Coffeehouse Thread

184 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

UAC controversy - the last episode!

Back to Forum: Coffeehouse
  • User profile image
    wastingtime​withforums

    Larry Osterman said:
    Ray7 said:
    *snip*

    ***DING*** ***DING***  Give the man a ceegar.

    UAC has never been a security feature.  Microsoft has NEVER claimed that UAC was a security feature.  It's a convenience feature that acts as a forcing function to convince software developers to get their act together. 

    And if you don't like the default settings, you can make a trivial change to increase your prompting level back to where it was in Vista and all these "exploits" go away.

    The ONLY secure scenario is to run as a standard user (with no admin privileges) and use fast user switching to switch to an admin account when you need to make configuration changes to the machine.  But most users won't put up with that level of security.  Heck, look at how much people complained about the UAC prompts.  Imagine how annoyed they'd be if MSFT forced them to log into another account to change their system configuration.

     

     

    "And if you don't like the default settings, you can make a trivial change to increase your prompting level back to where it was in Vista and all these "exploits" go away."

    ---------------------------

    Exploits with quotes around them? So, being able to break a boundary (for whatever reason it's there) with ease is *not* an exploit?

     

    "The ONLY secure scenario is to run as a standard user (with no admin privileges) and use fast user switching to switch to an admin account when you need to make configuration changes to the machine.  But most users won't put up with that level of security.  Heck, look at how much people complained about the UAC prompts.  Imagine how annoyed they'd be if MSFT forced them to log into another account to change their system configuration."

    --------------

    Hey, exactly! Let me quote Leo Davidson (the guy who discovered the UAC mess):

    ---

    "Microsoft clearly realise that even the button-click prompts were too annoying for many users as that’s why they removed them for admin users (for their badly-written software which prompts too much only).

    You cannot honestly thing that standard user accounts, as they stand today, are a solution that people will actually use after the reaction to Vista’s UAC.

    Additionally, standard user accounts are not the default. You have to go out of your way to use them. Almost nobody will, except in businesses where they were already running locked-down accounts since the days of NT4 and where UAC elevation will barely be used at all.

    Standard user accounts are a distraction and an excuse as far as Windows 7 goes. You might as well say “People should use Linux to be more secure” as it’s about as relevant and likely to happen. If Windows 8 (or whatever) actually makes standard user the default, and makes improves the user experience to one that people might actually put up with, then the argument will hold water.

    The thing is, we’re only arguing about the stupidity (and unfairness on 3rd party developers) of Windows 7’s UAC because of the default settings. People can change to Always Prompt and make it like Vista… Unless we explain why Windows 7’s defaults are the worst of both worlds — annoying prompts for some applications combined with almost zero difficulty in bypassing the prompts for anything that really wants to — and inform people that they can either set UAC to always prompt or to silently elevate (for all apps), people are just going to use the defaults.

    The one thing most people are not going to use in Windows 7 is standard user accounts. It’s more painful than what everyone complained about on Vista, not less."

    ----

    http://www.withinwindows.com/2009/06/10/uac-uac-go-away-come-again-some-other-day/#comment-3851

    He is basicaly saying the same thing as you, and THAT IS A BAD THING! Where do you go from here? UAC is now holey as cheese on the default setting, and, as you said, almost no one will run as standard user, because that's more annoying than the old Vista UAC behaviour.

    What now? What is the future of Windows security? Will it be now "forever" that users will work as administrators with a broken UAC? Or will you force in Windows 8 that the default user will be a standard account user? But if you do that, people will be extremely annoyed! After  Windows 7, with its reduced UAC dialogs, people WON'T ACCEPT a standard user account in Windows 8 - because on a standard account there will be much more UAC prompts than on the default administrator account on win7 with its broken UAC.

    UAC was a good tool to prepare people for the "standard account future", but now.. it's less likely that normal users will accept that future, after they use win7.

    It seems that you guys maneuvered yourselves into a pretty naster corner, just to please the blogosphere.

  • User profile image
    stevo_

    Don't know what I think about this scenario anymore, to me if MS could fix this without dumping the entire auto elevated signed apps thing then they should do it, purely on the basis that it would calm the panic (regardless if the panic is legit or not).. and would avoid the usual zillion articles of how 7 sucks more than xp now because of the this one thing..

    But I get the feeling they are in a corner a bit, they would probably want to fix it purely to avoid the confusion, but its likely that they can't fix it because stopping 'dll injection' would damage 'legit scenarios'.. this or its far too late in the dev cycle to make this kinda change given the amount of app testing that would need to be done.

  • User profile image
    ManipUni

    stevo_ said:

    Don't know what I think about this scenario anymore, to me if MS could fix this without dumping the entire auto elevated signed apps thing then they should do it, purely on the basis that it would calm the panic (regardless if the panic is legit or not).. and would avoid the usual zillion articles of how 7 sucks more than xp now because of the this one thing..

    But I get the feeling they are in a corner a bit, they would probably want to fix it purely to avoid the confusion, but its likely that they can't fix it because stopping 'dll injection' would damage 'legit scenarios'.. this or its far too late in the dev cycle to make this kinda change given the amount of app testing that would need to be done.

    It doesn't suck more than XP. It sucks in the same way as XP. Tongue Out

    I think Microsoft (and some people on here) are playing a short game. While the people calling BS are playing the long game.

    In Microsoft's short game they know full well that an admin-user account with UAC enabled fully has holes and they cannot fix them in Windows 7, so what is the point in UAC? They're thus turning it off, presenting even more holes.

    The long game is to leave UAC on, have users getting used to it, have programs getting used to it and look at removing admin-user accounts entirely in the future. They also need to look at what rights user-user processes have in order to avoid some common hyjack escalations scenarios.

     

  • User profile image
    Ubuntu

    wastingtimewithforums said:
    Larry Osterman said:
    *snip*

    "And if you don't like the default settings, you can make a trivial change to increase your prompting level back to where it was in Vista and all these "exploits" go away."

    ---------------------------

    Exploits with quotes around them? So, being able to break a boundary (for whatever reason it's there) with ease is *not* an exploit?

     

    "The ONLY secure scenario is to run as a standard user (with no admin privileges) and use fast user switching to switch to an admin account when you need to make configuration changes to the machine.  But most users won't put up with that level of security.  Heck, look at how much people complained about the UAC prompts.  Imagine how annoyed they'd be if MSFT forced them to log into another account to change their system configuration."

    --------------

    Hey, exactly! Let me quote Leo Davidson (the guy who discovered the UAC mess):

    ---

    "Microsoft clearly realise that even the button-click prompts were too annoying for many users as that’s why they removed them for admin users (for their badly-written software which prompts too much only).

    You cannot honestly thing that standard user accounts, as they stand today, are a solution that people will actually use after the reaction to Vista’s UAC.

    Additionally, standard user accounts are not the default. You have to go out of your way to use them. Almost nobody will, except in businesses where they were already running locked-down accounts since the days of NT4 and where UAC elevation will barely be used at all.

    Standard user accounts are a distraction and an excuse as far as Windows 7 goes. You might as well say “People should use Linux to be more secure” as it’s about as relevant and likely to happen. If Windows 8 (or whatever) actually makes standard user the default, and makes improves the user experience to one that people might actually put up with, then the argument will hold water.

    The thing is, we’re only arguing about the stupidity (and unfairness on 3rd party developers) of Windows 7’s UAC because of the default settings. People can change to Always Prompt and make it like Vista… Unless we explain why Windows 7’s defaults are the worst of both worlds — annoying prompts for some applications combined with almost zero difficulty in bypassing the prompts for anything that really wants to — and inform people that they can either set UAC to always prompt or to silently elevate (for all apps), people are just going to use the defaults.

    The one thing most people are not going to use in Windows 7 is standard user accounts. It’s more painful than what everyone complained about on Vista, not less."

    ----

    http://www.withinwindows.com/2009/06/10/uac-uac-go-away-come-again-some-other-day/#comment-3851

    He is basicaly saying the same thing as you, and THAT IS A BAD THING! Where do you go from here? UAC is now holey as cheese on the default setting, and, as you said, almost no one will run as standard user, because that's more annoying than the old Vista UAC behaviour.

    What now? What is the future of Windows security? Will it be now "forever" that users will work as administrators with a broken UAC? Or will you force in Windows 8 that the default user will be a standard account user? But if you do that, people will be extremely annoyed! After  Windows 7, with its reduced UAC dialogs, people WON'T ACCEPT a standard user account in Windows 8 - because on a standard account there will be much more UAC prompts than on the default administrator account on win7 with its broken UAC.

    UAC was a good tool to prepare people for the "standard account future", but now.. it's less likely that normal users will accept that future, after they use win7.

    It seems that you guys maneuvered yourselves into a pretty naster corner, just to please the blogosphere.

    http://www.codeproject.com/Messages/3045414/Setting-System-Clock-in-Vista-7-UAC-problem.aspx

  • User profile image
    blowdart

    Larry Osterman said:
    Ray7 said:
    *snip*

    ***DING*** ***DING***  Give the man a ceegar.

    UAC has never been a security feature.  Microsoft has NEVER claimed that UAC was a security feature.  It's a convenience feature that acts as a forcing function to convince software developers to get their act together. 

    And if you don't like the default settings, you can make a trivial change to increase your prompting level back to where it was in Vista and all these "exploits" go away.

    The ONLY secure scenario is to run as a standard user (with no admin privileges) and use fast user switching to switch to an admin account when you need to make configuration changes to the machine.  But most users won't put up with that level of security.  Heck, look at how much people complained about the UAC prompts.  Imagine how annoyed they'd be if MSFT forced them to log into another account to change their system configuration.

     

     

    Ah now come on that's not true. MS has touted UAC as a security feature.

    UAC blog "User Account Control (UAC) is a core security feature in the next release of Windows Vista and Windows Server code name Longhorn."

    MSDN "In this webcast, we explore Windows User Account Control (UAC), a new security feature in the Windows Vista operating system."

    MSDN "User Account Control (UAC), introduced in Windows Vista, is a security feature"

    But of course strictly speaking it's not, but that's a technical definition. That's like saying that SQL server isn't a relation database because it doesn't meet all of the strict relational criteria that Codd set out (it's not, not all views are updatable)

    Until Windows installs force the creation of an admin and a least privilege user it's the best there is.

  • User profile image
    Bas

    blowdart said:
    Larry Osterman said:
    *snip*

    Ah now come on that's not true. MS has touted UAC as a security feature.

    UAC blog "User Account Control (UAC) is a core security feature in the next release of Windows Vista and Windows Server code name Longhorn."

    MSDN "In this webcast, we explore Windows User Account Control (UAC), a new security feature in the Windows Vista operating system."

    MSDN "User Account Control (UAC), introduced in Windows Vista, is a security feature"

    But of course strictly speaking it's not, but that's a technical definition. That's like saying that SQL server isn't a relation database because it doesn't meet all of the strict relational criteria that Codd set out (it's not, not all views are updatable)

    Until Windows installs force the creation of an admin and a least privilege user it's the best there is.

    True. They were calling it a security feature right up to the point when Windows 7's UAC vulnerabilities were discovered, and then suddenly it wasn't about security anymore. We've had this discussion before. There's a lot of bull about UAC and Windows security in general, let's not add to it with this "when we called it security we actually meant not security at all" stuff.

  • User profile image
    AndyC

    Larry Osterman said:
    Ray7 said:
    *snip*

    ***DING*** ***DING***  Give the man a ceegar.

    UAC has never been a security feature.  Microsoft has NEVER claimed that UAC was a security feature.  It's a convenience feature that acts as a forcing function to convince software developers to get their act together. 

    And if you don't like the default settings, you can make a trivial change to increase your prompting level back to where it was in Vista and all these "exploits" go away.

    The ONLY secure scenario is to run as a standard user (with no admin privileges) and use fast user switching to switch to an admin account when you need to make configuration changes to the machine.  But most users won't put up with that level of security.  Heck, look at how much people complained about the UAC prompts.  Imagine how annoyed they'd be if MSFT forced them to log into another account to change their system configuration.

     

     

    Larry Osterman said:
    that acts as a forcing function to convince software developers to get their act together.

    Except now it doesn't. We're back to the bad old days where the path of least resistance is to assume users have Administrator rights. Sure you have to hack around UAC, but that's relatively trivial compared to properly architecting your application. Sure, your app will then break horrendously if someone runs as a Standard User or changes the default settings, but that's their own fault right? Nobody bothered worrying about that with XP, so why should they with 7?

    And the amazingly dumb thing is that all Microsoft have to do is follow their own guidelines[1] and change the default UAC setting to the highest level. They can leave the slider in place, they can even leave the dubious "Microsoft signed code elevates silently" as long as it isn't the default behaviour and we'll all be a lot better off for it.

    Sure UAC has never been a security boundary and shouldn't be thought of as one, but it is still a security feature (it even appears under the Security options in Action Center FFS!) so it ought to be set at the most restrictive level by default. That's what Trustworthy Computing was supposed to be all about and it's disturbing to see that thrown out of the window so quickly in response to a minority of whingers who are going to make noise whatever you do.

    I really hope the voice of reason hits home at the eleventh hour, I honestly do. I don't think it'll happen though and that's bad for everyone. Windows 7 will ship with a dumb UAC default and nothing seems likely to change that now.

    [1] The Trustworthy Computing Security Development Lifecycle

  • User profile image
    WithinRafael

    Larry Osterman said:
    Ray7 said:
    *snip*

    ***DING*** ***DING***  Give the man a ceegar.

    UAC has never been a security feature.  Microsoft has NEVER claimed that UAC was a security feature.  It's a convenience feature that acts as a forcing function to convince software developers to get their act together. 

    And if you don't like the default settings, you can make a trivial change to increase your prompting level back to where it was in Vista and all these "exploits" go away.

    The ONLY secure scenario is to run as a standard user (with no admin privileges) and use fast user switching to switch to an admin account when you need to make configuration changes to the machine.  But most users won't put up with that level of security.  Heck, look at how much people complained about the UAC prompts.  Imagine how annoyed they'd be if MSFT forced them to log into another account to change their system configuration.

     

     

    Yeah, okay Larry. UAC is marketed as a security feature on various Microsoft sites. The fact that no one really knows what UAC is anymore is your problem, not ours. There's a lack of consistency across the board and you guys should be embarassed.

  • User profile image
    Charles

    From Jon DeVaan (source = E7 blog):

    One important thing to know is that UAC is not a security boundary. UAC helps people be more secure, but it is not a cure all. UAC helps most by being the prompt before software is installed. This part of UAC is in full force when the “Notify me only when…” setting is used. UAC also prompts for other system wide changes that require administrator privileges which, considered in the abstract, would seem to be an effective counter-measure to malware after it is running, but the practical experience is that its effect is limited. For example, clever malware will avoid operations that require elevation. There are other human behavior factors which were discussed in our earlier blog posts (post #1 and post #2).

    UAC also helps software developers improve their programs to run without requiring administrator privileges. The most effective way to secure a system against malware is to run with standard user privileges. As more software works well without administrator privileges, more people will run as standard user. We expect that anyone responsible for a set of Windows 7 machines (such as IT Administrators or the family helpdesk worker (like me!)) will administer them to use standard user accounts. The recent feedback has noted explicitly that running as standard user works well. Administrators also have Group Policy at their disposal to enforce the UAC setting to “Always Notify” if they choose to manage their machines with administrator accounts instead of standard user accounts.

     

    C

  • User profile image
    Cannot​Resolve​Symbol

    Larry Osterman said:
    Ray7 said:
    *snip*

    ***DING*** ***DING***  Give the man a ceegar.

    UAC has never been a security feature.  Microsoft has NEVER claimed that UAC was a security feature.  It's a convenience feature that acts as a forcing function to convince software developers to get their act together. 

    And if you don't like the default settings, you can make a trivial change to increase your prompting level back to where it was in Vista and all these "exploits" go away.

    The ONLY secure scenario is to run as a standard user (with no admin privileges) and use fast user switching to switch to an admin account when you need to make configuration changes to the machine.  But most users won't put up with that level of security.  Heck, look at how much people complained about the UAC prompts.  Imagine how annoyed they'd be if MSFT forced them to log into another account to change their system configuration.

     

     

    If UAC is not a security feature, you need to let the people writing about it on Technet know (because, last time I checked, Technet was the definitive source for technical information about Windows):

    http://technet.microsoft.com/en-us/library/cc709691.aspx

    Technet said:
    User Account Control (UAC) is a new security component in Windows Vista. UAC enables users to perform common tasks as non-administrators, called standard users in Windows Vista, and as administrators without having to switch users, log off, or use Run As. A standard user account is synonymous with a user account in Windows XP. User accounts that are members of the local Administrators group will run most applications as a standard user. By separating user and administrator functions while enabling productivity, UAC is an important enhancement for Windows Vista.

    [...]

    To help prevent malicious software from silently installing and causing computer-wide infection, Microsoft developed the UAC feature.
    Unlike previous versions of Windows, when an administrator logs on to a computer running Windows Vista, the user’s full administrator access token is split into two access tokens: a full administrator access token and a standard user access token. During the logon process, authorization and access control components that identify an administrator are removed, resulting in a standard user access token. The standard user access token is then used to start the desktop, the Explorer.exe process. Because all applications inherit their access control data from the initial launch of the desktop, they all run as a standard user as well.

  • User profile image
    vesuvius

    Uxtheme Rafael said:
    Larry Osterman said:
    *snip*

    Yeah, okay Larry. UAC is marketed as a security feature on various Microsoft sites. The fact that no one really knows what UAC is anymore is your problem, not ours. There's a lack of consistency across the board and you guys should be embarassed.

    Everyone that has responded in this thread thus far ought to know what UAC is and does by now. This has been debated on countless occasions.

    Yes they got the messaging to us wrong, I blame marketing and over zealous security PM's.

    The fact of the matter is that most computers needs an expert to maintain them, that is fine if you are a developer or computer enthusiast, but a general user finds it difficult. Foisting this upon billions of users is not commercially adriot - look at XP!

     If you were in charge of a multi-billion product, and one of the chief complaints was security prompts what would you do? Obviously that complainant is a fool, but it is better to sell the product (like XP sold in droves), and leave that individual under the control of AV companies. It is less complicated that way, and you have less complaints - far less by the way.

    If users get a virus or their security is compromised, Microsoft's response will be elevate UAC, you complained when we had it high, now see what happened.

    This is an economical descicion, and totally, wholly incontrovertibly the correct one!

     

  • User profile image
    AndyC

    vesuvius said:
    Uxtheme Rafael said:
    *snip*

    Everyone that has responded in this thread thus far ought to know what UAC is and does by now. This has been debated on countless occasions.

    Yes they got the messaging to us wrong, I blame marketing and over zealous security PM's.

    The fact of the matter is that most computers needs an expert to maintain them, that is fine if you are a developer or computer enthusiast, but a general user finds it difficult. Foisting this upon billions of users is not commercially adriot - look at XP!

     If you were in charge of a multi-billion product, and one of the chief complaints was security prompts what would you do? Obviously that complainant is a fool, but it is better to sell the product (like XP sold in droves), and leave that individual under the control of AV companies. It is less complicated that way, and you have less complaints - far less by the way.

    If users get a virus or their security is compromised, Microsoft's response will be elevate UAC, you complained when we had it high, now see what happened.

    This is an economical descicion, and totally, wholly incontrovertibly the correct one!

     

    vesuvius said:
    this is an economical descicion, and totally, wholly incontrovertibly the correct one!

    It's undoubtedly a marketing decision, but even then I don't think it's the right one. UAC got complaints because it was seen as annoying AND switching it off (the only choice exposed in the UI) caused Windows to nag you to switch it back on. Having the default remain as Vista but providing the UI to tone it down, if you wanted to, would have kept the security without making individuals feel they didn't have control over there computer any more.

  • User profile image
    WithinRafael

    vesuvius said:
    Uxtheme Rafael said:
    *snip*

    Everyone that has responded in this thread thus far ought to know what UAC is and does by now. This has been debated on countless occasions.

    Yes they got the messaging to us wrong, I blame marketing and over zealous security PM's.

    The fact of the matter is that most computers needs an expert to maintain them, that is fine if you are a developer or computer enthusiast, but a general user finds it difficult. Foisting this upon billions of users is not commercially adriot - look at XP!

     If you were in charge of a multi-billion product, and one of the chief complaints was security prompts what would you do? Obviously that complainant is a fool, but it is better to sell the product (like XP sold in droves), and leave that individual under the control of AV companies. It is less complicated that way, and you have less complaints - far less by the way.

    If users get a virus or their security is compromised, Microsoft's response will be elevate UAC, you complained when we had it high, now see what happened.

    This is an economical descicion, and totally, wholly incontrovertibly the correct one!

     

    Everyone that has responded in this thread thus far ought to know what UAC is and does by now. This has been debated on countless occasions.

    I ought to know what? Who's right here? As previous posters have clearly mentioned, there is not one de facto standard definition on UAC. Am I to take your definition? Technet's? Mark's? Windows Help? MSDN?

    Microsoft marketed it as a security feature, which means the general consensus amongst consumers -- you know, whom Windows is built for -- is that it's a security feature. Period. These other bloggers can claim otherwise, but it's too late. Their focus should now be huddling up internally to figure out how, in Windows 8, they'll present UAC as merely the "convienence feature" it was originally designed to be.

     

    EDITS: Purely for display purposes.

     

  • User profile image
    blowdart

    Uxtheme Rafael said:
    vesuvius said:
    *snip*

    I ought to know what? Who's right here? As previous posters have clearly mentioned, there is not one de facto standard definition on UAC. Am I to take your definition? Technet's? Mark's? Windows Help? MSDN?

    Microsoft marketed it as a security feature, which means the general consensus amongst consumers -- you know, whom Windows is built for -- is that it's a security feature. Period. These other bloggers can claim otherwise, but it's too late. Their focus should now be huddling up internally to figure out how, in Windows 8, they'll present UAC as merely the "convienence feature" it was originally designed to be.

     

    EDITS: Purely for display purposes.

     

    Well to be fair WinFS was marketed as the next generation file system, so it's not like MS hasn't changed its mind before

  • User profile image
    vesuvius

    Uxtheme Rafael said:
    vesuvius said:
    *snip*

    I ought to know what? Who's right here? As previous posters have clearly mentioned, there is not one de facto standard definition on UAC. Am I to take your definition? Technet's? Mark's? Windows Help? MSDN?

    Microsoft marketed it as a security feature, which means the general consensus amongst consumers -- you know, whom Windows is built for -- is that it's a security feature. Period. These other bloggers can claim otherwise, but it's too late. Their focus should now be huddling up internally to figure out how, in Windows 8, they'll present UAC as merely the "convienence feature" it was originally designed to be.

     

    EDITS: Purely for display purposes.

     

    Your average user couldn't care less that Microsoft got it's UAC knickers-in-a-twist. If you work in a software environment, one of the prime areas of concern are complaints. If people are complaining a lot about UAC (its a case of the lowset common denominator here), then you placate them.

     That is a prime function and responsibility as a software vendor. There are far more general users than Windows developers and enthusiasts like you. Think of it as having to listen to you local commercial radio station. If they play NIN or even the Beatles nowadays, people will say it's not Katie Perry.

    That is this thread in a nutshell!

    Rather than complain, teach people to elevate their UAC, and that is is good for them. This descicion will not ruin Windows Se7en, as XP and running as admin ostensibly demonstrates.

  • User profile image
    Bas

    blowdart said:
    Uxtheme Rafael said:
    *snip*

    Well to be fair WinFS was marketed as the next generation file system, so it's not like MS hasn't changed its mind before

    True, but I'd appreciate it if they didn't pretend that they never really presented it as a security feature.

  • User profile image
    intelman

    Charles said:

    From Jon DeVaan (source = E7 blog):

    One important thing to know is that UAC is not a security boundary. UAC helps people be more secure, but it is not a cure all. UAC helps most by being the prompt before software is installed. This part of UAC is in full force when the “Notify me only when…” setting is used. UAC also prompts for other system wide changes that require administrator privileges which, considered in the abstract, would seem to be an effective counter-measure to malware after it is running, but the practical experience is that its effect is limited. For example, clever malware will avoid operations that require elevation. There are other human behavior factors which were discussed in our earlier blog posts (post #1 and post #2).

    UAC also helps software developers improve their programs to run without requiring administrator privileges. The most effective way to secure a system against malware is to run with standard user privileges. As more software works well without administrator privileges, more people will run as standard user. We expect that anyone responsible for a set of Windows 7 machines (such as IT Administrators or the family helpdesk worker (like me!)) will administer them to use standard user accounts. The recent feedback has noted explicitly that running as standard user works well. Administrators also have Group Policy at their disposal to enforce the UAC setting to “Always Notify” if they choose to manage their machines with administrator accounts instead of standard user accounts.

     

    C

    I say again, from the UAC Blog.

    http://blogs.msdn.com/uac/

    User Account Control (UAC) is a core security feature..

  • User profile image
    wastingtime​withforums

    vesuvius said:
    Uxtheme Rafael said:
    *snip*

    Everyone that has responded in this thread thus far ought to know what UAC is and does by now. This has been debated on countless occasions.

    Yes they got the messaging to us wrong, I blame marketing and over zealous security PM's.

    The fact of the matter is that most computers needs an expert to maintain them, that is fine if you are a developer or computer enthusiast, but a general user finds it difficult. Foisting this upon billions of users is not commercially adriot - look at XP!

     If you were in charge of a multi-billion product, and one of the chief complaints was security prompts what would you do? Obviously that complainant is a fool, but it is better to sell the product (like XP sold in droves), and leave that individual under the control of AV companies. It is less complicated that way, and you have less complaints - far less by the way.

    If users get a virus or their security is compromised, Microsoft's response will be elevate UAC, you complained when we had it high, now see what happened.

    This is an economical descicion, and totally, wholly incontrovertibly the correct one!

     

    "XP sold in droves"

    -------------

    Not that much.

    Google stats from 2003:


    http://web.archive.org/web/20030401082712/http://www.google.com/press/zeitgeist.html">http://www.google.com/press/zeitgeist.html">http://web.archive.org/web/20030401082712/http://www.google.com/press/zeitgeist.html

    Windows 98 - 36%
    Windows XP - 28%
    Windows 2000 - 21%

    XP became dominant only in 2004 or so.  Three years after release. What made XP such a success is the fact that it had more than five years to spread. No other windows had that long no successor.

    Vista has now 24.35% market share:

    http://marketshare.hitslink.com/operating-system-market-share.aspx?qprid=10

    After around two and half years of market availability (since january 2007) that's not that bad, considering how entrenched XP is, and the negative image that Vista has. The reason Microsoft destroyed UAC is because of the whiney blogosphere, and the statistics show me, that the blogosphere has much less influence on the market than they think they have.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.