The Dark Side of Windows Vista RC1

[franzon]

Firstly, learn some grammar. Secondly, you're saying that Photoshop, the number 1 program used by professional graphic designers, photographers, web designers, and the like, is poorly programmed? Wow, you really are a fanboy.

Do you remember that Photoshop is a Windows 2000/XP application? Do you remember that on Windows 2000/XP a lot of applications don't work if you're not administrator?

Once again, you're not convincing anybody here.

I don't care of ignorants like you

[Denis W. Veteran]

Photoshop is bad programmed if it requires UAC interaction

You can configure a program with right click on the icon and set the automatic runas setting for it.

Then please explain why in Pre-RC1 (don't know if this is fixed in RC1) ordinary apps such as Paint and Notepad have the UAC shield over them? It's just a small visual disturbance, but I sure as heck don't remember setting those apps to run as administrator.

Like many have said here, UAC should've been the way it was in OS X and Linux distros. That would've been a surefire way to make sure a user, competant or not, has authorized some major system setting change. UAC will be ideal if it just prompted for a password the first time, and on different occasions it'll show the Continue/Cancel dialog. That'll keep out random idiots from screwing around with an user's account, and will also make it less frustrating than, say, OS X dialogs that require a password each time (correct me if I'm wrong). And of course, cutting down on the UAC prompts. I can't run games properly as well if I don't pre-elevate them to adminstrator privileges, partially because they usually access the My Documents folder to read game saves.

Now onto the actual article itself: I agree with it, especially the wizards part. I personally wouldn't mind seeing the bottom text buttons axed altogether (Cancel is redundant), placing the Back/Next buttons in the style of IE7, and stuff like "Start (task)" placed elsewhere in the wizard itself. The way it is right now is just too damn awkward with Back and Next far across from each other.

Seeing with the situation in XP, notice how many installers say "you MUST have administrator privileges to install..." Well guess what, they no longer need to put in that line. Vista now does it automatically for them anyways.

[gigapixels Veteran]

I don't care of ignorants like you

:rofl: Look who's talking...

[franzon]

Then please explain why in Pre-RC1 (don't know if this is fixed in RC1) ordinary apps such as Paint and Notepad have the UAC shield over them? It's just a small visual disturbance,

Paint???? Notepad???

That's totally false! :crazy: Are you sure you've ever tried a Windows Vista build???

but I sure as heck don't remember setting those apps to run as administrator.

The setting to auto runas a program is avaible in Vista, right click on a program to access to its settings; this is also avaible in Windows XP. Have you ever tried?

Edited September 5, 2006 by franzon

[TruckWEB]

Hey Franzon, I don't know where you come from or how you got your hands on Vista, but you're a real pain in the a** fanboy who don't want to understand what's good or bad.

Is Microsoft paying you to post here? What is you DEEP knowledge of Vista?

How come you're the ONLY one praising and signing how good is UAC when everybody else point in the other direction?

Like I said, UAC is a good idea implemented the wrong way. Anybody who already clicked on OK without reading what's on the screen will do the same with the UAC pop-up box. Wow, that's a protection....

[macro]

Hey Franzon, I don't know where you come from or how you got your hands on Vista, but you're a real pain in the a** fanboy who don't want to understand what's good or bad.

Is Microsoft paying you to post here? What is you DEEP knowledge of Vista?

How come you're the ONLY one praising and signing how good is UAC when everybody else point in the other direction?

Like I said, UAC is a good idea implemented the wrong way. Anybody who already clicked on OK without reading what's on the screen will do the same with the UAC pop-up box. Wow, that's a protection....

I disagree with him as much as you do but try to attack his arguments not him personally. In fact just let him keep posting because it's funny :yes:

[Stunna]

Paint???? Notepad???

That's totally false! :crazy: Are you sure you've ever tried a Windows Vista build???

The setting to auto runas a program is avaible in Vista, right click on a program to access to its settings; this is also avaible in Windows XP. Have you ever tried?

I just noticed run as in winXP

this ownz

does UAC run as a service?

or is it just permissions

and on linux and osx do their pop up things run as a service ?

[psyko_x]

Do you spend your life to delete files every day and at every hour? No, so you have just only to click on the UAC prompt in order to allow the action, and this doesn't happen often because you don't delete files at every hour of the day! So I don't think this is annoying.

And do you understand what happens when a program try to delete these files without your knowledge if you hadn't the UAC? You'll lose the files and you'll cry just like when you're using windows xp as administrator

Here's what happened to me yesterday. I had a folder full of pictures and old pdfs. I scanned through the folder, used the control key to highlight some pictures and deleted them. The UAC pops up and I was annoyed but whatever. Then as I'm looking through the pdfs I notice some other pictures I want to delete. The UAC pops up again. I go to delete some old pdfs, the UAC pops up. It drove me crazy. They're my files, not system files. If I delete something on accident I'll just restore from recycle bin or system restore functionality.

[b_pizzle]

i posted this in another thread about the UAC but i figure it's relevant to the discussion here too. tell me what you think:

You know, I agree with both sides of the UAC arguement. I will say that I DO NOT like to be bugged when I'm just using the OS to do things like move files and delete BUT any extra protection over what we have now is always welcomed.

I think I, for one, will wait until Vista final is out to make my final judgement on UAC. My hope is that after RC1 is distributed and all of the complains roll in, that they will finally make a serious effort to make it "bug" you in a more uniform and intelligent manner. We shall see though...

[stockwiz]

:no: :no:

You wrong!!! UAC is especially suitable for power users, because with the UAC the power users will have the true full control of own computer. Without the UAC, the power users can't have the full control. Having the full control means you always know what happens and UAC help you for this purpose

I disagree. Those who sacrifice freedom for security deserve neither, but I do think UAC is a good idea for the average user. I'm glad they let you turn it off, though, because as a power user I don't want to be prompted about any actions at all. I know my PC, and I can tell immediately if something fishy has been installed. I don't need to be hand held, though I must say, most people do.

[»X«]

Its not intuitive to turn off though. It can be done by the "poweruser" by the new user wont have a clue.

[stockwiz]

Your missing the point

If I want to run an admin task, its because I WANT to run an admin task. Unless I am a complete n00b I'm not going to be running a dodgy virus and like I said above I already have protection for that.

Again, the average user will just always click yes on the prompts. I've seen users install personal firewalls and because they don't understand or don't care about the prompts, always click yes to allow every program that tries to connect out.

UAC is flawed

good point. I'll bet many home users just click "yes" on everything anyways. But microsoft had to do something, as everyone kept screaming how insecure the operating system was. Seems to me like it was more screaming then actual insecurity, as I never had a problem with security in windows. Install a firewall an antivirus... what's so hard about that? Look and see what's trying to access the internet. Stop visiting porn sites and clicking on email attachments. Use some common sense.

If you download a virus from the internet what do you expect to happen to your computer? People need to be more responsable. If they aren't well that's their fault. They are kind of in a corner here. On the one hand, people want to be able to install applications. On the other hand, installing any application carries possible risk, so what are you going to do? There's no magical solution out there aside from installing an antivirus software and basic outbound filtering firewall... or implementing a system that asks you before you want to do anything.

[LiGhTfast]

agreed im well enough to cope with looking after my own computer. UAC ****es me off no end and cant be assed jumping thru hoops this os wants me to do at every turn. Were the hell is a simple off button for all this crap.

Its just retarded i've been using vista instead of xp for about 3 days now and am getting more and fustrated with everything. Someone lost the plot with the the sidebar, yeh it was fun for a while in the longhorn alphas but i think we all know now its useless. The UI is a mess, glass was fun for a while but OSX is still much better.

Pauls got it spot on imho

[macro]

agreed im well enough to cope with looking after my own computer. UAC ****es me off no end and cant be assed jumping thru hoops this os wants me to do at every turn. Were the hell is a simple off button for all this crap.

Its just retarded i've been using vista instead of xp for about 3 days now and am getting more and fustrated with everything. Someone lost the plot with the the sidebar, yeh it was fun for a while in the longhorn alphas but i think we all know now its useless. The UI is a mess, glass was fun for a while but OSX is still much better.

Pauls got it spot on imho

Wow, member number 7, old school!

And I agree with what you said there, I really really hope Microsoft delays it a few months, why bother releasing this as it is? Windows users should have higher standards than this, if you are happy with Vista at this stage, I dunno what to say...

[Julius Caro]

I think UAC is poorly implemented. Specially with web browsers/apps like firefox, IE or wlm.. when you try to open a file, you already get a warning. When the file is opened, you get the UAC warning. Twice warnings!

By getting prompted that often, the only thing that they will get is people automatically clicking on the allow button without paying attention to the message. Imo, the default user account shouldn't be an admin, and if it is, UAC should ask for the password, just like linux does when you are about to do something relevant.

Not to mention the flickering that it's totally annoying. I think I wouldn't mind UAC if the screen didn't flicker!

They should re think what system actions are important enough to use UAC. The system perfomance monitor has a prompt and I don't think you can do anything harmful with it! Isnt it only to watch the graphs and stuff?

Also, I think the UAC thing should be application-specific, instead of "action-specific". Like, when you enter the control panel, you should only be asked for the password ONCE, and not depending on w hat you're going to do. BUT there are obviously some control panel things like changing the appearance that shouldn't require UAC warnings.

IMO, the control panel is poorly categorized this time, but at least the search thing is really useful. I think the control panel should have like 2 "layers". The customization/user-specific one, and the important/system-wide one.

UAC is not that bad... but it would be more useful if it asked for a password and the default user wasnt already an admin. They should stop giving admin priviledges by default to the main (first) user.

[Denis W. Veteran]

Paint???? Notepad???

That's totally false! :crazy: Are you sure you've ever tried a Windows Vista build???

:rolleyes:

The only app that SHOULD have the shield is WinRAR. But what's with the other shields?

[bipp5]

:rolleyes:

The only app that SHOULD have the shield is WinRAR. But what's with the other shields?

I'm not defending anyone here (I have my likes and dislikes with UAC) but something is definitely not right with your install of Vista. I've tried both Admin and Standard accounts, along with the Guest account, and none of those have shields on Paint or Notepad, or especially the Welcome Center. Was this an upgrade or a fresh install?

[lukeangel]

I hope that this will not be another windows release where you don't get a coupon to go back to XP or you can get XP downgraded like they did with Windows Me. Especially with the next version of windows only 2 years away (supposedly) I think we could hold on to XP for another year or two.

[Denis W. Veteran]

I'm not defending anyone here (I have my likes and dislikes with UAC) but something is definitely not right with your install of Vista. I've tried both Admin and Standard accounts, along with the Guest account, and none of those have shields on Paint or Notepad, or especially the Welcome Center. Was this an upgrade or a fresh install?

It's a fresh install. As I said, it's only a visual annoyance, and has no impact on how the applications run.

[kaiwai]

Retyping password like Linux is even more annoying. I think just a click on the button OK or Cancel is not that annoying. Remember when you do administrative things in Linux, you need to use "sudo" syntax anyway.

Not correct; you can add the password to your password rememberer (can't remember the exact name) which is available on both KDE and GNOME; just click on the 'save password' when the dialogue comes up.

Also, normally, if you're already in a shell session, once you've been authorised, you should be able to keep doing sudo <command> without further requests until such time you close that shell session, and open up a new one, thus requiring re-authorisation.

You're missing the point. Why should UAC come up for deleting a file? That's stupid. UAC should act EXACTLY as Mac OS X's security popups. They only pop up when doing true administrative tasks. And they ask for the admin password, which is a lot more secure than this crappy component of Vista.

Then the issue is that they've got the permissions too restrictive; not the issue of UAC itself; I am assuming you're deleting a file outside your user directory? correct me if I am wrong.

I agree with you, but not fully. Sometimes -not always- developers faced with situations where the only to run such thing is by having Admin rights, MS created that limitation and the only way to do it is by having admin rights !!

True BUT thats only for a *VERY* small amount of programmes; if you want to tinker with operatng system itself; for a user application like Nero which is simply writing to an external storage device, you shouldn't need it to be loaded in Administrator mode; I mean, goodness gracious me; you can set FreeBSD up so that the KDE cd burner can burn in user mode by simply allowing VFS usermount in sysctl.conf and adding the necessary permissions to allow writing to the said device.

Yes, it is hard to believe, but there are software titles out there who require administrator access because the programmers were too lazy to properly use the features in Windows - those companies who don't use the registry properly, and keep the user and system setting seperately, as one example, and write all the settings to the root registry settings rather than having only the core existing there, and the end user settings being written to the registry file that sits inside the end users directory.

Of course being admin by default makes everything easier as it all "just works", but if they are attempting to "fix" that problem with UAC than i think they should start right there, with the accounts. They are attempting to build a bridge in Vista, a retarted one in its current implemenation, where they give you an Admin account by default and then prevent you from doing admin tasks without bothersome notices. They should start whole business by putting users in user accounts by default and then asking them for elevation, if needed.

I just think they are going about it in a really stupid fashion really. It will only cause confusion for developers, users, and administrators alike.

Main fustration i've had with Windows post Windows 2000... MS seems to think were all so stupid that we need them to hold our hands the whole way. Ah well... Like i said i'm not hoping on the Vista bandwagon anytime soon. I've used the Betas and Pre-RC and i'm simply not impressed. Why couldn't MS just keep the "Business" and "Consumer" line seperate? Then i wouldn't have to deal with this garbage :p;)

Why didn't they just chuck out Windows, and start again using OpenSolarias as a core, and build ontop of that; extend Windows XP support for 5 years, provide a free virtual machine, provide a 'carbon' like win32 capability by using Mainsoft, and voila, within 5 years, most application vendors would have moved to the new said platform, and all would be happy.

Oh, and btw; in Windows 2000, you were administrator by default; there was no was attempt to limit power in it; Windows 2000 was meant to be the grand unifier of win9x and Windows NT, but it didn't work out; and they kept it this way in Windows XP to maintain compatibility; not because Microsoft wants to, they could make a secure operating system tomorrow if they wanted, but the fact is, they would have <bitter bitch mode>whining blow hards such as yourself, bitch that his 15 year old application isn't working in the latest version of Windows, and apparently, its everyone elses fault that you're a cheapskate who is unwilling to upgrade your applications more than once in your lifetime! </bitter bitch mode>

[Stunna]

I think UAC is poorly implemented. Specially with web browsers/apps like firefox, IE or wlm.. when you try to open a file, you already get a warning. When the file is opened, you get the UAC warning. Twice warnings!

By getting prompted that often, the only thing that they will get is people automatically clicking on the allow button without paying attention to the message. Imo, the default user account shouldn't be an admin, and if it is, UAC should ask for the password, just like linux does when you are about to do something relevant.

Not to mention the flickering that it's totally annoying. I think I wouldn't mind UAC if the screen didn't flicker!

They should re think what system actions are important enough to use UAC. The system perfomance monitor has a prompt and I don't think you can do anything harmful with it! Isnt it only to watch the graphs and stuff?

Also, I think the UAC thing should be application-specific, instead of "action-specific". Like, when you enter the control panel, you should only be asked for the password ONCE, and not depending on w hat you're going to do. BUT there are obviously some control panel things like changing the appearance that shouldn't require UAC warnings.

IMO, the control panel is poorly categorized this time, but at least the search thing is really useful. I think the control panel should have like 2 "layers". The customization/user-specific one, and the important/system-wide one.

UAC is not that bad... but it would be more useful if it asked for a password and the default user wasnt already an admin. They should stop giving admin priviledges by default to the main (first) user.

if its application specific then it wont work right

[medafor]

wow it seems no one is completely happy with UAC. im glad im not alone on this one. :whistle: . i agree with the fellows who dont mind a delay, for MS to put vista out in this shape and fashion would be obsurd. XP is fine for now, vista shouldnt be rushed.

[Jazket]

Sadly to say it but I am more than a Power User, and UAC (to me) gets very annoying after 15 minutes of continuously using Vista. It is BAD. I dislike it :( Sorry Microsoft, but it is going the wrong way.

To give you a better point of view: I Installed Vista Beta 2 on my little brother's Computer and I was exited to see him using Windows Vista and trying to get used to it and like it the same way I DO (believe me I like Windows Vista just about too much; and he's 13 years old btw); and two days after he's been using and playing and messing with Windows Vista he came to me with these little quote that I will never forget:

"Jaz please install XP again, I don't like that thing its a piece of crap and it would not stop asking me stuff everytime I do something... the only thing that I like is that Solitaire Spyder looks cute thats all... and it is way too slow i dont like it..."

I was impressed! :huh: cought in some sort of shock! :blink: seeing my little brother, being annoyed by Windows Vista's UAC and some of its performance problems back then in Beta 2.

:(

Edit:

I remember writing this a few months ago at WinCustomize, when Wardell yelled at Microsoft due to UAC's annoyance, by the days Paul went nuts with it too. You could have a read at this and probably end up agreeing with me if this is/was the easiest way to fix UAP under Vista:

--------------

#13 by JazGam

Thu, May 18, 2006 11:42 PM

I don't remember if I ever suggested this to Microsoft's Windows Vista DevTeam but if didn't here it is, catch up the fly. There is an easy way/method to fix the Security Prompts/Dialogs threat. That really is annoying believe me you're not the only one Wardell, I'm with you on this. But there is a way the DevTeam could solve this mess. I always thought of having "Temporary Admin Powers" but reffering to them as "in-action" privileges. What I mean with this is, a power user, it doesn't have to be an Administrator, could load up a temporary "access" to all or most of the "not-so-critical" security issues under the system itself, this would give the User the advantage of having a "warningless" OS, yet with all the security strength that it comes with. Let's talk about timers now:

- The Workaround.

Loading up a "temporary" admin status on either a Power User or Administrator account at the time where the OS logs you in, would be the easiest way to stop the system from showing up the annoying security-warning dialogs every time you have to do stuff like moving a file from one folder to another in the system, replacing, renaming or deleting files. Now, however the timer runs, regardless of how long it could stay "activated", we will have a powerfull tool which grants us with the privilege we need to do common tasks in our Computers. Let's say you give the timer 20 minutes per session, now ever since you logged in you will have a period of 20 minutes in where you can execute these common tasks without having to be bothered by the systems' security warnings. Forget about the 20 minutes limit, this could be configured under the system policies to fit everyone's needs, even with a single setting per user account.

Now what happens when the timer is over?... All of our Admin powers are lost (they're gone!) and we would either have to log-off and log back on (not a kind way to stop me from finishing my work), suffer the "sec-warning-diags" attack or work around another method to regain these powers, by either telling the system to ask for an admin password confirmation to give you back these powers. Now here is where our little friend named "timer" comes to the rescue. I wouldn't want to have to enter a password every 20 minutes because I lost my admin powers or such, so I can just change the settings under my timer, and set it to whatever the system limit is/would be; let me exaggerate... 2 days.

It sounds complicated but it also looks as the only way to get out of this mess without having to "re-do" all or most of the already written security core. The current security under Windows Vista is just amazing and extremelly "secure" but it hurts the guts like a stab (at least, thats how i feel it; not that I've ever been stabbed though...). Having a "temp admin powers" feature would be the easiest way to take away our fear of having to right-click our Recycle Bin wondering if we will have to go through the "sec-warning-diag" storm again!.

- Strength and flaws in this method.

I'm pretty sure the DevTeam could work this up and add a bunch of ways to configure your Windows Vista to meet your security needs. Such prompts are not needed at home when your kid is playing a very entertaining NFL game, or when you are watching your local TV Listing with Media Center, or simply going through all your pictures from last year. Therefore, we should be able to configure all this stuff previous installing the system, or right after its done installing and ready to configure your desktop (or ready to "start" how Microsoft calls it; now that really made me cry of joy; they got style) or simply by googling it online or wait until some geek user finds the way to do it and spreads the good news on every forum over the net...

On the other hand, Corporate users, Offices and such DO need to have control over this. Here is where our whole new method turns from being totally useless to a must-configure feature under the OS for it to work just as we want or need it.

I tried to make this whole mess something easier for everyone, but if you read my post a FEW 4 times you will get the point. Hope I have expressed myself correctly.

Jaziel.

----------------------

Source:

http://wincustomize.com/articles.aspx?SID=...=117896&c=1

Edited September 6, 2006 by Jazket

[laz45]

The problem itself is not UAC but how the programs are written. In other OS's the programs are written in a way that they do not have to touch administrative rights but in XP/Vista its the complete opposite....

[gigapixels Veteran]

Then the issue is that they've got the permissions too restrictive; not the issue of UAC itself; I am assuming you're deleting a file outside your user directory? correct me if I am wrong.

I haven't touched a Vista build in ages (since 5384), so I couldn't tell you first-hand, but from what I'm reading in this thread, users are getting it while deleting from directories in their home folder, therefore not harmful to the system, and making a UAC prompt completely unnecessary.

The problem itself is not UAC but how the programs are written. In other OS's the programs are written in a way that they do not have to touch administrative rights but in XP/Vista its the complete opposite....

You're not understanding it. We're talking about programs and functions built-in to Windows that aren't touching administrative areas but are still initiating the UAC prompt.