pauldovi

I hear a lot of people complaining about UAC and I really cannot figure out why. User Account Control was designed to allow for the system administrator to also be the primary user of the computer without degrading the security of the system.

You should have an elevated "Administrator" account on your computer as well as a limited general use account on your computer. Not doing this is poor security habits and opens your computer up to all sorts of vulnerabilities. We all know we should do this... but how many actually do?

User Account Control offers an alternative to having multiple accounts with different system privileges. UAC allows you to safely use an administrator account for every day activities.

So when should you use UAC? When you use your administrator account as your primary account, which is something the vast majority of users do.

When don't you need to use it (but you still should)? If your primary user account is a restricted account, without administrator privledges.

I am tired of people complaining about UAC. It is not that pertrusive, especially once your have your system configured.

One example of UAC in action:

Teamspeak can bind a keyboard settings to ignite voice communications. Unless teamspeak is in your primary and visible window, UAC will not allow teamspeak access to input / output data, unless you run it as an administrator. What does this protect against? Key loggers! You must intentionally set TeamSpeak as an elevated application in order for it to have access to keystroke data. This is excellent!

What actions trigger UAC:

If you have Windows Vista Business or Ultimate, you have configure specific settings of UAC:

http://en.wikipedia.org/wiki/User_Account_Control

__________________

The Hundred Gunner

Interesting. Is there any way to disable SOME of its features and have others continue?

For example: can I set it to blacklist (or whitelist, rather, depending on how you look at it) certain programs? Like can I set it to always allow Fraps? Because I heard it's supposed to "learn" after time, but it never learned that I'm always going to start Fraps when I turn on my computer...

And can I have it stop asking me to run every damned program but still keep other protection without turning the whole entire thing off?

If it was answered, I posted because some of that stuff in the quote list I don't understand.

__________________
"I just talk the way I see things... If that's offensive to you... I'm sorry; you're a loser." - Michael Savage

"But you would be amazed by how many people think that the only reason to have a computer is to play games, and that playing games is all that anyone with a computer does." - dangerousHobo

pauldovi

If you have Vista Business or Ultimate I believe you have more control over how UAC works, I have played with it a bit, but the options are extensive. I am not sure to what extend you can change things.

I also experience what you do with it asking me for permission to something I repetitively grant permission. Like RivaTuner, which is part of my startup registry. I see no obvious work around for this.

__________________

Puscifer

Still seems pointless to me. Its wonderful for people who do alot of clicking where they shouldn't be but if you know what you're doing your security should be tight enough that you don't need UAC. I don't use teamspeak (or even know what it is) so that scenario you brought up means nothing to me. And as for it not being intrusive....I disagree. Its by far the most annoying thing my computer has ever done. Way more annoying than when games ask you 12 times if you're "sure you want to quit". I've never had it on on this comp and never encountered any problems or been hacked or anything, hell I don't even have any spyware. Nice UAC guide though, but mines still staying off.

The Hundred Gunner

Well once again, a great concept but poor implementation.

Hopefully vista 2 or windows 7 or whatever will improve this as well as everything else that needs improving... lol

__________________
"I just talk the way I see things... If that's offensive to you... I'm sorry; you're a loser." - Michael Savage

"But you would be amazed by how many people think that the only reason to have a computer is to play games, and that playing games is all that anyone with a computer does." - dangerousHobo

SZayat

Well, I use Comodo's Defence+ (part of the firewall) which is way more advanced than silly UAC...

__________________
Vista.x64.FAQ :V MP3.Server :V Disable.TCP.Auto-Tunning :V Best.Wallpaper.Sources
LEARN ABOUT FOLDING@HOME

Puscifer

Yeah, thats a great name for their new OS. Windows 7

ENTERPRISE

UAC has its advatanges but I disabled it from day one due to it being rather annoying. I know you can configure it but I wanted the whole thing disabled and out of my way. I think UAC is helpful for the NOOBS so to speak and yes is even good for security in general. However for the people who have common sense and know what they are doing UAC is not a must.

Not to be funny but MANY Windows OS did not have UAC and I survived lol

__________________

pauldovi

If you truly "know what you are doing" you will have multiple user accounts with different privileged levels, and your primary account would be limited access. Thus, everytime you tried to perform a elevated action you would have to prove your credentials as an administrator.

Using this alternative security method to UAC requires more clicking and more wasted time. UAC significantly simplifies the process and allows you to maintain a proper security environment even though you have only 1 user account (that is also an elevated account).

Your comment's about my teamspeak example indiciate that you don't understand the point of the example. It has nothing to do with your use of teamspeak, on the contrary. It deminstrates the usefullness of UAC at preventing malicious execution of code on your computer.

You cannot tell me you know that you have no spyware or anti-virus! How can you possibly know! The good stuff doesn't "pop out" and spam your screen with pop ups. It silently runs in the background collecting goodies (personal data) and then sending it back to the originator. Although much easier to discover, your computer can be taken over by a botnet, running instruction from the hacker like a massive server. None of these "high end" virus's or malware will ever notify you that you have been attacked.

UAC is not about preventing "NOOBS" from deleting "My Computer". UAC is more importantly about requiring authorization from the user to run elevated tasks. It prevents malicous code from doing things like changing the links on all the shortcuts on your desktops to running virus.exe. It prevents keyloggers and data miners from running.

Previous Windows OS's did not have UAC... That isn't a very good arguement. UAC was introduced because too many people has poor security habits in terms of administrator accounts.

__________________

ENTERPRISE

Yes I am fully aware of that. I was talking more in my case where I know how to properly secure my Network and PC to not allow malicious applications to get on my system in the 1st place. Granted UAC is a useful tool for everyone but a little less so for the more experienced. Thus why I said its especially good for the more NOOB user...Its not just for noobs but especially good for them.

Out of all the Vista installs I have ever had on my PC has had UAC disabled and to this day I have a nice clean PC free of malicious code/programs.

The main reason I removed UAC is I like to work fast and having UAC pop up in my face when I am trying to get something done IMO is counterproductive.

__________________