Slashdot Mirror
Windows 7 To Dial Down UAC
Barence writes "Engineers working on Windows 7 have admitted Vista's User Account Control was too intrusive, and are promising to tone it down in the forthcoming Windows 7. 'We've heard loud and clear that you are frustrated,' says Microsoft engineer Ben Fathi. 'You find the prompts too frequent, annoying, and confusing. We still want to provide you control over what changes can happen to your system, but we want to provide you a better overall experience.' According to Fathi, when Vista first launched, 775,312 unique applications were producing prompts — so some may be annoyed that it won't be scrapped entirely, but at least Microsoft is listening. The comments echo those of Steve Ballmer, who admitted at a conference in London that 'the biggest trade-off we made was sacrificing security for compatibility. I'm not sure the end-users really appreciated that trade-off.'"
*DISABLE IT*. http://www.mydigitallife.info/2006/12/19/turn-off-or-disable-user-account-control-uac-in-windows-vista/
(Now, does that now make my Vista SP1 more 'Windows 7ish'?)
Other methods here: http://www.google.com/search?hl=en&safe=off&q=How+to+disable+Vista+UAC
I know you could disable the UAC, but it wasn't as simple as typing 'su' and entering your root password.
If I'm root I want to be able to do ANYTHING with no questions asked. Kill the filesystem with one commandline? Sure. Kill my databases? Sure. Change settings of anything? Sure.
Yet the Administrator accounts in Windows get just as many annoying prompts (if not more) than the standard users. I should be able to configure rights below me easily to allow my standard user to not get bothered by prompts that they can just click through.
br I see it as a huge issue because is faux security with the UAC mostly. It creates warnings basically, but doesn't prevent action (mostly again).
Tibbon
tibbon.com
If you're not installing Vista for enhanced security, why exactly are you installing it?
Because I'm buying or building a new computer other than a subnotebook. Between June 2008 and December 2096, Windows XP is not available on computers other than subnotebooks, and I want to use applications that work better under Windows Vista than under Ubuntu with Wine.
Does it really have to prompt me every single time? After prompting me to run the same program 5 times, couldn't it just ask me if I want to white list that program until the executable changes?
t
Actually, their plan was to make it annoying in order to force developers to fix their apps so they don't require so much administrator access.
It's hard to fault them for their motivation, even if the execution perhaps left something to be desired.
After the system, software is setup and running, I hardly run into any UAC prompt, except for one of the bank applications that for unknown requires admin privilege.
If Vista didn't push for that, we will need admin privileges to run Windows, forever, because of the bad design of applications!
There are, definitely, room for improvements, for example, combining the ActiveX Install prompt with UAC, reducing two to one. Combing the warning of running the Internet downloaded .exe and UAC, and allows a Explorer.exe to have the admin token for a while once granted, for those file manipulation operations.
All in all, I love UAC! It's more convenient than typing "sudo ..." for every commands i need to run at root's right.
Yes, Linux does it right. The problem for Microsoft, however, is this: most programs written to run on Linux are written such that they can run without root-level privileges. Most programs written before the advent of Vista assumed that Administrator privileges were available by default.
That assumption is no longer true. Since the number of programs is so enormous (the 775k mentioned in the summary), it's easier to deal with the privilege-escalation by putting in something like UAC than it is to fix every faulty application. Hopefully, developers have now learned to assume least privileges, so new programs won't require elevated privileges.
I don't think anyone will agree that UAC was the best way to handle the situation, but it sure was the easy way out. As an earlier poster said, better sandboxing could handle the issue better, but it's obvious that the investment (money and potential schedule problems) wasn't worth it from MS's point of view.
Help find a cure for cancer. Join the [H]orde
If you're trying to get permissions correct to eliminate these type of prompts in a corporate environment (or make an app work in a locked down pre-Vista environment) I can't recommend LUA Buglight highly enough. Basically it provides a way to record exactly what rights an application is requesting as you run it. I've used it mostly to get temperamental programs running as locked down users under Citrix but it should work fine to help reduce the amount of UAC messages under Vista.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
But..
And this is the big one. I agree for new code. But the only real strength of Windows is it's legacy of applications.
It is supposed to run old software. And if you have ever supported average users let me explain why a good program could have problems.
Lets say you have 10,000 users using your program under Windows 95. You store their files under Program Files, Program name, User
Now more and more people buy your software and then XP hits. It recomends that you move those data files to My Documents. Well Now you have 50,000 users. Do you make them move them?
Do you give yourself a support headache buy have some people with files under My Documents and some under Program Files...
Now comes Vista and it throws a fit if you store a data file under Program files Which if they are none executable I don't see what the problem is.
So you simply tell people to turn off the UAC.
Of course your customers start having problems with Sound cards, USB to serial devices, and performance issues with Vista anyway so....
Your right no new program should have a problem with the UAC. But most programs are not new and may have an established customer base.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
UAC is as simple as sudo. Except, sudo will remember that you just typed in your password 5 minutes ago so it won't ask again. UAC asks every time.
But you're right, it's not a pain in the ass, and the people who are bitching about it are whiners. OR, maybe they don't know the trick that I know - set the administration password to a null password. That way, UAC doesn't require you to type anything at all. Just click the box and it's gone. You should know why the box popped up. It's your machine, so you should know the password, so asking for it is pointless. If you click on a UAC message without knowing why it's there, that's your fault.
And no, a NULL password is not the same as an empty password. You can send me an empty password theoretically with a string containing just a single null terminator. But how do you send me no password at all? That's like going to the mailbox and seeing it's empty, but just then your mom calls and asks if you didn't get the letter she didn't send you, and you reply that yes, you got no letter. Very Zen.
Fascism trolls keeping me up every night. When I starts a preachin', he HITS ME WITH HIS REICH!
Exactly! It is like trying to troubleshoot based on those worthless XP error boxes. You hit details and what do you get? The same rundll32 and NTdll no matter what application crashes. I swear those stupid hex codes they used in the old days were more useful! At least with those you could look up the hex code and get a rough idea which subsystem is screwing up. Now I keep dependency walker,diskmon and filemon just to try to figure out a bug.
ACs don't waste your time replying, your posts are never seen by me.
Really, the big problem is that Windows wasn't setup with security in mind in the first place. When Microsoft started to add security, they discovered that the developers were abusing administrator privileges. Sooner or later this was going to happen.
/home. Unfortunately, the occasional program would still try to save user information in Program Files. Now when we make Program Files an administrator only area we have problems.
Between using Windows and Linux, I've noticed that Windows is becoming more Linux/Unix like with every release. With XP the Documents and Settings folder really started to feel like
The UAC issue is an issue that every company has when it does something wrong and tries to fix it. The users and developers get used to doing it the wrong way and it's very difficult to get them to do it right. Microsoft has to go through this pain if it wants to be a serious operating system.
I've seen similar problems in manufacturing. When we try to bring a process under control, the operator at that station will resist and say, "but I've been doing it that way for 20 years!" Then we have to explain that they have been doing it wrong for 20 years. It's very difficult to change your way of doing this after that long. Some companies have tried, but weren't successful. It's painful at the moment, but it will improve. Windows will become a better product because of it.
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
You can't really be vague about a file. If I want to gain access to a system file, I pretty much have to do it by name. Also, Windows is blocking it for some reason. Why does that reason have to be hidden?
"Oh, I see you have peon user rights, but you need power user rights to gain access to c:\winnt\notepad.exe"
"______ program needs access to a restricted part of the registry to be able to read/write data.
Cancel/Allow?
(Click here to more details on the requested operation) >>
someapp.exe is trying to request access to HKLM\Software\Microsoft\Windows\CurrentVersion\ProductKey"
And while we are on it... you should at least be able to specify conditional allowance. (Cancel | Allow This | Allow All)
Every time I start to have faith in humanity, I ruin it by driving to work between 7 and 8 am.
> Lets say you have 10,000 users using your program under Windows 95.
> You store their files under Program Files, Program name, User
In other words, you want to be inconsiderate and make me hunt down my data files under some weird directory name under Program Files, which, by the way, is hidden by default until you tell explorer to show system files or something. There is absolutely no excuse for writing data files in the program directory. Windows 95 supports home directories. Use them.
> then XP hits. It recomends that you move those data files to My Documents.
> Well Now you have 50,000 users. Do you make them move them?
Hell no! That's also inconsiderate. You have the setup program move them and tell the user what it did. No ifs ands or buts. Sure, you'll annoy your 50000 users, but that's just what you deserve for not following standards.
> Now comes Vista and it throws a fit if you store a data file under Program files
> Which if they are none executable I don't see what the problem is.
The problem is that users should never write to Program Files. Period. The permissions should be set to not allow it. This is a very very good idea because it prevents viruses from mucking up your installed programs. And, of course, it prevents the user from accidentally deleting them. Mac users, in particular, tend to think that an app can be uninstalled by deleting its directory.
> So you simply tell people to turn off the UAC.
Heck no! There is no way I'm compromising my computer's security just to cover for your bad design. I'll either stop using your program, or implement an inconvenient workaround (which normal users would not be able to do), consisting of manually going to Program Files/Your App and setting permissions on the directories you are foolishly trying to write to. Old games are VERY bad about this. Fortunately, setting permissions on the saved game subdir usually works.
1. My comment was about "applications like Windows Update", not JUST "Windows Update".
2. The control panel uses HTML pages and ActiveX controls. I had a user a few years back whose Add/Remove Programs applet stopped working because of a problem with the HTML control. All those control panel applets like Add/Remove Programs that are built on top of the HTML control would ALSO need to be modified if Microsoft fixed the security problems in the HTML control.
(Administrator...) and the other right-click options to choose XP, 2K, etc would have helped. One would think ms would have created vista from scratch, and, as you say, emulate the older systems. Vista in all versions could have and SHOULD have had embedded in them that existing windows emulator.
But, they decided that certain "16-bit" help files code no longer suited their needs. Fortunately for them, it screwed over the help system and broke several Lotus SmartSuite help file functionality. Someone told me that it wasn't microsoft's responsibility to help Lotus run a bad help program. Thing is, EVERYbody used ms' help program in some way, and in some implementation.
But, a windows 98 emulator built into vista would have perpetuated use of "legacy" apps and probably would have delayed uptake in "new" versions ms would have loved to see 3rd parties sell, principally to compel "upgrading" (side-grading) to vista.
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
No, they specifically broke runas in a command prompt window in vista in favor of the right click -> run as administrator (bing UAC) route.
It was a totally stupid idea. Even going with a runas which then triggered UAC to gain the required privileges would have been a better plan that no runas command.
Bryn
Or words to that effect
No, that one process gets a temporary elevation, not the user. It's not a security hole.
Windows dev friends tell me that Windows actually has almost the same thing (you can have a timeout on admin privs), but sadly Explorer is too retarded to use it properly :-( Perhaps this is something win7 can address.
Untrue. Many early multi-user OSes run on hardware which did not have hardware-based memory and process separation. While in such cases the separation of processes cannot be hardware enforced, the discipline of re-entrant, multi-user code which takes care to maintain granularity can (and was) maintained.
DOS and early Windows had NO facilities whatsoever for even the simplest of process and resource management tasks. Hell, DOS was a single task "OS" (essentially a just a program loader - and with no support for dynamic libraries to boot) which required hacking to get a fake form multi-tasking to be semi-functional, involving essentially a bug which allowed some processes to "terminate" without freeing their memory.
So your apologetics fall quite flat here.