Is MS being pressured to retract the UAC feature from the next ver

  • Thread starter Thread starter SPEnthusiast
  • Start date Start date
S

SPEnthusiast

Please take a look at this:
http://www.tmcnet.com/usubmit/2008/07/11/3541592.htm

Numerous articles like this have appeared on the Web about businesses and
government organizations not wanting to deploy Vista in their environments.
The one above is about the FAA not wanting to do so, and I read one article
recently about Intel not wanting to deploy Vista either.

It has become common knowledge that security features like UAC and Windows
Defender in Vista have put a lot of thieves out of business. Obviously these
people have a lot of influence, if they can convince the FAA, Intel, etc.
that Vista is bad for their employees.

And now the consensus that they want to reach that they'll keep XP and keep
ripping people off until Windows 7 is released.

So, here's my question: Is Microsoft being pressured to retract features
like UAC and Windows Defender from Windows 7? And will Microsoft cave in?

Thanks.
 
You are asking a question relating to a future Windows operating system
that no one in this peer-to-peer newsgroup can answer. Try
back in about a year or so. In the meantime, here is some information
you can read and digress:

Inside Windows Vista User Account Control
http://technet.microsoft.com/en-us/magazine/cc138019.aspx

Understanding and Configuring User Account Control in Windows Vista
http://technet2.microsoft.com/WindowsVista/en/library/00d04415-2b2f-422c-b70e-b18ff918c2811033.mspx

User Account Control
http://technet.microsoft.com/en-us/windowsvista/aa905113.aspx


--
Carey Frisch
Microsoft MVP
Windows Desktop Experience -
Windows Vista Enthusiast

---------------------------------------------------------------

Please take a look at this:
http://www.tmcnet.com/usubmit/2008/07/11/3541592.htm

Numerous articles like this have appeared on the Web about businesses and
government organizations not wanting to deploy Vista in their environments.
The one above is about the FAA not wanting to do so, and I read one article
recently about Intel not wanting to deploy Vista either.

It has become common knowledge that security features like UAC and Windows
Defender in Vista have put a lot of thieves out of business. Obviously these
people have a lot of influence, if they can convince the FAA, Intel, etc.
that Vista is bad for their employees.

And now the consensus that they want to reach that they'll keep XP and keep
ripping people off until Windows 7 is released.

So, here's my question: Is Microsoft being pressured to retract features
like UAC and Windows Defender from Windows 7? And will Microsoft cave in?

Thanks.
 
So, here's my question: Is Microsoft being pressured to retract features
like UAC and Windows Defender from Windows 7? And will Microsoft cave in?

Your guess is as good as anyone's here. We're all just commun Vista
users and don't work for MS.
 
SPEnthusiast said:
Please take a look at this:
http://www.tmcnet.com/usubmit/2008/07/11/3541592.htm

Numerous articles like this have appeared on the Web about businesses and
government organizations not wanting to deploy Vista in their
environments.
The one above is about the FAA not wanting to do so, and I read one
article
recently about Intel not wanting to deploy Vista either.

The reasons many govenrment institutions and businesses don't want to
upgrade are many and they don't all center around UAC.

For some, hardware budgets and training come into play. For others, legacy
applications that are critical to the business are the concern. For some,
waiting for Windows Server 2008 and all the related technologies so that all
the interrelated technologies can be implemented and configured is the
reason. Finally, for some the sage advice "if it ain't broke, don't fix it"
is at play.

To state that UAC is the reason many have not upgraded is an
oversimplification and completely ignores the history of such major
upgrades.

-Pete
 
I don't think a company like Intel is restrained by any kind of budget that
would not allow an OS upgrade across the enterprise.

These "legacy applications that are crtical to the business" that you've
mentioned are engineered to spy on people and rob them, which is why these
businesses and government organizations can't deploy Vista. UAC would break
those apps.

I'm using Vista with Windows Server 2003 as my domain controller, and
everything works fine. I'll soon deploy Windows Server 2008, but it's no
excuse to not deploy Vista.

Like I said, Vista exposes a lot of thieves.
 
I hope they keep the UAC. It means you can feel safe on your computer.

I turned it completely off. I feel safe AND I don't get all those
damned popup screens every time I try to do something more complicated
than surf the web or do email.
 
SPEnthusiast said:
I don't think a company like Intel is restrained by any kind of budget that
would not allow an OS upgrade across the enterprise.

These "legacy applications that are crtical to the business" that you've
mentioned are engineered to spy on people and rob them, which is why these
businesses and government organizations can't deploy Vista. UAC would break
those apps.

I'm using Vista with Windows Server 2003 as my domain controller, and
everything works fine. I'll soon deploy Windows Server 2008, but it's no
excuse to not deploy Vista.

Like I said, Vista exposes a lot of thieves.


How the hell does UAC expose thieves?
 
Fmjc001 said:
I hope they keep the UAC. It means you can feel safe on your computer.


But you're not safe, you are no safer than you were before, there is
nothing new about UAC, it just used to be called common sense.

If you answer yes to everything UAC has done nothing, you are infected.
Very similar safeguards were possible with XP, almost nobody used them.

So all it has done is make you "Feel" safe, and if that is what it takes
you make you feel safe you likely never will be.
 
It's a common misunderstanding - what you don't see can't hurt you. Similar
to an outdated image of an Ostrich with his head in the sand, thinking if he
can't see you - you can see him.

Vista UAC, security exposes many of the "hidden" (surreptitious) uses/users
of administrator level rights and/or attempts to access network resources.
As mention, if you know what you are doing, if you take the time to
study/research/learn your system and most importantly - if you care...you
can be just as "safe" using XP. What Vista does is makes secure, the default
option. This is in line with any Security professional training, not to
mention common sense.

The average user, those that have enjoyed the benefits of blissful
ignorance, have also enjoyed the ability to blame the Evil Empire for
leaving so many holes in Microsoft Clients and servers. Generally speaking,
the absence if page upon page of complaints about Microsoft security have
come at the expense of numbers of users, companies and Govt's now
complaining that Vista is somehow flawed as a result of it being built to
insist on security, from installation thru production use.

Thou dost protest too much? There obviously is a learning curve, for
hardware vendors - who chose to ignore years of warning, reams of documents
explaining how this OS would not allow "shortcuts" which expose the Kernel
to compromises. Software vendors and users were and are painfully made aware
of the same issue Business as usual - Ain't no more.

Take the time (better use, just use pre-configured policy and templates) to
configure your system (do yourself a favor - give those 8, 16 and off brand
32 bit cards a fitting funeral, they earned it); yes, become the informed
user who has complained about security for so long - now that it is here ...
whining about "It's too good" just doesn't make sense.
 
But you're not safe, you are no safer than you were before, there is
nothing new about UAC, it just used to be called common sense.

If you answer yes to everything UAC has done nothing, you are infected.
Very similar safeguards were possible with XP, almost nobody used them.

So all it has done is make you "Feel" safe, and if that is what it takes
you make you feel safe you likely never will be.

It has also started to create an awareness by the causual user to some
of the things that spyware, etc can do to our machines that in the
past we have had no clue about. NO it is NOT going to stop an
infection! BUT hopefully it is a first step in getting users to stop
being Admins on their pc's and to just be Users like on the Mac's.
Sure Mac's have viruses etc, but they are not a problem because they
can't self install because the indivual is logged on as a User not an
Admin by default. Sure the User can say yes and the viruses will
install, but for some reason people don't do that. Education by MS
would solve alot of the problems they are seeing!
 
f/fgeorge said:
It has also started to create an awareness by the causual user to some
of the things that spyware, etc can do to our machines that in the
past we have had no clue about. NO it is NOT going to stop an
infection! BUT hopefully it is a first step in getting users to stop
being Admins on their pc's and to just be Users like on the Mac's.
Sure Mac's have viruses etc, but they are not a problem because they
can't self install because the indivual is logged on as a User not an
Admin by default. Sure the User can say yes and the viruses will
install, but for some reason people don't do that. Education by MS
would solve alot of the problems they are seeing!


Yes one hopes so, however things like Activex could always be
restricted, the default settings did not do so. This is rather like the
"Read in plain text" option that was finally added to OE. IS is not
terribly insecure, the default settings were far less secure. I agree
there is something to be said for forcing people to at least take notice
of things, but one should not advertise this as anything other than
awareness, it is not per-se a security enhancement.
 
Fmjc001 said:
I have it prompting for my password, so even if someone killed me
before i locked my computer they still cant do anything without the
password. Full drive encryption (256-AES), 3 firewalls. Only one on but
have 2 backups just in case. Have 2 AV one on realtime other is for
backup. Network Intrusion Detection, fingerprint USB and Local Security
Policy is set to disable any sort of security flaw that i can see. GP
disabling USB drives and CD drives for standard users and to top it all
off if you click one of my Icons that i made it will do an emergency
force shutdown. For eg, Registry or Local Security Policy have been
renamed and if you click on something saying "Regedit" You get a
"shutdown /s /f /t 1" command. Then you need my encryption codes. Oh i
have memory firewalls and Auto backup sync that updates every 5 hours.

Thats why i feel safe :). But the thing is, I dont have any sensitive
data on my computer lol. But, i feel like i could keep CIA secrets for
them :)

Well that's okay, however UAC is helpless if you do something stupid,
the publicity seems to suggest that UAC keeps you safe, rather it helps
you to remain safe "Provided" that you have common sense. Unfortunately,
present company excepted, the less knowledgeable still get caught.

Also, I am suspicious of IE "Add ons". Many crippled PCs I see are
running toolbars and crap that the users "Don't remember installing or
don't remember why they installed it". When MS have to make some update
to IE it is not reasonable to expect MS to consider whether this will
affect some add on that was not written by them. Nor can the toolbar
writers anticipate what vulnerabilities MS will have to act quickly to
respond to.

All of these things can result in broken systems and sometimes I think
it would be much better if everything shipped locked down and users had
to read a full explanation of the risks before unlocking "Windows".
 
Fmjc001 said:
. . . 3 firewalls. Only one on but
have 2 backups just in case. Have 2 AV one on realtime other is for
backup. >
. . .

I'm puzzled by your term 'backup' here. Are they just alternatives or is
it something more subtle ?
When would you go to the backup of each ?
I also tend toward belt plus braces myself.

Regards
Tom
 
My question was how does UAC expose thieves? I see no answer to how it
exposes thieves.

Numerous people are fooled into downloading and installing malware that
masquerades as security software. They "Think" Vista is more secure, but
in those circumstances it is not. UAC asks are they sure, of course they
are, it is an anti spyware / anti virus program - the website / spam
email told them so.

So UAC is NOT a security feature, it is simply an advisory feature, as
were the IE settings before it. For many it is a false sense of
security, because even if the software is malware UAC will still permit
it's installation if told to. Many expect it to "Know", just as they
expect Norton (or whatever) to "Know".

That does not say there is anything wrong with UAC, only that there is a
lot wrong with the perception people are given that "Somehow" they are
safer.
 
SPEnthusiast said:
Please take a look at this:
http://www.tmcnet.com/usubmit/2008/07/11/3541592.htm

Numerous articles like this have appeared on the Web about businesses and
government organizations not wanting to deploy Vista in their
environments.
The one above is about the FAA not wanting to do so, and I read one
article
recently about Intel not wanting to deploy Vista either.

That doesn't mean it is a UAC related reason, many companies still run
Windows 2000 (if it ain't broke - don't fix it).
It has become common knowledge that security features like UAC and Windows
Defender in Vista have put a lot of thieves out of business.

I doubt that very much. Actually, IE7 has made great strides in curtailing
foistware.
Obviously these
people have a lot of influence, if they can convince the FAA, Intel, etc.
that Vista is bad for their employees.

You jump to conclusions. There is no evidence that they have influenced
anybody. Some companies still have to have support in the OS for legacy
(or badly written) programs. XP was gracious enough to still allow these
badly written programs to run - Vista is just a little more insistant that
the
programs adhere to "least privilege" guidelines.
And now the consensus that they want to reach that they'll keep XP and
keep
ripping people off until Windows 7 is released.

No doubt while they're standing on a grassy knoll...
So, here's my question: Is Microsoft being pressured to retract features
like UAC and Windows Defender from Windows 7? And will Microsoft cave in?

I don't think that is at all likely.
 
Someone close to me had just purchased a new laptop, she said she
purposefully requested XP rather than Vista because of all the talk
about UAC - she opted for an easier OS.

Later, she broke the LCD (involving a thumb-drive and a rather large
housecat) gave it to me and purchased a new one for herself (XP again).

It turns out that she had it set to autologon as full administrator rights
user (no password) and she had saved an online chat log to her desktop
with most of her personal information and last four digits of her account
number - as a record of the purchase.

Vista makes it harder to be so idiotic - but as you have learned, it is not
impossible.
 
So UAC is NOT a security feature, it is simply an advisory feature, as
were the IE settings before it. For many it is a false sense of security,
because even if the software is malware UAC will still permit it's
installation if told to. Many expect it to "Know", just as they expect
Norton (or whatever) to "Know".

I agree UAC by itself is not a security feature. Some of the things that
rely on UAC like IE protected mode, locked down ACLs. etc., are.
 
John Amendall said:
I turned it completely off. I feel safe AND I don't get all those
damned popup screens every time I try to do something more complicated
than surf the web or do email.


Safe? well I hope something like this never happens to you.
Quote from Ronnie Vernon MS-MVP

It it only annoying until you run into something unexpected. Right after
Vista was first released, we went through all of the debates about users
getting to the point where clicking on the prompt became an 'automatic'
response.

One user told us about a utility that he downloaded and installed and he got
the expected 'security warning' about the file not having a digital
signature. He clicked to run the file anyway and the utility installed. He
then got a message to 'click here' to configure your personal settings. He
then received this prompt.

http://i196.photobucket.com/albums/aa86/rvmv/UACPrompt2.jpg

Without UAC, he never would have been aware of the second file being
installed, since he had already permitted the program to run. Needless to
say, he decided that he would leave UAC on.
End Quote

--
All the best,
SG

Is your computer system ready for Vista?
https://winqual.microsoft.com/hcl/
Want to keep up with the latest news from MS?
http://news.google.com/nwshp?tab=wn&ned=us&topic=t
Just type in Microsoft
 
Safe? well I hope something like this never happens to you.
Quote from Ronnie Vernon MS-MVP

[snip]

I have been online since late '90 and have yet to have my system
infested with either a virus or even the simplest form of malware. So
I install Vista two months ago and suddenly I need UAC to keep me
safe?

Bull.

That said... I have so many freakin' backups of my system it would
make your head explode trying to figure out how I keep track of all of
them.

I'm safe.
 
If I may add my $0.02 here, UAC is good for most "lame" or
"security-insensitive" users. You could argue till the sun sets down on the
question is the OS is "supposed" to prevent idiots from acting as such, with
many to argue that if someone wants to act as an idiot, they should be
allowed to do so.

The fact that companies don't adopt Vista easily has nothing to do with UAC
or with a bunch of influential "theives" as SPEnthusiast put it. There are
many more reasons for not adopting Vista, and this is not the right thread
for it.

In my opinion, in next OS versions, UAC should be left on just like it is in
Vista. Meaning it could be on by default, and if needed, it could be EASILY
disabled while giving all the right warnings and informing the users of the
result of their actions. I would even go further and create a "stealth" UAC
mode, or perhaps some sort of "auditing" UAC mode by allowing the user to
disable it, but still keep track of the activity that would have required
the user's input. This way the user could be able to track what processes or
actions required UAC interaction, and thus could be persuaded into
re-enabling it.

I know I would use such an option if it was available, and I don't see how
it could place an extra performance penalty on the computer, not more that
was required to run UAC in the full mode.

--
Sincerely,

Daniel Petri
MVP, Senior IT consultant, trainer
www.petri.co.il

Nonny said:
Safe? well I hope something like this never happens to you.
Quote from Ronnie Vernon MS-MVP

[snip]

I have been online since late '90 and have yet to have my system
infested with either a virus or even the simplest form of malware. So
I install Vista two months ago and suddenly I need UAC to keep me
safe?

Bull.

That said... I have so many freakin' backups of my system it would
make your head explode trying to figure out how I keep track of all of
them.

I'm safe.
 
Back
Top