Paul Thurrott's SuperSite for Windows
Home > Type > News > Vista's UAC feature was designed to annoy users. Good. It worked

Vista's UAC feature was designed to annoy users. Good. It worked

Apr. 14, 2008 Paul Thurrott | Paul Thurrott's Supersite for Windows

A ZDNet reporter attending the RSA security conference last week noted that a Microsoft employee said that Windows Vista's User Account Control (UAC) feature was designed specifically to annoy users. Here's the quote:

"The reason we put UAC into the (Vista) platform was to annoy users--I'm serious," said Microsoft product unit manager David Cross, speaking at the RSA Conference here Thursday. "Most users had administrator privileges on previous Windows systems and most applications needed administrator privileges to install or run. We needed to change the ecosystem. UAC is changing the ISV ecosystem; applications are getting more secure. This was our target--to change the ecosystem. The fact is that there are fewer applications causing prompts. Eighty percent of the prompts were caused by 10 apps, some from ISVs and some from Microsoft. Sixty-six percent of sessions now have no prompts."

Fair enough. There's ample evidence that Windows users needed to be jolted out of the it's-OK-to-run-everything mentality that has contributed heavily to many security issues on this platform over the past several years. And even without having been there, you can tell exactly how this was presented: Microsoft felt they did the right thing and Cross communicated that in a slightly ironical tone because it's hard, generally, to understand why annoying people is the right thing to do.

Obviously. But then we also don't have to stretch our imaginations very far to see how this was misreported around the Web. Is someone planning a class action lawsuit against Microsoft yet? I mean, the indignity. :)

Discuss this Article 12

brandon.pope
on Apr 14, 2008
Annoyed was right. I have to say though, I agree that the UAC issue has become less of one recently. I don't know if it is for the reasons listed in the article or if I just know what to avoid doing better.
BrightrevCarl
on Apr 14, 2008
The average user is just going to hit OK no matter what, so I don't think it makes a huge difference in preventing people from running things they shouldn't. I am with Brandon in that I rarely see UAC prompts any more, or at least I don't notice them as much.
RunTimeError
on Apr 14, 2008
Annoying or not, UAC needs a password prompt a la Linux to be truly effective. I remember seeing this in early Longhorn screenshots, why did it get dropped?
Waethorn
on Apr 14, 2008
"Annoying or not, UAC needs a password prompt a la Linux to be truly effective." It does - if you're running as a limited user. If you set your user accounts up with Administrator access, they just prompt to notify that it's a system-wide setting without requiring that you enter your credentials (you're already logged in, so why ask for them again?).
Auras
on Apr 14, 2008
@RunTimeError: It does require a password but only if you are on a non-administrator account. UAC is annoying... at first. Of course when you do a fresh install of Vista you're going to have to update a few drivers and install your software, codecs and whatever else and that's when it bugs you the most. After that you're only going to see it when you're installing something, and that's going to not happen every week. Now... al that remains to be done, for Windows 7, is to find a sercure way to install those apps somewhere so that you won't see UAC everytime you install something. IIRC, on Mac OS you aren't prompted for administrator privileges when installing software, right? Maybe a "Install only for me/all users?" option ?
kellymjones
on Apr 14, 2008
There will always be the individuals who install anything at any time for any reason. As for my wife and daughter, they are much more wary installing applications than in the past. People are *slowly* getting the message. UAC is a nice in your face way of warning of you of administrative configuration changes. I'll trade a little annoyance in exchange for helping to eliminate silent installs. I think Microsoft's comments about UAC are to emphasize that UAC is a warning, not a cure.
daveinla
on Apr 14, 2008
Auras: OSX doesn't prompt you for a password as long as the install will only put file limited to the user's folder area, or if it's just a drag and drop App install in the Application folder and provided you have Admin privilege in your account. Now if you launch an installer that will put stuff in various folder shared by many users (General Library Folder) in that case OSX prompts you for a password. But that's about it. 90% of the installs in OSX are drag and drop and don't require password.
Lindy
on Apr 14, 2008
UAC can be setup via GPO to prompt for a password even for admin accounts. For once I totally agree with MS. XP is a great OS, but I make good money off of rebuilding XP because of Admin accounts, some with out even a password:) I think once the stupid developers change the way they code, and get on board, then the next version of windows should NOT allow you to turn if off...and require a password for every account.
Waethorn
on Apr 14, 2008
"I think once the stupid developers change the way they code, and get on board, then the next version of windows should NOT allow you to turn if off...and require a password for every account." Agreed. But I'd like to add that they should be "5TR0nG" passwords too.
pthurrott
on Apr 14, 2008
I asked about the require a password thing years ago... probably when Windows 2000 was in development. And I think the answer says a lot about Microsoft and speaks to the whole "differences between Microsoft and Apple" thing that pops up here a lot. The reason they don't require a password is that there are certain governmental and military customers who install Windows in highly physically secure locations. They absolutely positively don't want to be forced into requiring a password. Doing so, literally, would cause them to look elsewhere. So here we. I agree it's dumb. But that's what they told me.
joe-dokes
on Apr 14, 2008
Waethorn, Strong passwords are overrated, I honestly believe that passwords should be replaced by pass phrases. For example, (your example which you probably don't use) 5TR0nG is not as strong as many people think that replacing o with 0 and i with 1, s with 5, on first blush this seems smart, yet brute force attacks can take into account these. Thus, while it may take some additional time to break that password, it isn't much longer than a simple dictionary attack. I believe a better example might be strongpersonwhosmells, a dictionary attack against this event without the number replacement would be far more difficult to attack even though it uses plain English language words. Thurrott, I believe that you are reporting on the requirement of passwords is accurate but I believe MS lied to you or at least was disingenuous. For example, the whole notion of Apple and MS is absurd. On a mac which uses unix you can log in as root; which, is essentially the same as admin under XP. Admin in OS X is essentially sudo which temporarily elevates the user power to super user status. It usually requires a user to input a password. I honestly believe that Windows will eventually fully embrace this model. I believe they didn't do it in the case of Vista because they did not want users to get into the habit of blindly entering a password. After all what could possibly be worse for security than teaching users to enter a password whenever prompted. Vista at least upon initial installation still requires too many UAC prompts. As stated above this seems to mainly a problem of poor choices made by third party developers. Regards Joe Dokes
Waethorn
on Apr 14, 2008
"I believe a better example might be strongpersonwhosmells, a dictionary attack against this event without the number replacement would be far more difficult to attack even though it uses plain English language words." not really. if anything, it would be harder for a brute force attack to get through that. dictionary attacks don't assume you use spaces. nothing will stop a brute force attack unless the security system locks you out after so many tries. Windows Vista supports that on an Active Directory domain. the strongest passwords are alternate ASCII characters anyway though. if you're really paranoid about security, you should be looking at using security cards or hardware security keys.

Please or Register to post comments.

Related Articles

IT/Dev Connections

Las Vegas
September 30th - October 4th

Paul ThurottYou'll have the opportunity to experience:
• 120 Technical
Sessions
• Networking with Peers
• Expert Speakers


Come See Paul Thurrott & Mary Jo Foley in Person!

Register Now

Office 365 InfoCenter

Get the latest insight and info from Paul

Read Now!

What I Use
Apr. 18, 2013
Article

What I Use: On the Road 21

Every so often, I publish an updated version of my “What I Use” document, which details the technology products and services I actually use day-to-day. Since I’m currently on my third business trip in five weeks, this is perhaps an ideal time to discuss the technology products I rely on when I travel and a few related points....More
Mar. 6, 2013
Article

What I Use: March 2013 33

Lots of changes since November, including a new PC-based home server running Windows 8, several new smart phones, new PCs and tablets, new cloud backup, Office 365 Home Premium and a nice doubling of my Internet speeds courtesy of Verizon FIOS....More
WinSuperSite.com
Related Penton Sites
Copyright © 2013 Penton Media, Inc