What are the dangers of turning off UAC?

Faustus

Faustus

Faustus

Soldato
Joined
20 Mar 2007
Posts
5,413
What if any are the dangers of turning of UAC in Vista for the more experienced PC user? Quite frankly UAC is driving me mad - it really is a bridge to far, goodness knows what MS were thinking about when they came up with this
 
Most people turn it off ASAP, the entire idea behind it is to make you think when an app requests to do something that needs an elevated priviledge, sort of like firewall software asking you if you want give a program access. So providing you know what you're doing I can't see the harm.
 
Rapid-D said:
The only danger I see is that it makes you think its useful and turn it back on again.
Click to expand...

:D

if you managed to get by on xp/2000 for years without it, i'm sure you can cope on vista too. :)
 
Minstadave said:
I turned it off in seconds, it was infuriating. Not had any problems without it.
Click to expand...

It took me half that time :p . Extremely annoying to say the least, This is the most annoying thing since Windows ME :mad: .
 
I agree with all a right royal pain however I have found a couple of things that refused to install and after investigating it was because UAC was turned off think if mem serves adobe acrobat was problematic and had to turn it on to install ? crazy huh ? but still not as anoying as UAC :)

00NukE
 
I've still got it turned on :) It really isn't that bad after the initial PC setup phase... :)

I don't run any other anti-virus or anti-malware though.

To be honest if you are running those types of software and you rely on them totally for your security then you should leave UAC on aswell.
 
NathanE said:
I've still got it turned on :) It really isn't that bad after the initial PC setup phase... :)
Click to expand...
Yes it is, I setup my retail version of Home Premium 87 days ago and counted how many times UAC kicked in yesterday - 33 times. I then tried to think of a single time it kicked in for a good reason, not just a program trying to write to C:\Program Files or game changing desktop resolution. And I couldn't recall a single justified UAC reaction. So I promptly disabled it. God knows I tried to give it a chance but it has literally 0 learning curve.

I don't run any other anti-virus or anti-malware though.
Click to expand...
You really should, because UAC is neither of these things. It's simply 'sudo' gone wrong.
 
Don't disable, just make it auto-accept. That way you keep protected mode IE, and all programs still run as standard user unless you specifically run as administrator (meaning they can't write to any dodgy places...)

There's a registry edit, but there's a tool to enable it:

http://www.tweak-uac.com/

Much better than just removing all possible security benefits...
 
That is an incorrect reason though (I ignored it as I didn't want to embarass you) :) UAC does protect from many types of viruses and malware.

As soon as some malware tries to inject itself into your Registry, guess what, UAC will go insane :)

As soon as some virus tries to overwrite explorer.exe with its stub, guess what, UAC will go insane :)

UAC is a very good source of low level preventative security protection.
 
Embarass me? Riiiight.... :D

As long as virus doesn't try Windows 95 tricks it won't be even noticed by UAC. I can actually show you instances where UAC will allow something to be installed but make uninstallation and quarantine impossible. That's why it's so lame. It doesn't stop your computer from getting infected but it will stop many removal tools from working properly.
 
NathanE said:
Anti-virus/malware run at administrator level so I'm not quite sure why you believe UAC hinders them from operating correctly.
Click to expand...
First, you can operate anywhere outside system paths without UAC even blinking, which means that a program can install anything as long as it doesn't try to do it in Program Files or c:\Windows.
Second. Just to give you example of really simple 5 minute system kill - write an executable with interface that looks exactly like UAC, insisting for it to unzip to system path and bundle it with some downloadable program, screensaver, whatever, when user double clicks on their download they get a popup from original UAC asking for elevated rights, they click "Yes", a popup identical to UAC appears on the screen, but this time both "Continue" and "Cancel" buttons perform the same action - run a proggie to perform automatic confirmation to next few commands and turn UAC popups off in pretty much the same method as tweak-uac. From then on you can pretty much wipe boot files if that's your fancy and nothing will stop you, all you need is one single IL elevation just like you needed temp Joana in reception to be curious enough about "thebestgameintheoffice.exe to share company conctact list with you or send you a lot of "I love you" letters in OS's before.

"Run as" is not equivalent to anti virus or anti malware at any point or level, and the worst you can do is make your PR try and convince people it is.

Any system that relies on user clicking Yes and No buttons without understanding what they do is by nature not preventing anything. Just about any anti-virus manufacturer in the world shared their concern about Vista's UAC, and of course you can just presume they are trying to protect their share of business, but on the other hand..
 
You must log in or register to reply here.
Back
Top Bottom