I completely understand the point of introducing UAC to get developers to write applications correctly, however they should understand that lots of software that's already out there is not written to those standards.
That was the entire point of User Account Control though, to get software vendors to fix their applications.
I think what they should have done is introduced UAC in Vista with a white list, and then had UAC in 7 without a whitelist, thus giving devs time to switch stuff around. They ended up bring out 7 much sooner after Vista than intended when Vista was released so should have had a whitelist in the too.
If software developers were that inclined in fixing their applications, they would have done it already.
Mark Russinovich said:
End users have been asking for Windows to provide a way to add arbitrary applications to the auto-elevate list since the Windows Vista beta. The commonly cited reason is that some third-party application they frequently use forces them to constantly click through an elevation prompt as part of their daily routine. Windows 7, just like Windows Vista, doesn't provide such a capability. We understand the aggravation, and there might be a legitimate reason that those applications can't run without administrative rights, but the risk is too high that developers will avoid fixing their code to work with standard user rights. Even if the list of what applications get auto-elevated was only accessible by administrators, developers might simply change their application setup program, which requires a one-time elevation, to add their application to the list. We've instead chosen to invest in educating and working closely with application developers to ensure their programs work correctly as a standard user.
Inside Windows 7 User Account Control
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
i just turned it off on my pc....is that a bad thing to do?
It will mean you will be routinely running as an administrator, which isn't the smartest thing to do. Taking a slight different direction now, it will also mean if you would like to run in a standard user account, every time you need to perform an operation which requests administrator rights, you will be forced to switch to an administrative account. However, with User Account Control enabled, you will have convenient access to administrator rights from a standard user account. You also get the benefit of the Integrity Mechanism / User Interface Privilege Isolation and there is also File and Registry Virtualization.
Personally, I switch to a dedicated administrator account whenever I need to perform an administrative based operation with the elevation dialogues disabled for administrator as well as standard user accounts. I can accept the way I have configured my system won't be for everyone but I'm perfectly happy to use my system the way I have set it up.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If my machine fails me i can reinstall as i only use standard programs and an admin pack. What are the benefits of UAC? I had a quick read about software is being developed for standard user access but couldnt see how that would make anything more secure.
The less and less software which requires administrators rights to work correctly, more and more users will find running as a standard user more convenient and we can finally shift out of this administrative model Windows users have been stuck in for so long.
It's a fact that using a standard user account is securer than using an administrator accounts on a daily basis. If we take a simple scenario such as the following - If you are running in an administrator account and lets say for instance a vulnerability in your web browser is exploited which allowed for arbitrary code execution, that piece of code will be running in the administrator context and can easily take over the entire machine.
However, if you are running in a standard user account, that piece of code will be constrained to standard user rights and it will be a lot more difficult for the attacker to take over your machine. Though, malware can still cause a great deal of damage simply with standard user rights since it will mean it will have access to all of your data.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
I always turn it off....but the other week I had a massive malware infestation that appeared from nowhere, so I'm wondering if having UAC on would have prevented it.
I'm assuming when you say "UAC on", you are referring to running as an administrator with User Account Control enabled i.e. using the Protected Administrator account.
It depends on the type of malware. If the malware assumes administrator rights and even if you wasn't using a web browser which takes advantage of the integrity mechanism in Windows Vista and Windows 7 such as Internet Explorer and Google Chrome, or the malware came via a different route such as a USB drive, running as a Protected Administrator would have likely helped you.
However, if the malware wasn't stupid and was written to take advantage of the opportunities the elevations present from a Protected Administrator account, if it came through your web browser either because it escaped Internet Explorer or Google Chrome's sandbox or you were using a different web browser, or it the malware came through a different route like a USB drive as mentioned above, then User Account Control wouldn't have helped you. This is also assuming the infection was in the administrator context.
If the infection was at a standard user level, User Account Control would have only helped if you were using Internet Explorer or Google Chrome and providing the sandbox contained it. However, if you wasn't using one of those browsers or the malware infected your system via a different method, User Account Control wouldn't have helped you either.
It's important to remember though that User Account Control in the form of the Protected Administrator account is not for security and it's certainly not an anti-malware solution. Any security benefit you do get is a side effect of it's primary purpose. The real security benefit you get from User Account Control is enabling you to run a security feature known as standard user accounts.
Depending on how you like to configure your system, you could say certain aspects of User Account Control actually decease security such as the elevation dialogues. For example, the way I use my system whereby I use a dedicated administrator account for any operations which request administrator rights, if I was elevating from a standard user account instead, I am introducing a security risk. Elevation always involves risk to some degree, it's a convenience, nothing to do with security.
