Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Caves, Will Change UAC In Windows 7

Posted by kdawson on from the more-better dept.

CWmike writes "Reacting to intense criticism of an important security feature in Windows 7 (which we discussed a few days back), Microsoft today said it will change the behavior of User Account Control in Windows 7's release candidate. In a blog post, two Microsoft executives responsible for Windows development, John DeVaan and Steven Sinofsky, said 'We are going to deliver two changes to the Release Candidate that we'll all see. First, the UAC control panel will run in a high integrity process, which requires elevation. Second, changing the level of the UAC will also prompt for confirmation.' They said the changes were prompted by feedback from users, including comments on an earlier post Thursday by DeVaan in which he defended the modifications Microsoft made to UAC in Windows 7."

11 of 249 comments (clear)

  1. Intense? by jamesl · · Score: 5, Insightful

    Intense criticism? Define "intense."

    Isn't this how it's supposed to work? Release pre-production code to the community. Listen to comments. Respond to comments as appropriate.

    Now define "over the top."

  2. The entire concept is broken by landimal_adurotune · · Score: 5, Insightful

    With the initial Vista UAC people were trained to just click yes to everything or they would turn off the function entirely. With Windows 7 it is far less frustrating but the User part of the UAC is what is broken, there is no substitution for actually educating users. That is something that is far out of MS's reach IMHO.

  3. Caves? by ukyoCE · · Score: 4, Insightful

    This is hardly "caving". Microsoft was alerted to a security issue, and they're fixing it. How did this get spun into an anti-microsoft story?

    Did I miss some story where Microsoft said they absolutely refused to fix the problem, but now a few days later they're giving in and fixing it?

    1. Re:Caves? by Lostlander · · Score: 4, Insightful

      I agree, I hate Microsoft as much as the next Linux user but seriously agreeing to change something in a beta isn't caving it's feature adjustment. The tittle of the summary is just flamebait. Windows 7 seems to be a functional Microsoft operating system for a change and people are freaking out looking for something to hate about it.

    2. Re:Caves? by Cro+Magnon · · Score: 3, Insightful

      This is hardly "caving". Microsoft was alerted to a security issue, and they're fixing it. How did this get spun into an anti-microsoft story?

      This is slashdot. Nuff said.

      --
      Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
    3. Re:Caves? by Hal_Porter · · Score: 4, Insightful

      A true slashdot user believes all these things

      1) The flaw in XP was that everyone run as admin. Unix's system of running as a limited user and doing a privilege escalation via sudo each time you do something that requires admin rights.
      2) The flaw in Vista was UAC, where you do a privilege escalation each time you do something that requires admin rights.
      3) The first Windows 7 beta had a flaw where it was possible for malware to disable UAC programatically and thus bypass it.
      4) Microsoft have 'caved' and changed UAC in the Windows 7 release candidate.

      and he believes them simultaneously too.

      --
      echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
  4. Re:I had a little glimmer of hope by Toreo+asesino · · Score: 4, Insightful

    When I read the headline...that they were going to implement proper user account permissions (a la UNIX) so UAC wouldn't be needed. Alas, I was disappointed.

    By that you mean "put password in everytime you need to elevate?". UAC does that if you're not an admin. If you are, because you're not really an admin, it just confirms you want to...if the app is digitally signed; if not, it give you a big scary warning box you actually have to read.

    --
    throw new NoSignatureException();
  5. Still missing... by Mascot · · Score: 3, Insightful

    the one thing that will make me consider not turning it off. A "do not ask again for this application" checkbox.

    Come on. Every firewall/HIPS system I can remember trying the past decade or so has an option to remember the answer.

    This obviously won't work for settings, but for when starting an application? God, it's so needed.

  6. Re:windows users are STILL more tolerant than ME by v1 · · Score: 4, Insightful

    but this is Windows, which has been so poorly engineered for so long that roughly 97% of applications expect to be run as Admin; and thanks to the delights of 'backwards compatibility'

    ya, but wasn't that what Vista was all about? Causing 80% of the existing windows apps to spontaneously combust and force the developers once and for all to fix their crap? What happened to that? (guessing... public outcry from the users and lazy devs pointing at MS as the blame) I thought that was the reason that Windows7 was going to make an even more solid, committed attempt to force the developers to adopt good coding practice. MS can't just continue to roll over on this issue.

    --
    I work for the Department of Redundancy Department.
  7. Re:To be fair about Vista (can you do it, /.?) by nine-times · · Score: 3, Insightful

    It's my business where I install the OS. It will only be on one computer at a time, but if I pay the money, the OS goes where I decide when it suits me to reinstall, without a penalty to ME.

    I agree completely. I always get modded as a troll, but forced activation really is one of the things that keeps me from using Windows Vista. Every product that I've used that has activation has, at some point or another, made it needlessly difficult for me to do something legitimate. I just refuse to deal with that stuff anymore.

    I have enough problems with software working properly without the developers embedding kill-switches in their software.

  8. Re:I had a little glimmer of hope by jonadab · · Score: 3, Insightful

    Unless you work for a vendor that sells Linux-based solutions, and have a job title something along the lines of "Deployment Options Specialist", there really isn't any reason to *try* to think about all of the various configuration and deployment options. What would be the point? You're Doing It Wrong.

    The right approach is to ask, "In our situation, what do we need the software to do?"

    --
    Cut that out, or I will ship you to Norilsk in a box.