis that he has full access to... However there are certain tasks that may change the system in some way or another, which will require escalated priveledges. It is in these cases that requiring an administrator password, or some other means of escalation would be beneficial.....
Right what UAC does, is that you are allowed to do whatever you want to do... However only with certain exceptions that you the user can override... There are some flaws in this idea becouse it assumes that the user knows what should be allowed and what shouldnt. Also becouse of the shear amount of badly written code the user is prompted with these exceptions constantly... It is unfair to the user, and makes programming for it a nightmare. It is much easier for a developer to simply patch there applications with one of the two hacks that are already on the loose.... It doesnt solve the problem and only makes it much worse.
I can certainly understand your point, and I agree that applications need to be written in a manner that is conclusive to unprivileged accounts. I just dont think that UAC is going to accomplish that. If MS wanted that then they would have quite making the administrator group default for the first user.
I think that what MS needs to do is adopt a "escalation" model instead of the "exception" model that UAC currently uses... Let me explain. In a escalation model, a user has a set of applications that they will use on a day to day basis that he has full access to... However there are certain tasks that may change the system in some way or another, which will require escalated priveledges. It is in these cases that requiring an administrator password, or some other means of escalation would be beneficial.....
Right what UAC does, is that you are allowed to do whatever you want to do... However only with certain exceptions that you the user can override... There are some flaws in this idea becouse it assumes that the user knows what should be allowed and what shouldnt. Also becouse of the shear amount of badly written code the user is prompted with these exceptions constantly... It is unfair to the user, and makes programming for it a nightmare. It is much easier for a developer to simply patch there applications with one of the two hacks that are already on the loose.... It doesnt solve the problem and only makes it much worse.
yep...now we can see how many ppl decided to open up their systems even more
Argue as you will, I leave it off and will leave it off, and I just don't give a damn about whatever people say. UAC is annoying and doesn't protect you in any way, have your pair of neurons turned on and you can do better.
We never had UAC before and it was never needed, never I had a problem with my XP install in all those years without it. 99% of the problems with computers are user's fault (not considering hardware problems), and for those people and those people only UAC might do some good for now, because it won't take long to viruses and whatever circumvent this new "security" feature. Face it, everything Microsoft does is at some time hacked. Vista was claimed to be the Pirate's Nightmare ( example ) , cracked. Next version of crap-ware will probably find a way to sneak itself into Vista like it has always done. How to avoid this? Turn your pair of brain cells on and you can avoid it.
I've seen so many people, educated people with PHD, Master Degrees in computers click those banners "you are visitor 10,000th!!!" like they have won something, while my grandma once read that on the internet and said "ha, fools!". It doesn't matter what microsoft does, stuff get hacked and this is the wonderful world of computers.
So for those of you, UAC Zealots, please don't waste your time trying to argue on the benefits of UAC, it won't change the fact that I turned it off and everyone else who did probably knows why they turned it off.
We never had UAC before and it was never needed, never I had a problem with my XP install in all those years without it. 99% of the problems with computers are user's fault (not considering hardware problems), and for those people and those people only UAC might do some good for now, because it won't take long to viruses and whatever circumvent this new "security" feature. Face it, everything Microsoft does is at some time hacked. Vista was claimed to be the Pirate's Nightmare ( example ) , cracked. Next version of crap-ware will probably find a way to sneak itself into Vista like it has always done. How to avoid this? Turn your pair of brain cells on and you can avoid it.
I've seen so many people, educated people with PHD, Master Degrees in computers click those banners "you are visitor 10,000th!!!" like they have won something, while my grandma once read that on the internet and said "ha, fools!". It doesn't matter what microsoft does, stuff get hacked and this is the wonderful world of computers.
So for those of you, UAC Zealots, please don't waste your time trying to argue on the benefits of UAC, it won't change the fact that I turned it off and everyone else who did probably knows why they turned it off.
There's been quite a bit of throwing about the word ASS early in this thread and, whilst I don't personally consider duby229 to actually be an Ass at all, it's surprising that nobody is mentioning that this line of thinking is unsound. The very fact that it "..breaks compatibility.." is evidence that it's doing the job it is designed to do. Why does compatibility get "broken" for some apps? Because those apps are written in such a way that they create a potential exploit on your system is why! Sure, you can expect a prompt when you're installing the thing. But once installed you shouldn't be getting prompts when you launch or use the application. If you are then that application isn't behaving itself as it should be!
You want a secure system? Then deal with the fact that a fair whack of your existing software library will be part of the problem!
duby229 is quite correct in suggesting that, in itself, UAC does not constitute a 'security measure' which makes you PC bulletproof. Plenty enough people from within the MS development teams have openly acknowledged that, in fact, one of the main purposes of the current UAC measures is to 'force' software developers to produce more well behaved code. Disable it for compatibility purposes and you become part of the problem that permeates the Windows world. In effect, you become no better than the 'uninformed' end-user who is naive about computers, so please don't go parading your superiority on the basis of having disabled the thing. All you are really doing by disabling it (and encouraging others to do so) rather than tolerating the prompts is encouraging software developers to continue writing crappy, badly-behaved programs!
And, in any case, you don't need to disable UAC altogether to get rid of much of the "annoying" prompting. Instead, all you need to do is to tweak it for "elevate without prompting". That'n attends to much of the so-called "annoyance" whilst leaving UAC in place for the protections it actually DOES provide! Has as much impact on keeping prompts to a minimum as the "Install as administrator, run first time as administrator" technique, actually.
The argument that "everyone will just click OK" is similarly flawed. If you are spouting that one then you are part of the reason people who do that do what they do! Yes, you might well be only a miniscule part of the problem but you're part of it nevertheless. Face facts! You're here on a supposedly 'tech-savvy' forum blathering on to everyone who fires up Google and putting across poor advice! Simple fact? A UAC warning is indicating that a system change is about to occur, and people who don't understand what the effect is going to be and how to reverse it should not "Continue" until they find out a bit more. UAC isn't just about malware! It's a measure which warns about stuff which can pose a potential threat to both security AND stability.
UAC might prompt, as Gatticus mentioned, a "..hell of a lot more than Unix OS's" but then you simply don't see the compromised software in the *nix world that you see in the windows world. *nix software HAS to behave itself. People should be embracing the opportunity to force a situation in which Windows software eventually will. However 'flawed' Microsoft's UAC is at present, it's a step in the right direction. It's the people turning it off at first sight who are acting like "n00bs". However 'hardcore' they might consider themselves to be!
100% in agreement.
UAC wasn't put there to annoy us but to protect us from ourselves.
If you think your more tech savy to decide these things yourself
then you have made your first mistake at being a security guru.
And has been now mentioned numerous times you don't see those prompts on a daily basis.
*skips to end, brienfly skims last 20 posts....
yes, I disabled it.
yes I think it helps the end user keep a machine cleaner
I feel confident enough in my technical skills to disable it, as I don't want to bother with popups on my personal machine.
yes, I disabled it.
yes I think it helps the end user keep a machine cleaner
I feel confident enough in my technical skills to disable it, as I don't want to bother with popups on my personal machine.
S
SpeedRunner
Guest
UAC is one of the reasons to get Vista. I'm keeping it on.
The only thing I disagree with is that supposedly, people who turn it off are making a "mistake" or are automatically "n00bs." If everyone who turns it off comes back here whining about how their computer got compromised somehow, I think that would constitute a "mistake" and make us "n00bish." But the assertation that turning UAC off automatically makes one "less of a security guru" compared to those that leave it on is insulting due to lack of any actual proof. Prove that turning off UAC caused security breaches specifically affecting those who chose to turn it off because they believe they do not need it. If you can prove that I (or the majority of other users who turned off UAC) have experienced a problem, I will shut up. But since the UAC-ers here can't seem to do anything other than insult us as being lesser users ("n00bs," "people who turn it off are the ones who need it most" etc), I refuse to give in. Trying to make us feel like we screwed up because we disagree with you is not going to help your case.
If you left for vacation, and left your house unlocked...was it a mistake ONLY if someone robs you? I don't think so.
That being said, maybe calling people noobs is going a bit too far. I'll put them somewhere right in the middle...the old "know enough to be dangerous" area. These security threads really bring to light how many people really think they know more about computing in general than they actually do. That's why I made the comments, that anyone following current security trends, and keeping up with how creative hackers and malware writers are getting, would know that you do anything and everything to protect yourself. Why do you think most people run multiple malware applications AND do an occasionaly online scan with yet another scanner? Why do companies have multiple levels of security and protection? For example, I pay for a filtering company to block spam and viruses from our e-mail. I also have spam filters and good AV running on the mail server as well. Then, I have good AV software running on each client machine. That's three times and e-mail is scanned before a person in my company reads it.
You and I and others have gone back and forth on this issue. I'd like to make a suggestion. Take some time and follow some of the links in this thread, such as the one Gatticus posted. Read on some security sites just how varied and creative these malware attacks can be. Don't do it to settle an argument. Don't do it because I suggested it. Do it for your own benefit of understanding how many threats there are out there. Do it to learn how many viruses can inflict some major damage without you even knowing about it, or noticing your computer acting weird.
The problem with your assertion is that you think UAC is capable of doing anything about it, and your just plain wrong. UAC tells you that your downloading mail... It doesnt tell you that it has a virus, and if it does have a virus, it isnt going to trigger UAC anyway, because it will most likely have one of the two available UAC hacks already in it....
Get off the security thing... It is NOT a security measure....
Get off the security thing... It is NOT a security measure....
You have something wrong on your system if UAC is prompting you when you check your e-mail. What UAC CAN do, is prompt you when when a webpage or an e-mail containing a graphics file, such as a jpg, is attempting to install a program or modify a system file in the background.....a process to which no one, regardless of knowledge, would know is happening without the warnings. Check out some of Kapersky's blogs for some recent exploits like this.
Here's a link:
http://isc.sans.org/diary.html?storyid=2582&dshield=f966d8fee07d950915b584dc865f758c
Considering Asus.com is a site many people would be going to, for legitimate reasons, that pretty much shoots down the ignorant "avoid those warez and pr0n sites" argument as well.
Thank you for further proving my point. How childish is it, that the best you can do in an argument is post some childish graphic? It's ignorance like this that explains why people don't take the time to learn more about the computing environment, but rather act like spoiled little kids who must have their way, or on comes the tantrum.
Thanks dad.
griffinhart
[H]ard|Gawd
- Joined
- Aug 3, 2005
- Messages
- 1,294
UAC won't trigger for downloading e-mail. If so, something is wrong on your system or you have an early beta version of Vista. And no, UAC will not tell you that an e-mail has a virus, but it will still protect you from a virus that is trying to change something at the system level. That doesn't protect you from user data loss since that only requires user level access, but it will pop up if it tries to change the registry, startup, program files, etc. That does provide a measure of security.
Originally, UAC was designed so that you would log into Windows as a standard user and UAC would prompt you for the admin password if it was needed. MS realized that most people are used to logging into windows as administrator and don't like the idea of entering in a password anytime the system requires it. UACs implimentation is a compromise to that.
In the end UAC's true goal is to force software publishers to change their ways. There is no reason a videogame should ever need admin access just to run. With UAC it really pushes software designers to ensure that it doesn't trigger UAC. Over the next year, you will see software becoming more compliant and fewer and fewer prompts from UAC. It will be the next version of windows that will benefit the most IMHO. I fully expect that due to UACs pushing developers towards the right direction that the defualt user will not be admin but a basic user and admin passwords will be entered when a system change needs to be made.
odoe
[H]F Junkie
- Joined
- Oct 10, 2001
- Messages
- 9,796
Seriously. If you can't post in a mature manner, then don't post. It's just threadcrapping.
Here here! QTF.
Djnes,
You still fail, in my mind, to see my point. You are not going to convince me to use UAC with all your "I/These websites know better than you" rhetoric. You still come across as treating those of us who don't use UAC as small children who need to be taught better by Big Daddy Djnes. That is, as I said earlier, insulting. You still have not addressed your condescending, high-horse manner.
That being said, what happens, hypothetically, if one reads the links you suggested "not because I suggested it" but out of one's own free will, and still decided to leave UAC off? What would be your response to that? Probably something implying that "You still don't get it" or "What does it take to pound it through your thick skull" type argument, which again shows that part of your argument doesn't revolve around logic (as you claim) but opinions, insults and emotions, none of which will serve to convince someone of something.
This has gone beyond the UAC/no UAC discussion to a "I'm going to prove that you have to have UAC on or else your computer is two seconds away from being melted down" and a "I know more than you/am better at computer security than you because I posted all these links and leave UAC on because of them"
My question for you is this: What will it take to convince you that leaving UAC off in and of itself does not automatically make someone:
1. Stupid
2. Childish
3. A n00b
Consider this: I have UAC off, which we have discussed at length already. Where do the problems come from (hackers, malware, viruses etc)? They don't just appear. They are downloaded! So, if my laptop with Vista on it is not hooked up to the internet except to download Windows Updates, what is the "overall attack surface" of the operating system then? Of course, you could say I could get a virus from WU, but that could affect anyone, UAC or no UAC, if someone cleverly wrapped a virus in an update (not to mention that they would either have to be an insider or hack into Microsoft's servers. It could happen, but it hasn't yet and I'm not going to lose sleep worrying about someone injecting a virus into WU)
I think you have to admit that in my situation (with my laptop never being hooked to the internet) that your whole thing about "creative hackers and malware writers" doesn't apply to me at all... If you cannot admit that then I must sadly conclude that you are so full of your own ideas that you cannot conceive of a situation where you might be wrong.
I will readily say that I would never recommend turning UAC off to anyone. I turned it off as a personal choice and I don't think that's any of your business. If I were telling others to turn it off, that would be imperiling computer security on a larger scale and I could see you becoming so incensed over it. But I'm not.
Do you understand what I am saying, or do I have to go over it again?
You still fail, in my mind, to see my point. You are not going to convince me to use UAC with all your "I/These websites know better than you" rhetoric. You still come across as treating those of us who don't use UAC as small children who need to be taught better by Big Daddy Djnes. That is, as I said earlier, insulting. You still have not addressed your condescending, high-horse manner.
That being said, what happens, hypothetically, if one reads the links you suggested "not because I suggested it" but out of one's own free will, and still decided to leave UAC off? What would be your response to that? Probably something implying that "You still don't get it" or "What does it take to pound it through your thick skull" type argument, which again shows that part of your argument doesn't revolve around logic (as you claim) but opinions, insults and emotions, none of which will serve to convince someone of something.
This has gone beyond the UAC/no UAC discussion to a "I'm going to prove that you have to have UAC on or else your computer is two seconds away from being melted down" and a "I know more than you/am better at computer security than you because I posted all these links and leave UAC on because of them"
My question for you is this: What will it take to convince you that leaving UAC off in and of itself does not automatically make someone:
1. Stupid
2. Childish
3. A n00b
Consider this: I have UAC off, which we have discussed at length already. Where do the problems come from (hackers, malware, viruses etc)? They don't just appear. They are downloaded! So, if my laptop with Vista on it is not hooked up to the internet except to download Windows Updates, what is the "overall attack surface" of the operating system then? Of course, you could say I could get a virus from WU, but that could affect anyone, UAC or no UAC, if someone cleverly wrapped a virus in an update (not to mention that they would either have to be an insider or hack into Microsoft's servers. It could happen, but it hasn't yet and I'm not going to lose sleep worrying about someone injecting a virus into WU)
I think you have to admit that in my situation (with my laptop never being hooked to the internet) that your whole thing about "creative hackers and malware writers" doesn't apply to me at all... If you cannot admit that then I must sadly conclude that you are so full of your own ideas that you cannot conceive of a situation where you might be wrong.
I will readily say that I would never recommend turning UAC off to anyone. I turned it off as a personal choice and I don't think that's any of your business. If I were telling others to turn it off, that would be imperiling computer security on a larger scale and I could see you becoming so incensed over it. But I'm not.
Do you understand what I am saying, or do I have to go over it again?
I see both arguments. I can see why there is an advantage to leaving it on and leaving it off.
However, just because you do leave it off, doesnt necessarily mean that that persons machine is or will get compromised.
Sometimes, you need to trust your own abilities....
Heck, make an image of the machine. So if it is compromised, you reimage, and BOOM. The issue is gone.
However, just because you do leave it off, doesnt necessarily mean that that persons machine is or will get compromised.
Sometimes, you need to trust your own abilities....
Heck, make an image of the machine. So if it is compromised, you reimage, and BOOM. The issue is gone.
Let's get a few things straight here. First, I am firing back to play the devil's advocate. Until you can give some good, valid reason, or at least some links explaining, from a trusted source, why disabling UAC is a good idea, the burden of proof remains on you. I don't have to explain or justify anything further, and neither does anyone else. When you take a stance that's far against the grain, you have to back it up with something. Simply shouting it out over and over, doesn't make it true, or won't lead anyone to accept it. That's the point you are failing to grasp. You are twisting my words, missing my points, and then expecting me to do something about it.
Speaking of points, had you taken the time to read some of my previous posts, and the posts of others, you'd see some very good reasons why UAC should NOT be disabled. Instead of countering with some points of your own (as would be fitting in a good debate), all you simple do is repeat the same comments over and over. The only person stuck on a high horse is you, attempting to play the victim violin.
Don't make the mistake of confusing high-horse lecturing with simple common sense. You are suggesting something that goes against the recommendations of security professionals and the industry itself. It's fine if you want to feel that way. When the suggestions were made in history that the Earth was round and NOT the center of the universe, it went against the accepted grain. The difference was, proof was given, rather than having the same drivel spouted over and over.
If you'd like to bring this back to a mature debate, feel free to do so. But, if I may borrow a line from greNME, the burden of proof rests on your side. Start giving us some links to read, and we will gladly read them. Until then, get off the soapbox about how I'm calling you a noob. What I am guilty of is telling you that you're going against common sense, logic, and accepted practices. Prove me wrong. I'm a big boy, and I'll always admit when I'm wrong. Anyone married (especially the husbands) will know that you need to admit when you're wrong (and even sometimes when you aren't wrong) to keep the peace and progress in life. All I'm asking from you is to give me something to read, some links or discussions, on why disabling UAC is a good idea.
odoe
[H]F Junkie
- Joined
- Oct 10, 2001
- Messages
- 9,796
Computer security is a personal choice. Keeping UAC on or not is a matter of preference. For the time being, yes, it will come up in certain circumstances because the software is doing something that it probably shouldn't do, but it is trusted software. So someone turns UAC off. That's a personal choice. There is nothing in your computer using contract that states you have to use it. You weigh your risks and make your choice. Some people might be subject to trying different things on their system. For example, I sometimes have to check shady links posted on this forum. I have various security measures in place to help protect my pc just in case. But if I'm just a regular user, chances are I don't need that level of security. I don't see why choosing to have a certain security feature on or off turns into a big debate. Something that could have been a decent discussion on the benefits of a security feature and the drawbacks has just turned into a pissing contest. Some of you guys just like to stir things up or see your name on screen. I'd like to think this forum could do better than getting into silly epeen contests.
It's worth noting that there are experienced people on either side of the argument. There are strong argument both for and against. I would therefore suggest everyone just calming down and try to argue their point rationally, but with the understanding that what works for you might not be applicable to someone else.
</voiceofreason>
</voiceofreason>
You still did not read my post. If my laptop isn't connected to the internet, how can it be hacked? That is my point. If UAC protects against mostly internet-based threats, then why do I need it if I don't put that computer online? I am trying to say (for the fifth time) for my own case with a computer that is not hooked to the internet for 99.99% of the time, UAC isn't needed to stop malware/viruses because the threat's not there.
I never said disabling UAC is a "good idea." I said that it doesn't imperil my security in my situation. Since you seem to think that I'm trying to prove that, I have nothing to offer because that wasn't my point. So no, I can't prove that disabling UAC is a good idea, because I wasn't setting out to prove that in the first place.
I agree with you there. If it is not connected to the internet, you dont need it.
But if it is, then I think it might be a good idea.
Exactly. Taking a stance on an issue is one thing, but being able to provide reasons, sources, etc to back it up is a whole 'nother level.
These forums were always about good discussions, so that everyone can benefit and learn from them. Lately, they've became a flame-haven, because so many want to spout out a point, but never give anything more. That's when a debate turns to an argument. I'm sure I come across as beligerent in many threads, and that's fine. Those who remember the "olden days" know how frustrating it is to see stances taken with absolutely no proof. or sources. You can't get anything from that.
Call me crazy, but I enjoy being proven wrong...except in my marriage because wives never let you forget those times. On here, anytime I'm proven wrong, it means I learned something new. Too many people are afraid to be wrong, or admit they are wrong or mistaken. Those are the people who incessently argue with no leg to stand on, and keep their mind closed to learning anything new. I'm not directing that last point at anyone...just stating an observation.
Now, back on topic, I'm still requesting some links on UAC. We've covered, thanks to bbz_Ghost, what it does, etc. Let's see some real counterpoints, instead of name-calling, and image postings.
Amen to that - like anything, UAC has a cost and benefit, and those vary from person to person. There's no one correct answer. As long as people rationally and correctly identify their individual costs/benefits, a rational decision can be made that can't be rationally refuted. The only benefit to this conversation is to ensure that there isn't missing information. (And there is a huge difference between "gee I didn't know that" and "I know, but that isn't a big deal for me.")
I'd agree with that as well for the most part, if it's never online. If it is ever connected online, or it accepts files from other computers, via external drives, it should have protection, just in case.
I have a station at work for video editing...converting media clips on VHS to DVD. It's not connected in anyway to my network, and no files are added to it, unless they come from a VHS tape. I don't have any security software at all on this PC, to keep it as bone dry and clean as possible. It's not needed. However, if this PC was connected even once a week for Windows updates, and then disconnected, I'd have AV software and the like on it. If this PC was running Vista and never connected, I'd probably disable a lot on it as well, including UAC, if it would help the video conversion process.
I'm going to summarize my opinions on UAC so that there aren't any misconceptions due to this unfortunate little spat
UAC should be left on at all times unless you are:
1. Setting up a brand new system (and it should be turned back on when you're done with the setup)
2. Not connected to the internet
My laptop is Case 2, which was my point with all my previous posts. Therefore, my choice is rational because the risk of turning UAC off is virtually nonexistant. However, my desktop's UAC will remain on (when I get Vista64 that is) because it is always online and I'm always using it to browse and such.
UAC should be left on at all times unless you are:
1. Setting up a brand new system (and it should be turned back on when you're done with the setup)
2. Not connected to the internet
My laptop is Case 2, which was my point with all my previous posts. Therefore, my choice is rational because the risk of turning UAC off is virtually nonexistant. However, my desktop's UAC will remain on (when I get Vista64 that is) because it is always online and I'm always using it to browse and such.
I could even go so far as to agree with this point as well. Anyone who's tried re-arranging their Start Menu shortcuts would know exactly what I'm talking about.
While I like UAC, I'll point out a few counterpoints (found on the internet so they must be true):
1. It can be annoying under certain usage patterns. Especially if turned on after being off when setting the system up, I believe. (According to the Wikipedia entry on UAC - http://en.wikipedia.org/wiki/User_Account_Control - File & Registry Virtualization is turned off when UAC is disabled. Thus, turning it back on breaks things.)
2. http://blogs.zdnet.com/security/?p=29 makes an interesting argument about why UAC might not work very well. Even if a program is well designed and doesn't need Administrative privleges to run, UAC assumes that any installer needs that level of access. That's a blessing and a curse, depending on what the installer is trying to do and if it has been compromised.
3. Tied to the annoyance factor of #1: long term this may work, but in the short run some programs are just broken. As mentioned in the Windows Vista Team Blog post (http://windowsvistablog.com/blogs/w...7/01/23/security-features-vs-convenience.aspx) about UAC:
In other words, if software is written such that it believes it needs to be elevated, it will trip UAC. It takes time for software to be rewritten or made compatible to work.