My Vista is stable and nippy

NathanE said:
But no account on Vista is a "proper" admistrator account.
Click to expand...

i think there is. first of all you're logged on with the account you created during setup. run a command prompt as administrator (accept the uac prompt :p).

net user administrator /active:yes

logoff and now you have the proper admin account at the login screen. logon with that and you can delete the account you created during setup and no more uac prompts, ever. :)

(my flameproof suit is on. :D)
 
Last edited:
marc2003 said:
i think there is. first of all you're logged on with the account you created during setup. run a command prompt as administrator (accept the uac prompt :p).

net user administrator /active:yes

logoff and now you have the proper admin account at the login screen. logon with that and you can delete the account you created during setup and no more uac prompts, ever. :)

(my flameproof suit is on. :D)
Click to expand...

Or alternatively, you can use TweakUAC, get the same result (no UAC prompts) and a much more secure system...
 
FooAtari said:
It's like that browser thread all over again... :)

Surely this personal preference?
Click to expand...

It is personal preference, but the number of people in this thread who do not fully understand what they have done, why UAC is there and what much better alternatives exist is the reason why this keeps going.

It would be personal preference if I ran IE6 with none of the security fixes as my web browser, but that doesn't mean it's a good choice. UAC is the same, as NathanE has already pointed out.

<snip>
Going back to UAC. I would never suggest anyone disable it. I would tell them to go look at what it does and decide from themselves, if they new what they were doing. I would never tell a novice it was a good idea to consider disabling UAC either.
Click to expand...

It's not a good idea for any user to disable UAC, that's the point. There is so much misinformation about that even trying to find reliable information on the system is hard as there are so many 'experienced' windows users moaning about it yet totally failing to understand what it's for, and providing bad information on it.

TweakUAC is the way foward, rather than disabling it. If the prompts annoy you, get rid of them, but don't disable a long overdue and important security management system.
 
IMO Microsoft shouldn't have allowed UAC to be disabled in the first place. They should have let Administrator's choose from the Control Panel whether to run it in silent mode or not. Instead of hiding it away as a registry hack that has to be exposed by a third party freeware application (TweakUAC).
 
NathanE said:
IMO Microsoft shouldn't have allowed UAC to be disabled in the first place. They should have let Administrator's choose from the Control Panel whether to run it in silent mode or not. Instead of hiding it away as a registry hack that has to be exposed by a third party freeware application (TweakUAC).
Click to expand...

Definitely agreed there. The problem is too many people have got used to windows prior bad behaviour and now expect it :(
 
Dolph said:
It's not a good idea for any user to disable UAC, that's the point. There is so much misinformation about that even trying to find reliable information on the system is hard as there are so many 'experienced' windows users moaning about it yet totally failing to understand what it's for, and providing bad information on it.

TweakUAC is the way foward, rather than disabling it. If the prompts annoy you, get rid of them, but don't disable a long overdue and important security management system.
Click to expand...

But why isn't it a good idea? It's a measured risk for the sake of a little convenience. I'm confidant in my skills and judgment to not get any nasties on the computer in the first place.
 
As an extreme example which I'm sure most of us have experienced, if not with our own machine, that of others, I'll present Blaster II, Blaster being something AVs didn't detect in XP as far as I remember. UAC should in theory prevent that (or at least notify you if you didn't turn off the prompts). I'm not gonna argue against "oh, well, that was easy to fix", but it's just an example of something slipping through the net which UAC should be able to stop.
 
Just another message to say Vista Rocks! I've been using Vista Ultimate 64bit for a month now. Everything has been good. UAC is in quiet mode for now, while I still get everything sorted out.

I love the way people moan about UAC and about Windows security. Which do you want people? Security often comes at the expense of simplicity. Vista gives you the option either way. If you tuned it off, admit it, your not as bothered about security as you thought.
 
You don't need UAC for a secure vista though which is the point most were arguing!
 
mrk said:
You don't need UAC for a secure vista though which is the point most were arguing!
Click to expand...

Vista with UAC disabled cannot be as secure as Vista with it enabled. You can mitigate the risks because you're aware of the vunerabilities, but that's not the same thing as security. It's more akin to parking your car under a light because you don't lock it...

This thread would have been prevented by UAC...

http://forums.overclockers.co.uk/showthread.php?t=17835509
 
quick question

if you set UAC to silent mode, how is it more secure than UAC off. Im not arguing, just dont understand the difference ?
 
MrLOL said:
quick question

if you set UAC to silent mode, how is it more secure than UAC off. Im not arguing, just dont understand the difference ?
Click to expand...

UAC in silent mode still provides protected mode IE, and still limits the user privileges of applications as default, only allowing eleveted permissions if the program requests them. (Protected mode for IE 7 would have prevented the issue in the thread I linked to earlier).

It also keeps file and registry virtualisation active.

http://en.wikipedia.org/wiki/User_Account_Control
 
Couple of questions -

I know people say you shouldn't need to run anything as admin (other than installing), but I have multiple programs that don't function fully unless run as admin (Uedit, MediaMonkey, TeamSpeak, etc).Mostly as they need access to write to files (logs etc). So if I am missing something obvious, can someone let me know.

Secondly, I have run Tweak UAT to see if this helps, but I am wondering if its normal for windows to report that I have turned of UAT, even though I have selected Quiet Mode. Again have I missed something?

Cheers
 
azaniah said:
Couple of questions -

I know people say you shouldn't need to run anything as admin (other than installing), but I have multiple programs that don't function fully unless run as admin (Uedit, MediaMonkey, TeamSpeak, etc).Mostly as they need access to write to files (logs etc). So if I am missing something obvious, can someone let me know.
Click to expand...

The problem is where they write the files, not the need to write the files. Programs should not need to write to program files or the registry in general usage. Data should be written to the data directories (either my documents or the user's profile) not program files. Again it's down to badly written programs that don't follow correct standards (because windows did not enforce them, although it's had them since NT)

Secondly, I have run Tweak UAT to see if this helps, but I am wondering if its normal for windows to report that I have turned of UAT, even though I have selected Quiet Mode. Again have I missed something?

Cheers
Click to expand...

There is a thing on the tweakUAC site of how to deal with this.
 
I can understand that, however for example I have a script in MediaMonkey that creates a log file in /Program Files (x86)/MediaMonkey/Plugins.

I only use the one account, which is an admin account, as I am the only person who uses this PC. I can see that the directory permissions allow admins write permissions. However, if I do not run as admin, this fails. Unless all my years of user/group permissions is now out the window, I fail to see how I as an admin, running a program, cannot write to a directory which allows admins to write.

I might have missed something on the TweakUAT site, I will check.

Cheers
 
azaniah said:
I can understand that, however for example I have a script in MediaMonkey that creates a log file in /Program Files (x86)/MediaMonkey/Plugins.

I only use the one account, which is an admin account, as I am the only person who uses this PC. I can see that the directory permissions allow admins write permissions. However, if I do not run as admin, this fails. Unless all my years of user/group permissions is now out the window, I fail to see how I as an admin, running a program, cannot write to a directory which allows admins to write.
Click to expand...

Because you should have never run routinely as admin for day to day tasks. UAC exists because people did something that all conventional understanding said is a really bad idea. Hence UAC comes in to plug the gap caused by poor usage practices.

Even as the only person using a PC (whether running windows, linux or something else) you should not run as an admin all the time, as it immediately negates much of the seperation that prevents programs from trashing your system (either maliciously or inadvertantly). If people had followed good practice with XP, the OS would have a much greater reputation for security, yet people blame windows for their failings.
 
You must log in or register to reply here.
Back
Top Bottom