Is MS being pressured to retract the UAC feature from the next ver

[Guest SPEnthusiast]

Please take a look at this:

http://www.tmcnet.com/usubmit/2008/07/11/3541592.htm

 

Numerous articles like this have appeared on the Web about businesses and

government organizations not wanting to deploy Vista in their environments.

The one above is about the FAA not wanting to do so, and I read one article

recently about Intel not wanting to deploy Vista either.

 

It has become common knowledge that security features like UAC and Windows

Defender in Vista have put a lot of thieves out of business. Obviously these

people have a lot of influence, if they can convince the FAA, Intel, etc.

that Vista is bad for their employees.

 

And now the consensus that they want to reach that they'll keep XP and keep

ripping people off until Windows 7 is released.

 

So, here's my question: Is Microsoft being pressured to retract features

like UAC and Windows Defender from Windows 7? And will Microsoft cave in?

 

Thanks.

[Guest Carey Frisch [MVP]]

You are asking a question relating to a future Windows operating system

that no one in this peer-to-peer newsgroup can answer. Try

back in about a year or so. In the meantime, here is some information

you can read and digress:

 

Inside Windows Vista User Account Control

http://technet.microsoft.com/en-us/magazine/cc138019.aspx

 

Understanding and Configuring User Account Control in Windows Vista

http://technet2.microsoft.com/WindowsVista...18c2811033.mspx

 

User Account Control

http://technet.microsoft.com/en-us/windows...a/aa905113.aspx

 

 

--

Carey Frisch

Microsoft MVP

Windows Desktop Experience -

Windows Vista Enthusiast

 

---------------------------------------------------------------

 

"SPEnthusiast" <SPEnthusiast@discussions.microsoft.com> wrote in message news:0D25230A-2D50-41FC-8FA1-E2421C83CE8D@microsoft.com...

Please take a look at this:

http://www.tmcnet.com/usubmit/2008/07/11/3541592.htm

 

Numerous articles like this have appeared on the Web about businesses and

government organizations not wanting to deploy Vista in their environments.

The one above is about the FAA not wanting to do so, and I read one article

recently about Intel not wanting to deploy Vista either.

 

It has become common knowledge that security features like UAC and Windows

Defender in Vista have put a lot of thieves out of business. Obviously these

people have a lot of influence, if they can convince the FAA, Intel, etc.

that Vista is bad for their employees.

 

And now the consensus that they want to reach that they'll keep XP and keep

ripping people off until Windows 7 is released.

 

So, here's my question: Is Microsoft being pressured to retract features

like UAC and Windows Defender from Windows 7? And will Microsoft cave in?

 

Thanks.

[Guest Nonny]

On Fri, 11 Jul 2008 08:10:00 -0700, SPEnthusiast

<SPEnthusiast@discussions.microsoft.com> wrote:

<span style="color:blue">

>So, here's my question: Is Microsoft being pressured to retract features

>like UAC and Windows Defender from Windows 7? And will Microsoft cave in?</span>

 

Your guess is as good as anyone's here. We're all just commun Vista

users and don't work for MS.

[Guest Pete Delgado]

"SPEnthusiast" <SPEnthusiast@discussions.microsoft.com> wrote in message

news:0D25230A-2D50-41FC-8FA1-E2421C83CE8D@microsoft.com...<span style="color:blue">

> Please take a look at this:

> http://www.tmcnet.com/usubmit/2008/07/11/3541592.htm

>

> Numerous articles like this have appeared on the Web about businesses and

> government organizations not wanting to deploy Vista in their

> environments.

> The one above is about the FAA not wanting to do so, and I read one

> article

> recently about Intel not wanting to deploy Vista either.</span>

 

The reasons many govenrment institutions and businesses don't want to

upgrade are many and they don't all center around UAC.

 

For some, hardware budgets and training come into play. For others, legacy

applications that are critical to the business are the concern. For some,

waiting for Windows Server 2008 and all the related technologies so that all

the interrelated technologies can be implemented and configured is the

reason. Finally, for some the sage advice "if it ain't broke, don't fix it"

is at play.

 

To state that UAC is the reason many have not upgraded is an

oversimplification and completely ignores the history of such major

upgrades.

 

-Pete

[Guest Fmjc001]

I hope they keep the UAC. It means you can feel safe on your computer.

 

 

--

Fmjc001

 

:: Regards, ::

:: Fmjc001 ::

[Guest SPEnthusiast]

Re: Is MS being pressured to retract the UAC feature from the next

 

I don't think a company like Intel is restrained by any kind of budget that

would not allow an OS upgrade across the enterprise.

 

These "legacy applications that are crtical to the business" that you've

mentioned are engineered to spy on people and rob them, which is why these

businesses and government organizations can't deploy Vista. UAC would break

those apps.

 

I'm using Vista with Windows Server 2003 as my domain controller, and

everything works fine. I'll soon deploy Windows Server 2008, but it's no

excuse to not deploy Vista.

 

Like I said, Vista exposes a lot of thieves.

 

 

"Pete Delgado" wrote:

<span style="color:blue">

>

> "SPEnthusiast" <SPEnthusiast@discussions.microsoft.com> wrote in message

> news:0D25230A-2D50-41FC-8FA1-E2421C83CE8D@microsoft.com...<span style="color:green">

> > Please take a look at this:

> > http://www.tmcnet.com/usubmit/2008/07/11/3541592.htm

> >

> > Numerous articles like this have appeared on the Web about businesses and

> > government organizations not wanting to deploy Vista in their

> > environments.

> > The one above is about the FAA not wanting to do so, and I read one

> > article

> > recently about Intel not wanting to deploy Vista either.</span>

>

> The reasons many govenrment institutions and businesses don't want to

> upgrade are many and they don't all center around UAC.

>

> For some, hardware budgets and training come into play. For others, legacy

> applications that are critical to the business are the concern. For some,

> waiting for Windows Server 2008 and all the related technologies so that all

> the interrelated technologies can be implemented and configured is the

> reason. Finally, for some the sage advice "if it ain't broke, don't fix it"

> is at play.

>

> To state that UAC is the reason many have not upgraded is an

> oversimplification and completely ignores the history of such major

> upgrades.

>

> -Pete

>

>

> </span>

[Guest John Amendall]

On Fri, 11 Jul 2008 12:31:32 -0500, Fmjc001 <guest@unknown-email.com>

wrote:

<span style="color:blue">

>I hope they keep the UAC. It means you can feel safe on your computer.</span>

 

I turned it completely off. I feel safe AND I don't get all those

damned popup screens every time I try to do something more complicated

than surf the web or do email.

[Guest Charlie Tame]

Re: Is MS being pressured to retract the UAC feature from the next

 

SPEnthusiast wrote:<span style="color:blue">

> I don't think a company like Intel is restrained by any kind of budget that

> would not allow an OS upgrade across the enterprise.

>

> These "legacy applications that are crtical to the business" that you've

> mentioned are engineered to spy on people and rob them, which is why these

> businesses and government organizations can't deploy Vista. UAC would break

> those apps.

>

> I'm using Vista with Windows Server 2003 as my domain controller, and

> everything works fine. I'll soon deploy Windows Server 2008, but it's no

> excuse to not deploy Vista.

>

> Like I said, Vista exposes a lot of thieves.

> </span>

 

 

How the hell does UAC expose thieves?

[Guest Charlie Tame]

Re: Is MS being pressured to retract the UAC feature from the nextver

 

Fmjc001 wrote:<span style="color:blue">

> I hope they keep the UAC. It means you can feel safe on your computer.

>

> </span>

 

 

But you're not safe, you are no safer than you were before, there is

nothing new about UAC, it just used to be called common sense.

 

If you answer yes to everything UAC has done nothing, you are infected.

Very similar safeguards were possible with XP, almost nobody used them.

 

So all it has done is make you "Feel" safe, and if that is what it takes

you make you feel safe you likely never will be.

[Guest Beoweolf]

Re: Is MS being pressured to retract the UAC feature from the next

 

It's a common misunderstanding - what you don't see can't hurt you. Similar

to an outdated image of an Ostrich with his head in the sand, thinking if he

can't see you - you can see him.

 

Vista UAC, security exposes many of the "hidden" (surreptitious) uses/users

of administrator level rights and/or attempts to access network resources.

As mention, if you know what you are doing, if you take the time to

study/research/learn your system and most importantly - if you care...you

can be just as "safe" using XP. What Vista does is makes secure, the default

option. This is in line with any Security professional training, not to

mention common sense.

 

The average user, those that have enjoyed the benefits of blissful

ignorance, have also enjoyed the ability to blame the Evil Empire for

leaving so many holes in Microsoft Clients and servers. Generally speaking,

the absence if page upon page of complaints about Microsoft security have

come at the expense of numbers of users, companies and Govt's now

complaining that Vista is somehow flawed as a result of it being built to

insist on security, from installation thru production use.

 

Thou dost protest too much? There obviously is a learning curve, for

hardware vendors - who chose to ignore years of warning, reams of documents

explaining how this OS would not allow "shortcuts" which expose the Kernel

to compromises. Software vendors and users were and are painfully made aware

of the same issue Business as usual - Ain't no more.

 

Take the time (better use, just use pre-configured policy and templates) to

configure your system (do yourself a favor - give those 8, 16 and off brand

32 bit cards a fitting funeral, they earned it); yes, become the informed

user who has complained about security for so long - now that it is here ...

whining about "It's too good" just doesn't make sense.

 

 

"Charlie Tame" <charlie@tames.net> wrote in message

news:err97W64IHA.1420@TK2MSFTNGP06.phx.gbl...<span style="color:blue">

> SPEnthusiast wrote:<span style="color:green">

>> I don't think a company like Intel is restrained by any kind of budget

>> that would not allow an OS upgrade across the enterprise.

>>

>> These "legacy applications that are crtical to the business" that you've

>> mentioned are engineered to spy on people and rob them, which is why

>> these businesses and government organizations can't deploy Vista. UAC

>> would break those apps.

>>

>> I'm using Vista with Windows Server 2003 as my domain controller, and

>> everything works fine. I'll soon deploy Windows Server 2008, but it's no

>> excuse to not deploy Vista.

>>

>> Like I said, Vista exposes a lot of thieves.

>></span>

>

>

> How the hell does UAC expose thieves? </span>

[Guest f/fgeorge]

On Fri, 11 Jul 2008 17:35:09 -0500, Charlie Tame <charlie@tames.net>

wrote:

<span style="color:blue">

>Fmjc001 wrote:<span style="color:green">

>> I hope they keep the UAC. It means you can feel safe on your computer.

>>

>> </span>

>

>

>But you're not safe, you are no safer than you were before, there is

>nothing new about UAC, it just used to be called common sense.

>

>If you answer yes to everything UAC has done nothing, you are infected.

>Very similar safeguards were possible with XP, almost nobody used them.

>

>So all it has done is make you "Feel" safe, and if that is what it takes

>you make you feel safe you likely never will be.</span>

 

It has also started to create an awareness by the causual user to some

of the things that spyware, etc can do to our machines that in the

past we have had no clue about. NO it is NOT going to stop an

infection! BUT hopefully it is a first step in getting users to stop

being Admins on their pc's and to just be Users like on the Mac's.

Sure Mac's have viruses etc, but they are not a problem because they

can't self install because the indivual is logged on as a User not an

Admin by default. Sure the User can say yes and the viruses will

install, but for some reason people don't do that. Education by MS

would solve alot of the problems they are seeing!

[Guest Fmjc001]

Charlie Tame;773818 Wrote: <span style="color:blue">

> Fmjc001 wrote:> > > <span style="color:green"><span style="color:darkred">

> > > I hope they keep the UAC. It means you can feel safe on your</span>

> > computer.<span style="color:darkred">

> > >

> > > > > </span></span>

>

>

> But you're not safe, you are no safer than you were before, there is

> nothing new about UAC, it just used to be called common sense.

>

> If you answer yes to everything UAC has done nothing, you are

> infected.

> Very similar safeguards were possible with XP, almost nobody used

> them.

>

> So all it has done is make you "Feel" safe, and if that is what it

> takes

> you make you feel safe you likely never will be.</span>

 

I have it prompting for my password, so even if someone killed me

before i locked my computer they still cant do anything without the

password. Full drive encryption (256-AES), 3 firewalls. Only one on but

have 2 backups just in case. Have 2 AV one on realtime other is for

backup. Network Intrusion Detection, fingerprint USB and Local Security

Policy is set to disable any sort of security flaw that i can see. GP

disabling USB drives and CD drives for standard users and to top it all

off if you click one of my Icons that i made it will do an emergency

force shutdown. For eg, Registry or Local Security Policy have been

renamed and if you click on something saying "Regedit" You get a

"shutdown /s /f /t 1" command. Then you need my encryption codes. Oh i

have memory firewalls and Auto backup sync that updates every 5 hours.

 

Thats why i feel safe style_emoticons/. But the thing is, I dont have any sensitive

data on my computer lol. But, i feel like i could keep CIA secrets for

them style_emoticons/

 

 

--

Fmjc001

 

:: Regards, ::

:: Fmjc001 ::

[Guest Charlie Tame]

Re: Is MS being pressured to retract the UAC feature from the nextver

 

f/fgeorge wrote:<span style="color:blue">

> On Fri, 11 Jul 2008 17:35:09 -0500, Charlie Tame <charlie@tames.net>

> wrote:

> <span style="color:green">

>> Fmjc001 wrote:<span style="color:darkred">

>>> I hope they keep the UAC. It means you can feel safe on your computer.

>>>

>>></span>

>>

>> But you're not safe, you are no safer than you were before, there is

>> nothing new about UAC, it just used to be called common sense.

>>

>> If you answer yes to everything UAC has done nothing, you are infected.

>> Very similar safeguards were possible with XP, almost nobody used them.

>>

>> So all it has done is make you "Feel" safe, and if that is what it takes

>> you make you feel safe you likely never will be.</span>

>

> It has also started to create an awareness by the causual user to some

> of the things that spyware, etc can do to our machines that in the

> past we have had no clue about. NO it is NOT going to stop an

> infection! BUT hopefully it is a first step in getting users to stop

> being Admins on their pc's and to just be Users like on the Mac's.

> Sure Mac's have viruses etc, but they are not a problem because they

> can't self install because the indivual is logged on as a User not an

> Admin by default. Sure the User can say yes and the viruses will

> install, but for some reason people don't do that. Education by MS

> would solve alot of the problems they are seeing!</span>

 

 

Yes one hopes so, however things like Activex could always be

restricted, the default settings did not do so. This is rather like the

"Read in plain text" option that was finally added to OE. IS is not

terribly insecure, the default settings were far less secure. I agree

there is something to be said for forcing people to at least take notice

of things, but one should not advertise this as anything other than

awareness, it is not per-se a security enhancement.

[Guest Charlie Tame]

Re: Is MS being pressured to retract the UAC feature from the nextver

 

Fmjc001 wrote:<span style="color:blue">

> Charlie Tame;773818 Wrote: <span style="color:green">

>> Fmjc001 wrote:> > > <span style="color:darkred">

>>>> I hope they keep the UAC. It means you can feel safe on your

>>> computer.</span>

>>

>> But you're not safe, you are no safer than you were before, there is

>> nothing new about UAC, it just used to be called common sense.

>>

>> If you answer yes to everything UAC has done nothing, you are

>> infected.

>> Very similar safeguards were possible with XP, almost nobody used

>> them.

>>

>> So all it has done is make you "Feel" safe, and if that is what it

>> takes

>> you make you feel safe you likely never will be.</span>

>

> I have it prompting for my password, so even if someone killed me

> before i locked my computer they still cant do anything without the

> password. Full drive encryption (256-AES), 3 firewalls. Only one on but

> have 2 backups just in case. Have 2 AV one on realtime other is for

> backup. Network Intrusion Detection, fingerprint USB and Local Security

> Policy is set to disable any sort of security flaw that i can see. GP

> disabling USB drives and CD drives for standard users and to top it all

> off if you click one of my Icons that i made it will do an emergency

> force shutdown. For eg, Registry or Local Security Policy have been

> renamed and if you click on something saying "Regedit" You get a

> "shutdown /s /f /t 1" command. Then you need my encryption codes. Oh i

> have memory firewalls and Auto backup sync that updates every 5 hours.

>

> Thats why i feel safe style_emoticons/. But the thing is, I dont have any sensitive

> data on my computer lol. But, i feel like i could keep CIA secrets for

> them style_emoticons/

>

> </span>

 

Well that's okay, however UAC is helpless if you do something stupid,

the publicity seems to suggest that UAC keeps you safe, rather it helps

you to remain safe "Provided" that you have common sense. Unfortunately,

present company excepted, the less knowledgeable still get caught.

 

Also, I am suspicious of IE "Add ons". Many crippled PCs I see are

running toolbars and crap that the users "Don't remember installing or

don't remember why they installed it". When MS have to make some update

to IE it is not reasonable to expect MS to consider whether this will

affect some add on that was not written by them. Nor can the toolbar

writers anticipate what vulnerabilities MS will have to act quickly to

respond to.

 

All of these things can result in broken systems and sometimes I think

it would be much better if everything shipped locked down and users had

to read a full explanation of the risks before unlocking "Windows".

[Guest Tom Allen]

"Fmjc001" <guest@unknown-email.com> wrote in message

news:e3026f3496ec7c2c453480c47456a588@nntp-gateway.com...<span style="color:blue">

>

>

> . . . 3 firewalls. Only one on but

> have 2 backups just in case. Have 2 AV one on realtime other is for

> backup. >

> . . .

> --

> Fmjc001</span>

 

I'm puzzled by your term 'backup' here. Are they just alternatives or is

it something more subtle ?

When would you go to the backup of each ?

I also tend toward belt plus braces myself.

 

Regards

Tom

[Guest Charlie Tame]

Re: Is MS being pressured to retract the UAC feature from the next

 

My question was how does UAC expose thieves? I see no answer to how it

exposes thieves.

 

Numerous people are fooled into downloading and installing malware that

masquerades as security software. They "Think" Vista is more secure, but

in those circumstances it is not. UAC asks are they sure, of course they

are, it is an anti spyware / anti virus program - the website / spam

email told them so.

 

So UAC is NOT a security feature, it is simply an advisory feature, as

were the IE settings before it. For many it is a false sense of

security, because even if the software is malware UAC will still permit

it's installation if told to. Many expect it to "Know", just as they

expect Norton (or whatever) to "Know".

 

That does not say there is anything wrong with UAC, only that there is a

lot wrong with the perception people are given that "Somehow" they are

safer.

 

 

 

 

 

Beoweolf wrote:<span style="color:blue">

> It's a common misunderstanding - what you don't see can't hurt you.

> Similar to an outdated image of an Ostrich with his head in the sand,

> thinking if he can't see you - you can see him.

>

> Vista UAC, security exposes many of the "hidden" (surreptitious)

> uses/users of administrator level rights and/or attempts to access

> network resources. As mention, if you know what you are doing, if you

> take the time to study/research/learn your system and most importantly -

> if you care...you can be just as "safe" using XP. What Vista does is

> makes secure, the default option. This is in line with any Security

> professional training, not to mention common sense.

>

> The average user, those that have enjoyed the benefits of blissful

> ignorance, have also enjoyed the ability to blame the Evil Empire for

> leaving so many holes in Microsoft Clients and servers. Generally

> speaking, the absence if page upon page of complaints about Microsoft

> security have come at the expense of numbers of users, companies and

> Govt's now complaining that Vista is somehow flawed as a result of it

> being built to insist on security, from installation thru production use.

>

> Thou dost protest too much? There obviously is a learning curve, for

> hardware vendors - who chose to ignore years of warning, reams of

> documents explaining how this OS would not allow "shortcuts" which

> expose the Kernel to compromises. Software vendors and users were and

> are painfully made aware of the same issue Business as usual - Ain't no

> more.

>

> Take the time (better use, just use pre-configured policy and templates)

> to configure your system (do yourself a favor - give those 8, 16 and off

> brand 32 bit cards a fitting funeral, they earned it); yes, become the

> informed user who has complained about security for so long - now that

> it is here ... whining about "It's too good" just doesn't make sense.

>

>

> "Charlie Tame" <charlie@tames.net> wrote in message

> news:err97W64IHA.1420@TK2MSFTNGP06.phx.gbl...<span style="color:green">

>> SPEnthusiast wrote:<span style="color:darkred">

>>> I don't think a company like Intel is restrained by any kind of

>>> budget that would not allow an OS upgrade across the enterprise.

>>>

>>> These "legacy applications that are crtical to the business" that

>>> you've mentioned are engineered to spy on people and rob them, which

>>> is why these businesses and government organizations can't deploy

>>> Vista. UAC would break those apps.

>>>

>>> I'm using Vista with Windows Server 2003 as my domain controller, and

>>> everything works fine. I'll soon deploy Windows Server 2008, but it's

>>> no excuse to not deploy Vista.

>>>

>>> Like I said, Vista exposes a lot of thieves.

>>></span>

>>

>>

>> How the hell does UAC expose thieves? </span>

> </span>

[Guest FromTheRafters]

"SPEnthusiast" <SPEnthusiast@discussions.microsoft.com> wrote in message

news:0D25230A-2D50-41FC-8FA1-E2421C83CE8D@microsoft.com...<span style="color:blue">

> Please take a look at this:

> http://www.tmcnet.com/usubmit/2008/07/11/3541592.htm

>

> Numerous articles like this have appeared on the Web about businesses and

> government organizations not wanting to deploy Vista in their

> environments.

> The one above is about the FAA not wanting to do so, and I read one

> article

> recently about Intel not wanting to deploy Vista either.</span>

 

That doesn't mean it is a UAC related reason, many companies still run

Windows 2000 (if it ain't broke - don't fix it).

<span style="color:blue">

> It has become common knowledge that security features like UAC and Windows

> Defender in Vista have put a lot of thieves out of business.</span>

 

I doubt that very much. Actually, IE7 has made great strides in curtailing

foistware.

<span style="color:blue">

> Obviously these

> people have a lot of influence, if they can convince the FAA, Intel, etc.

> that Vista is bad for their employees.</span>

 

You jump to conclusions. There is no evidence that they have influenced

anybody. Some companies still have to have support in the OS for legacy

(or badly written) programs. XP was gracious enough to still allow these

badly written programs to run - Vista is just a little more insistant that

the

programs adhere to "least privilege" guidelines.

<span style="color:blue">

> And now the consensus that they want to reach that they'll keep XP and

> keep

> ripping people off until Windows 7 is released.</span>

 

No doubt while they're standing on a grassy knoll...

<span style="color:blue">

> So, here's my question: Is Microsoft being pressured to retract features

> like UAC and Windows Defender from Windows 7? And will Microsoft cave in?</span>

 

I don't think that is at all likely.

[Guest FromTheRafters]

Someone close to me had just purchased a new laptop, she said she

purposefully requested XP rather than Vista because of all the talk

about UAC - she opted for an easier OS.

 

Later, she broke the LCD (involving a thumb-drive and a rather large

housecat) gave it to me and purchased a new one for herself (XP again).

 

It turns out that she had it set to autologon as full administrator rights

user (no password) and she had saved an online chat log to her desktop

with most of her personal information and last four digits of her account

number - as a record of the purchase.

 

Vista makes it harder to be so idiotic - but as you have learned, it is not

impossible.

 

"John Amendall" <jamend@spaceout.com> wrote in message

news:v9af74pk7cj62of9f782ljn0hdp4uv0goo@4ax.com...<span style="color:blue">

> On Fri, 11 Jul 2008 12:31:32 -0500, Fmjc001 <guest@unknown-email.com>

> wrote:

><span style="color:green">

>>I hope they keep the UAC. It means you can feel safe on your computer.</span>

>

> I turned it completely off. I feel safe AND I don't get all those

> damned popup screens every time I try to do something more complicated

> than surf the web or do email. </span>

[Guest Kerry Brown]

Re: Is MS being pressured to retract the UAC feature from the next

 

"Charlie Tame" <charlie@tames.net> wrote in message

news:OYbbM0F5IHA.1192@TK2MSFTNGP05.phx.gbl...

<span style="color:blue">

>

> So UAC is NOT a security feature, it is simply an advisory feature, as

> were the IE settings before it. For many it is a false sense of security,

> because even if the software is malware UAC will still permit it's

> installation if told to. Many expect it to "Know", just as they expect

> Norton (or whatever) to "Know".

></span>

 

I agree UAC by itself is not a security feature. Some of the things that

rely on UAC like IE protected mode, locked down ACLs. etc., are.

 

--

Kerry Brown

MS-MVP - Windows Desktop Experience: Systems Administration

http://www.vistahelp.ca/phpBB2/

[Guest SG]

"John Amendall" <jamend@spaceout.com> wrote in message

news:v9af74pk7cj62of9f782ljn0hdp4uv0goo@4ax.com...<span style="color:blue">

> On Fri, 11 Jul 2008 12:31:32 -0500, Fmjc001 <guest@unknown-email.com>

> wrote:

><span style="color:green">

>>I hope they keep the UAC. It means you can feel safe on your computer.</span>

>

> I turned it completely off. I feel safe AND I don't get all those

> damned popup screens every time I try to do something more complicated

> than surf the web or do email.</span>

 

 

Safe? well I hope something like this never happens to you.

Quote from Ronnie Vernon MS-MVP

 

It it only annoying until you run into something unexpected. Right after

Vista was first released, we went through all of the debates about users

getting to the point where clicking on the prompt became an 'automatic'

response.

 

One user told us about a utility that he downloaded and installed and he got

the expected 'security warning' about the file not having a digital

signature. He clicked to run the file anyway and the utility installed. He

then got a message to 'click here' to configure your personal settings. He

then received this prompt.

 

http://i196.photobucket.com/albums/aa86/rvmv/UACPrompt2.jpg

 

Without UAC, he never would have been aware of the second file being

installed, since he had already permitted the program to run. Needless to

say, he decided that he would leave UAC on.

End Quote

 

--

All the best,

SG

 

Is your computer system ready for Vista?

https://winqual.microsoft.com/hcl/

Want to keep up with the latest news from MS?

http://news.google.com/nwshp?tab=wn&ned=us&topic=t

Just type in Microsoft

[Guest Nonny]

On Sun, 13 Jul 2008 05:14:15 -0400, "SG" <sorry@nomail.com> wrote:

<span style="color:blue"><span style="color:green">

>> I turned it completely off. I feel safe AND I don't get all those

>> damned popup screens every time I try to do something more complicated

>> than surf the web or do email.</span>

>

>

>Safe? well I hope something like this never happens to you.

>Quote from Ronnie Vernon MS-MVP</span>

 

[snip]

 

I have been online since late '90 and have yet to have my system

infested with either a virus or even the simplest form of malware. So

I install Vista two months ago and suddenly I need UAC to keep me

safe?

 

Bull.

 

That said... I have so many freakin' backups of my system it would

make your head explode trying to figure out how I keep track of all of

them.

 

I'm safe.

[Guest Daniel Petri]

If I may add my $0.02 here, UAC is good for most "lame" or

"security-insensitive" users. You could argue till the sun sets down on the

question is the OS is "supposed" to prevent idiots from acting as such, with

many to argue that if someone wants to act as an idiot, they should be

allowed to do so.

 

The fact that companies don't adopt Vista easily has nothing to do with UAC

or with a bunch of influential "theives" as SPEnthusiast put it. There are

many more reasons for not adopting Vista, and this is not the right thread

for it.

 

In my opinion, in next OS versions, UAC should be left on just like it is in

Vista. Meaning it could be on by default, and if needed, it could be EASILY

disabled while giving all the right warnings and informing the users of the

result of their actions. I would even go further and create a "stealth" UAC

mode, or perhaps some sort of "auditing" UAC mode by allowing the user to

disable it, but still keep track of the activity that would have required

the user's input. This way the user could be able to track what processes or

actions required UAC interaction, and thus could be persuaded into

re-enabling it.

 

I know I would use such an option if it was available, and I don't see how

it could place an extra performance penalty on the computer, not more that

was required to run UAC in the full mode.

 

--

Sincerely,

 

Daniel Petri

MVP, Senior IT consultant, trainer

www.petri.co.il

 

"Nonny" <nonnymoose@yahoo.com> wrote in message

news:9jjj74pt8fiv076r0tadsaithhbv0er472@4ax.com...<span style="color:blue">

> On Sun, 13 Jul 2008 05:14:15 -0400, "SG" <sorry@nomail.com> wrote:

><span style="color:green"><span style="color:darkred">

>>> I turned it completely off. I feel safe AND I don't get all those

>>> damned popup screens every time I try to do something more complicated

>>> than surf the web or do email.</span>

>>

>>

>>Safe? well I hope something like this never happens to you.

>>Quote from Ronnie Vernon MS-MVP</span>

>

> [snip]

>

> I have been online since late '90 and have yet to have my system

> infested with either a virus or even the simplest form of malware. So

> I install Vista two months ago and suddenly I need UAC to keep me

> safe?

>

> Bull.

>

> That said... I have so many freakin' backups of my system it would

> make your head explode trying to figure out how I keep track of all of

> them.

>

> I'm safe. </span>

[Guest Michael D. Ober]

"Daniel Petri <MVP>" <daniel@petri.co.il.removethis> wrote in message

news:%23abvRBN5IHA.4988@TK2MSFTNGP04.phx.gbl...<span style="color:blue">

> If I may add my $0.02 here, UAC is good for most "lame" or

> "security-insensitive" users. You could argue till the sun sets down on

> the question is the OS is "supposed" to prevent idiots from acting as

> such, with many to argue that if someone wants to act as an idiot, they

> should be allowed to do so.

>

> The fact that companies don't adopt Vista easily has nothing to do with

> UAC or with a bunch of influential "theives" as SPEnthusiast put it. There

> are many more reasons for not adopting Vista, and this is not the right

> thread for it.

>

> In my opinion, in next OS versions, UAC should be left on just like it is

> in Vista. Meaning it could be on by default, and if needed, it could be

> EASILY disabled while giving all the right warnings and informing the

> users of the result of their actions. I would even go further and create a

> "stealth" UAC mode, or perhaps some sort of "auditing" UAC mode by

> allowing the user to disable it, but still keep track of the activity that

> would have required the user's input. This way the user could be able to

> track what processes or actions required UAC interaction, and thus could

> be persuaded into re-enabling it.

>

> I know I would use such an option if it was available, and I don't see how

> it could place an extra performance penalty on the computer, not more that

> was required to run UAC in the full mode.

>

> --

> Sincerely,

>

> Daniel Petri

> MVP, Senior IT consultant, trainer

> www.petri.co.il

>

> "Nonny" <nonnymoose@yahoo.com> wrote in message

> news:9jjj74pt8fiv076r0tadsaithhbv0er472@4ax.com...<span style="color:green">

>> On Sun, 13 Jul 2008 05:14:15 -0400, "SG" <sorry@nomail.com> wrote:

>><span style="color:darkred">

>>>> I turned it completely off. I feel safe AND I don't get all those

>>>> damned popup screens every time I try to do something more complicated

>>>> than surf the web or do email.

>>>

>>>

>>>Safe? well I hope something like this never happens to you.

>>>Quote from Ronnie Vernon MS-MVP</span>

>>

>> [snip]

>>

>> I have been online since late '90 and have yet to have my system

>> infested with either a virus or even the simplest form of malware. So

>> I install Vista two months ago and suddenly I need UAC to keep me

>> safe?

>>

>> Bull.

>>

>> That said... I have so many freakin' backups of my system it would

>> make your head explode trying to figure out how I keep track of all of

>> them.

>>

>> I'm safe.</span>

></span>

The real problem with the UAC is that it pops up when not needed. This is

the same problem the Recycle bin has had for years. People get used to

clicking the "go ahead" button without realizing the file they are deleting

is too big for the recycle bin and won't be recoverable. The UAC pops up

when you simply need to review your configuration - heck - it even pops up

when you are attempting to start perfmon, which doesn't make changes to the

system.

 

MS - fix the overzealousness of the UAC, but don't get rid of it.

 

Mike.

[Guest Little Charlie]

"Michael D. Ober" <obermd.@.alum.mit.edu.nospam.> wrote in message news:rc2dnbbnyo4yd-TVnZ2dnUVZ_gWdnZ2d@earthlink.com...

<span style="color:blue">

> "Daniel Petri <MVP>" <daniel@petri.co.il.removethis> wrote in message

> news:%23abvRBN5IHA.4988@TK2MSFTNGP04.phx.gbl...

<span style="color:green">

>> If I may add my $0.02 here, UAC is good for most "lame" or

>> "security-insensitive" users. You could argue till the sun sets down on

>> the question is the OS is "supposed" to prevent idiots from acting as

>> such, with many to argue that if someone wants to act as an idiot, they

>> should be allowed to do so.

>>

>> The fact that companies don't adopt Vista easily has nothing to do with

>> UAC or with a bunch of influential "theives" as SPEnthusiast put it. There

>> are many more reasons for not adopting Vista, and this is not the right

>> thread for it.

>>

>> In my opinion, in next OS versions, UAC should be left on just like it is

>> in Vista. Meaning it could be on by default, and if needed, it could be

>> EASILY disabled while giving all the right warnings and informing the

>> users of the result of their actions. I would even go further and create a

>> "stealth" UAC mode, or perhaps some sort of "auditing" UAC mode by

>> allowing the user to disable it, but still keep track of the activity that

>> would have required the user's input. This way the user could be able to

>> track what processes or actions required UAC interaction, and thus could

>> be persuaded into re-enabling it.

>>

>> I know I would use such an option if it was available, and I don't see how

>> it could place an extra performance penalty on the computer, not more that

>> was required to run UAC in the full mode.

>>

>> --

>> Sincerely,

>>

>> Daniel Petri

>> MVP, Senior IT consultant, trainer

>> www.petri.co.il

>>

>> "Nonny" <nonnymoose@yahoo.com> wrote in message

>> news:9jjj74pt8fiv076r0tadsaithhbv0er472@4ax.com...

<span style="color:darkred">

>>> On Sun, 13 Jul 2008 05:14:15 -0400, "SG" <sorry@nomail.com> wrote:

>>>

>>>>> I turned it completely off. I feel safe AND I don't get all those

>>>>> damned popup screens every time I try to do something more complicated

>>>>> than surf the web or do email.

>>>>

>>>>

>>>>Safe? well I hope something like this never happens to you.

>>>>Quote from Ronnie Vernon MS-MVP

>>>

>>> [snip]

>>>

>>> I have been online since late '90 and have yet to have my system

>>> infested with either a virus or even the simplest form of malware. So

>>> I install Vista two months ago and suddenly I need UAC to keep me

>>> safe?

>>>

>>> Bull.

>>>

>>> That said... I have so many freakin' backups of my system it would

>>> make your head explode trying to figure out how I keep track of all of

>>> them.

>>>

>>> I'm safe.

</span>

>>

</span>

> The real problem with the UAC is that it pops up when not needed. This is

> the same problem the Recycle bin has had for years. People get used to

> clicking the "go ahead" button without realizing the file they are deleting

> is too big for the recycle bin and won't be recoverable. The UAC pops up

> when you simply need to review your configuration - heck - it even pops up

> when you are attempting to start perfmon, which doesn't make changes to the

> system.

>

> MS - fix the overzealousness of the UAC, but don't get rid of it.

>

> Mike.

>

>

</span>

 

The real problem cannot be fixed by MS or anyone else. The individual users must SLOW DOWN and READ what UAC or anything else puts on their screens before blindly and routinely clicking 'ok'. That is one of the most heavily targeted aspects of personal computers by software authors who have many tag-a-long and piggy-back advertising ad programs tied to the installation of their application. Users MUST READ the EULA and installation notes BEFORE blindly clicking on "I Agree" because after that it is TOO LATE. This whole crazy upside down world is in the fast lane and no one has 'time' to read or even think. Don't blame MS for the UAC. As Martha Stewart would say "It's a good thing!" It is a very honest and worthwhile effort by MS to try to get people to be more aware of what they are doing......the problem is lazy , non-thinking, people. Not MS or UAC.

 

--

Little Charlie

http://www.reverbnation.com/littlecharliesblues

[Guest SPEnthusiast]

Re: Is MS being pressured to retract the UAC feature from the next

 

I'm sure you know the answer to your question, but I shall explain for the

benefit of those on these forums that don't know that answer.

 

UAC protects you from software that you implicitly trust. So, this software

could be from your IT department, or even from well known vendors. In both

cases, there are malicious developers, i.e. hackers, that reengineer that

software in a way so that it can spy on you and rob you.

 

Does that outline what you do?

 

"Charlie Tame" wrote:

<span style="color:blue">

> My question was how does UAC expose thieves? I see no answer to how it

> exposes thieves.

>

> Numerous people are fooled into downloading and installing malware that

> masquerades as security software. They "Think" Vista is more secure, but

> in those circumstances it is not. UAC asks are they sure, of course they

> are, it is an anti spyware / anti virus program - the website / spam

> email told them so.

>

> So UAC is NOT a security feature, it is simply an advisory feature, as

> were the IE settings before it. For many it is a false sense of

> security, because even if the software is malware UAC will still permit

> it's installation if told to. Many expect it to "Know", just as they

> expect Norton (or whatever) to "Know".

>

> That does not say there is anything wrong with UAC, only that there is a

> lot wrong with the perception people are given that "Somehow" they are

> safer.

>

>

>

>

>

> Beoweolf wrote:<span style="color:green">

> > It's a common misunderstanding - what you don't see can't hurt you.

> > Similar to an outdated image of an Ostrich with his head in the sand,

> > thinking if he can't see you - you can see him.

> >

> > Vista UAC, security exposes many of the "hidden" (surreptitious)

> > uses/users of administrator level rights and/or attempts to access

> > network resources. As mention, if you know what you are doing, if you

> > take the time to study/research/learn your system and most importantly -

> > if you care...you can be just as "safe" using XP. What Vista does is

> > makes secure, the default option. This is in line with any Security

> > professional training, not to mention common sense.

> >

> > The average user, those that have enjoyed the benefits of blissful

> > ignorance, have also enjoyed the ability to blame the Evil Empire for

> > leaving so many holes in Microsoft Clients and servers. Generally

> > speaking, the absence if page upon page of complaints about Microsoft

> > security have come at the expense of numbers of users, companies and

> > Govt's now complaining that Vista is somehow flawed as a result of it

> > being built to insist on security, from installation thru production use.

> >

> > Thou dost protest too much? There obviously is a learning curve, for

> > hardware vendors - who chose to ignore years of warning, reams of

> > documents explaining how this OS would not allow "shortcuts" which

> > expose the Kernel to compromises. Software vendors and users were and

> > are painfully made aware of the same issue Business as usual - Ain't no

> > more.

> >

> > Take the time (better use, just use pre-configured policy and templates)

> > to configure your system (do yourself a favor - give those 8, 16 and off

> > brand 32 bit cards a fitting funeral, they earned it); yes, become the

> > informed user who has complained about security for so long - now that

> > it is here ... whining about "It's too good" just doesn't make sense.

> >

> >

> > "Charlie Tame" <charlie@tames.net> wrote in message

> > news:err97W64IHA.1420@TK2MSFTNGP06.phx.gbl...<span style="color:darkred">

> >> SPEnthusiast wrote:

> >>> I don't think a company like Intel is restrained by any kind of

> >>> budget that would not allow an OS upgrade across the enterprise.

> >>>

> >>> These "legacy applications that are crtical to the business" that

> >>> you've mentioned are engineered to spy on people and rob them, which

> >>> is why these businesses and government organizations can't deploy

> >>> Vista. UAC would break those apps.

> >>>

> >>> I'm using Vista with Windows Server 2003 as my domain controller, and

> >>> everything works fine. I'll soon deploy Windows Server 2008, but it's

> >>> no excuse to not deploy Vista.

> >>>

> >>> Like I said, Vista exposes a lot of thieves.

> >>>

> >>

> >>

> >> How the hell does UAC expose thieves? </span>

> > </span>

> </span>