Why not ....

Knife UAC in the gonads and be rid of it altogether. Its the most irritating function on vista by far .

Vista

I just got Vista on a new laptop the other day. I was hunting for a way to disable UAC within about 3 minutes of booting the monstrosity up. I thought Vista couldn't be as bad as some people were making out, turns out it's worse! I'm going to "upgrade" to XP if I can find the right drivers, although I've heard Server 2008 is actually very good and much faster than Vista despite coming from the same code base. No wonder MS is rushing a replacement.

Its not UAC

Microsoft had the option of nuking ANY program that broke the security model. The problem, is that would have made Vista none compatible with masses of broken software.

Yes, its true, The windows world is full of developers who create software, and screw the security model.

Oh look, a config file in c:\program files - Arn't I a clever dev.

The UAC by design is supposed to annoy users, thus, they bitch to the devs (whoever dreams this stuff up needs shooting..) - but its a stupid stupid sticking plaster over the bigger issue.

We would ALL have been better off if MS had simply done a better job, AND made the OS less backward compatible. They could have kept XP available for the long term for people who were having issues, and Vista could have been the real future with developers and the company looking at the future.

Now its just a messed up release that will never get rid of the bad name it has, and WIN7 can't come quickly enough.

So basically no better than Vista?

I was hoping Windows 7 would be something new and exciting like I was hoping Vista to be. But it looks like it will be the same stuff all over. Humm maybe it is time to start looking for something else. I want something new and exciting not more bloatware. I think Windows is becomming like Norton did. Use to be on top but in the last few years came out of touch with customers and try to put everything under the sun in and just makes a bad product. Thats why everyone who likes there computer to actually move or function doesn't use Norton. I guess when you get so big u just lose site untill you lose all your customers.

Odd about that

Linux has this thing with popping up for permission for root access whenever anything related to core functionality is required. I guess I see it maybe 3-4x a day but I'm totally cool with it because I understand it's purpose. I like the idea that neither mal-ware nor casual users of my machine can mess with my system.

The prompt only comes up when necessary, the alternative would be to continually operate in root mode, something that would cause early death by stress to any admin watching over a flock of Linux machines. Vista implemented this vital idea so badly?

That...

...and several boat loads of DRM, not to speak of all the neutered features on behalf of DRM (the audio stack et al comes to mind(.

omg...

You can VERY EASILY disable UAC if you dont like it. I leave it on because I actually know enough about computers to figure out that its a very nice security feature to the OS. Grow up and get a mac or install linux. They both suck.

UAC is

only irritating if you don't have a clue what it's good for.

re: Matt B

Irritating and most unlooked-for!

Disable UAC

From my bog at http://zenfar.blogspot.com/

The only major problem is User Access Control which I had to disable. UAC was made famous in the security Apple Ad. To disable it just type msconfig in the Vista search bar and hit enter. Next select the Tools tab and scroll down until you see disable UAC. Launch it and then after it is done reboot.

tweakuac

Download that on any Vista box and turn UAC totally off.
Users don't bother reading the UAC warnings anyways...they just click whatever they can to make the annoying prompts go away (I'm *not* kidding...I've worked w/ several customers who have done this)-:

Ignorance

Lol i still can't believe how people are so stupid they can't live with a simple change. UAC is faaar less anoying than that on linux, but typical windows user doens't care if he got a virius, or hacker iside, typical windows user is stupid. XP is for that kind of people, for those who actuala know how to use computer they all agree Vista is better. It implemented a lot of good linux futures, cause Microsoft see Linux is good.

The most funny thing ater all is, that the same people, that are talking shit of Vista, were talking shit of XP, and how better windows 2000 was, and will also be talking the same way abaut win 7 and how Vista is better, well like i said, typycal windows user is stupid, Vista seems to compicated...

Lol you don't have to use shortcuts in Vista, you can actualy ask Vista! for anything how to configure and it tells you exactla and even give some more information. Auto defragment...

Ha i was doing something on XP yesterday, amost died cause like 10 thing i could do in Vista and just can't in XP.

So Microsoft remmember users are stupid, don't put nice new features in WIN 7, because they won't know what to do with them and will simply say it sucks...

@Anybody Mustermann

And that is exactly the problem.

99% of windows users don't know what it's good for, so will just keep clicking "Allow" even when it's a nice trojan that hooking into their system and sending all their bank details off via an IRC channel.

Linux's security is better by default, but the biggest plus Linux gets is it has a small desktop userbase compared to Windows (not such a worth while target) and those users are inherently tech savvy.

Disable UAC...

Its actually really easy to disable UAC and its the first thing I did. Nevertheless with it disabled it means every boot you get a little balloon telling you there is a security issue. Wish I new how to disable that!

Despite the everyone's issues, I seem to have gotten away with only experiencing one bug with ATI graphics drivers whilst using two monitor that results in BSOD on the 64-bit OS.

Still I stand by Vista as not the worst OS available. So as not to upset people or bad mouth Apple, I will not say what I think it is.

What is this?

I think you people are somewhat hmmm.. maybe I just use the word stupid. You just don't get it why Vista has UAC and why it's similar to use than XP and 98 and others.

Maybe all billion Windows users aren't as smart as you are? People just don't know what is good and what is bad so ofcourse Windows must try to tell them. And making stupid decisions that can harm you has to be difficult.

I think Windows should have a version for advanced users without all these "great" features but MS is just trying to make it easier for them. If you are a pro you can disable UAC and disable digital driver enforcement if you like. So its some kind of lame to whine about those when you actually can turn them off.

And what comes to Vista - I have used it since beta 2 and after RC1 there were absolutely no problems except creative drivers. XP is not error-free.

Can someone say googleit?

For anyone not familiar with or aware of this nifty new internet utility, it's called google. That's right. Google. Ya'll need to learn to use your fingers to do more searchin' and less flamin'. In order to remove UAC for yourself: click start, click control panel, click user accounts. Select yourself. And uncheck the box that says enable user access control. Reboot. gooooone. bye. cya, don't forget to write... *waves goodbye to UAC".

There is another issue many of you may or may not know about vista. That is it's dynamically altered IP stack. It also seems to control the sound in windows. Again google VISTA IP STACK you'll get all the goodies on that particular pos windows "enhancement".

GO VISTA!
(no really... gooooo away!)
-myspace.com/imchillyb

Yup...

Adam Milne-Smith FTW!!!

Security Alerts

To disable the alert open the security center, then look to your left. Click on "Change the way Security Center Alerts me"....you can disable it from there!

disabling UAC

I have personally disabled UAC on my computer as I consider myself to know enough about what I'm doing that I don't need to be warned about every program I install or open.

Disabling it is easy. Simply click on your user display picture in the Start Menu to take you to the User Accounts Control Panel thing. From there you can access a tick box to turn off User Access Control.

The pop up notification can be disabled from the Security Centre (which also warns you about not having an anti-virus, firewall or Windows Update turned on). On the left hand side will be a thing that lets you change the way it notifies you about things.

UAC is a useful device for the typical user who doesn't know enough about what they are doing though. Even if most of those will just click any button to get rid of the box.
Ultimately most of the problem does come down to software developers not following the guidlines set down by Microsoft regarding the usage of their OS, and also for them not enforcing it enough...

message to Bill

scrap win7 or whatever it is...
Next windowz "Windows XP-2"
3 Reasons to upgrade....
DirectX 11
IE11
Runs 11 time faster than the original with less RAM.

System specs start at 486DX33 with reduced visuals/features :-) to octo core with super virtual 3D ultra visuals.

Secure OS Architectural Design is a lost Art and Science

There seems to be a lot of arrogance and hubris to go around in every direction in the comments to this article. And also some modicum of truth. But I can't blame you all when nearly all so-called computer security experts, consultants, OS designers, and even the CS university professors have proven that they are either uninformed or incompetent in understanding the history and researched mechanisms necessary for a secure OS architecture. Most of the basic OS research was performed in the 60's and 70's, since then the IEEE, ACM and other journaling organizations have presented little in true OS research, and even less in terms OS-based security. I can't replace a whole semester on secure OS Architecture (which is probably not offered by any university) within one paragraph. So instead I ask you dive into the mostly ignored security lessons and architectural principals learned in the design and security analysis of the operating systems MULTICS and OpenVMS. Hear are a few lost concepts to get you started.

- a secure Calling Standard designed around mandatory "descriptors" for character string-based call parameters to make buffer overflow exploits impossible. This totally eliminates a class of exploit for the purpose of attaining higher privileges or sevices than have been granted.

- a "minimum" of 3 security rings or modes is needed for the kernel defend itself against 3rd party applications, and for 3rd party applications to defend against users/hackers/programmers. All services offered by a higher-mode must be accessible only through a descriptor-based calling standard. Unix, Linux and Windows have only 2 security modes and suffer accordingly due to this poor architectural decision. OpenVMS has 4 modes and Multics 8 or 64 depending on the machine it was running on.

- The Unix fathers deliberately chose a simplified insecure OS architecture, since they had different goals. These architectural decisions maintain there decisive effect on the attainable security of all Unix variants today.

- since a bug is potentially more clever than the programmer/hacker who wrote it, security is synonymous with OS reliability and stability.

- no application can be more capable or secure than it's OS design permits. Security is a LCD compound quality, meaning it is only as strong as it's weakest link, and due to it's complexity the OS is traditionally one of the most neglected links of the IT security quality chain.

- dependence on the review of Open-Source in terms of reaching a secure OS is a red-herring. Especially since OS and application code fluctuation and complexity virtually guarantees the perpetual existence of security impacting SW bugs. The OS design must provide mechanisms to explicitly avoid classes of exploits and coding bugs through the design of it's OS architecture. The corollary to this is that it is pure hubris to think anyone is so expert about the quality of all third-party applications they use that they can maintain "as secure" a system with the UAC turned off.

- the segregation of all security/stability affecting activities into multiple clearly defined privileges, which limits exposure of higher modes to applications and users temporarily requiring a specific privilege.

- protection of all individual OS structures, services, and objects (processes, threads, monitors, etc.) with "individual security profiles" which can be finely tuned to allow/refuse access to any other individual or class of OS structure, service or object.

- the default installation of privileges and protections start with a new user always having minimal but usable access to OS privileges and services.

- user access to higher privileges should only be through known and validated applications installed with the needed privileges and coded to carefully to only allow intended actions.

- A known/unknown bug in any privileged application that allows one break out to a command line should still never allow the user to maintain an application privilege in that interactive mode. The capability to recognize this should be an inherent capability of the OS architectural design. OpenVMS does this, and on OpenVMS a system administrator can even refuse any or all users the privilege to have a command line. This totally eliminates a class of exploit.

- there are many more secure OS design principals to learn, and since computer since sold out to the commercial marketing interests long ago, almost all of them were well known long before Microsoft opened it's first window, and ignored the principals.

If you pull all the information together you can find on these concepts, and forget any bias you may have had indoctrinated in you about what an OS kernel is and must provide as a service. Then you should come to the inescapable conclusion that all Unix, Linux and Windows variants (please see the "Shatter Exploit" for an example of a failed OS API) are inherently non-secure by design, and to change that would require breaking completely with upward compatibility and leaving their valuable application ecosystem behind.

Happy re-discovery of the long forgotten art of secure OS design.

Cheers!

If you dig enough, there are more than enough clues here to figure out who I am. A person who is at least aware he still has a lot to learn about secure OS design.

Fast UAC with fingerprint reader

Yeah, UAC can be annoying but not any more so than the Linux counterpart.

I found that by using a fingerprint reader (IBM Lenovo brand) and the latest version of the software I can speed up the process. UAC pops up I just give it the finger and done. Less than a second. Best $30 I've spent in a while.

There are other solutions too, like using Explorer replacers, like Directory Opus. It has this nice feature to authorize the window for a certain amount of time. Easy way to get rid of UAC temporarily while you create/copy/rename those folders and files. It is not cheap though.

Cheers.

Perfect score

The old dog above just wrote the most clever post I've seen in aeons browsing /. rattles, Inq foam, and other http companions. I admit I know shit about computer science, and the OS concept is by far great both for us tech-freaks and philosophers, but people that have a tangence with CS (read 'industrial workers') and actually think are a mere rarity nowadays.