Why do idiots disable UAC & claim it's not a security function?

Silent = Never notify

That's what I'm referring to. It's the "lowest" setting.

No, it is not the same as turning it off. There's a very big difference. Protected mode should still work with "Never Notify." It won't work if you actually disable it there or through other means.

That was my interpretation at least.

 

Nope, "Never Notify" is synonymous to turning the User Account Control system along with its related functions off entirely.

You can thank Microsoft (which normally they are good about wording things well) for making this confusing setting page/slider.

I have just done some research and apparently this is a common misconception - more common than I thought - so I shall clarify:

Microsoft uses the language "Never Notify" because they have this tendency to want to word things super intuitively in relation to how the typical "home end user" will perceive it. Most users think of UAC as the prompts only, so Microsoft named the "Off" setting "Never Notify" since most people would relate to being notified as the only noticeable aspect of UAC.

But, if you set it to "Never Notify," your protected mode will be gone, as will your virtualization. I admit, it is confusing, and I apologize for not realizing what you were talking about. Microsoft needs to make the wording more clear and call the setting "Disable User Account Control" instead; furthermore, they need to explain the other features that will be disabled in respect to making that setting choice. Or, what they could do, is use my suggestion and implement another slider option right above the "off" position and make a true "silent" mode.

For the time being, if you want to get rid of the prompts and use a "silent" mode manually, this can be done via group policy editor OR the registry (always back up the registry first/make a restore point).

Courtesy of MalwareTips.com, this article provides a great description of this issue, including setting the record straight on "Never Notify" being a true "off" setting. Additionally, the writer explains how to set up Admin Approval Mode to run "silently", or more formally, with automatic elevation. You can extend this basic setup with the suggestion another user posted in this thread earlier, by having things auto-elevate only for signed applications if you wish. I would recommend doing so.

Either way, you are making a considerable security sacrifice by doing this. Malware can easily automatically elevate itself - that's a no brainer - but the difference is you won't be unnecessarily, ridiculously handing over admin rights to everything that runs on your system. And more importantly, you won't be missing out on some of the best improvements that Windows Vista/7 offer, which include file/registry virtualization to keep your system clean and lean (for older/crappy apps that refuse to use the LUA concept), and of course protected mode for IE which is basically a built-in sandbox that is seamlessly integrated into Windows. Integrity levels really are the bomb, and as you've said Hungry Man, more vendors need to take advantage of this.

So please, do yourself a favor, and if you MUST turn UAC off, don't turn it off. Instead, use the link above to the guide that shows you how to make it "silent".

Important Note: When you follow the steps in the guide, make sure that you only alter the behavior of UAC prompts for administrators in Admin Approval Mode. Do not change the behavior for standard users, as if you make a guest account for a visitor on your computer, you don't want them being able to change administrative settings or install applications under most circumstances, do you? Remember that UAC also has the power to prevent non-administrators from making changes to your PC.

Behavior of UAC for standard users should always require administrative credentials. Admin Approval Mode is the setting you may wish to alter.

Hope this helps.

 

In addition to what was mentioned by STV0726, this Microsoft page does mention that Never notify equals Disable UAC.

But, they should make that very clear in UAC settings.

 

Thanks for that link.

EDIT: Another way to show this is to disable UAC using the System Configuration Utility. It uses different language, but no matter where you do it, you will notice it changes the slider to "Never Notify" because the setting is synonymous. The wording is definitely aimed at homey end users who just think of UAC as the prompts; but as a side effect of them using that language, it confuses other users into thinking Never Notify means "silent" when it does not.

 

Thank you for the most well thought out post of this thread. This is why you should not turn it off. That, and I love Windows 7 UAC on a standard user account. When the standard users at work need to install something and it prompts for a user name and password, I can enter the admin credentials and not have to log into another account to get something working. Big time saver. It never quite worked that way in Vista.

 

Very good testimonial.

 

I remember the days, years ago, when I too was over-obsessed with PC security to the point where it was hard to draw the line between whether my computers were tools used to accomplish jobs, or solely to run security software to protect themselves from themselves because "the sky is falling."

I haven't run UAC since it was first introduced, or any real-time anti-malware software in over six years. I guess I'm just one of those idiots who needs a nurse maid.

There was a guy a few years ago on DSLReports who, for a two week period, published his IP address, even on hacker websites. He challenged anyone to hack his computer while he was doing some light internet surfing to regular sites. He swapped out about 3 or 4 consumer-grade routers, and along with only having XP Firewall up at one point. Nobody was able to do it except for one guy who got a spoofed UDP packet through (they actually had to coordinate it over the phone.)

The point is, why do I need programs that only protect me once malware has been introduced to my system, if I never introduce it in the first place (because I didn't fall for the social engineering tactic use to dupe me into downloading it onto my system?)

The whole argument of this thread is pointless because if you know how to properly use your security software or whether something should be allowed to run, you probably don't need the protection. On the other hand, if you're clueless, there's not a whole lot other than a prompt-less default-deny system that can protect you from yourself.

(The default-deny system in my brain has done a pretty damn good job in the last 6 years.)

 

Why is the blame being put on the article?

Should not the blame be put squarely on the shoulders of those who actually turn something off without actually knowing what they are doing?

Sounds to me more like a lack of education on the end users part rather than the author(s) being stupid or whatever.

Just another example of how careless people are, because they really could care-less about such things.

 

When I started reading your post, I thought to myself - This is probably someone who knows what is saying. - but then, you mentioned The whole argument of this thread is pointless because if you know how to properly use your security software or whether something should be allowed to run, you probably don't need the protection.

Either you need it, or you don't. There isn't a middle term such as probably.

And, I'd imagine you're also referring to white-listing, correct? What if something hijacks, say, your web browser, while you're surfing? The web browser is allowed network access and so is anything within its memory space. So long for white-listing.

I suppose that guy over DSLReports didn't test his security setup against this kind of threat.

And, did you perhaps even consider the fact that true hackers probably weren't interested in wasting their time and resources hacking into some worthless person's system?

 

Thats a good point ,but in my experience most people who dont know what they are doing concerning UAC dont know how to turn it off anyway, and most poeple who do turn it off know what they are doing and are happy without it.

 

The problem is that, sometimes, people who should know, don't really know. When a relative of mine bought her laptop 4 years ago or so, I noticed that there were remnants of a rogue security software installed.

So, the computer shop folks, who were suppose to know, didn't know, and they ended up installing rogue security software. I suppose they figured out afterwards, since it was removed. But, they didn't even have the good decency of reformatting the HDD, just in case it installed some rootkit.

The same can be applied to bloggers. Many think they know, but not quite so in reality. I've seen one blogger (a local blog) telling people to disable Secure Desktop, because it was annoying to him.

Disabling Secure Desktop is an easy way for keyloggers to have access to the user administrator's password.

The real problem is that, people who are starting to learn, may and will, eventually come across such information, and will be mislead into believing they're OK to disable such functionality. The same applies to UAC, of course.

 

UAC settings for silent and strong security (better than turning it off) as ADMIN, change this through registry (regedit)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System


FilterAdministrativeToken = Enable (1)
ConsentPromptBehaviorAdmin = Elevate without prompting (0) YOU WON'T SEE UAC PROMPTS
ConsentPromptBehaviorUser = Automatically deny elevation requests (0)
EnableInstallerDetection = Disable (0)
ValidateAdminCodeSignatures Enable (1) THIS WILL DENY ELEVATION OF UNSIGNED PROGRAMS
EnableSecureUIAPaths = Enable (1)
EnableLUA = Enable (1)
PromptOnSecureDesktop = irrelevant with these settings keep Enabled (1)
EnableVirtualization = Eable (1)

 

How about: http://www.tweak-uac.com/home/
would this creat an acceptable silent mode?

 

That would simply make use of what user Kees1968 mentioned above. No magic there.

 

If you are going to tweak the UAC system to automatically elevate, I would at least use what Kees posted to ensure it only elevates signed applications.

 

Interesting - awful wording on MS's part.

 

Definitely. Without a doubt.

There is no indication whatsoever that one will lose protected mode and file/registry virtualization by setting UAC to "never notify."

So referring back to my suggestion post on the previous page, I was suggesting Microsoft implement a "silent" mode that is "one notch" above "off" on the slider. This would automatically elevate signed applications and only prompt for unsigned applications. Or they could make it just auto-elevate everything for Admin Approval Mode. The point being that the slider bar should offer a bit more granularity that is actually useful to users.

Or, even more ambitious and following the route they are taking with MSE being super simple, they could remove the off position altogether on the slider page and just offer a true, fully silent mode. However, if they do this, there absolutely still should be a way to fully turn the entire User Account Control system off in the system configuration utility. If it is turned off there, the slider bar page should be grayed out. Something like that; so the end goal is to provide a back-end way to fully disable it for precautionary purposes, but to prevent homey users from ruining some of the best improvements in the OS; let alone preventing them from causing issues with their installed applications due to toggling UAC on/off which is not recommended but not clearly documented!

Of course, the options in gpedit.msc/registry should still exist for pro users to add tweaks for their own preference!

 

It's easy to find out, though.

 

Not easy enough - by the time people research these things they have likely already played with the UAC on/off settings, and thus have already caused some application errors.

I think turning UAC fully off should be a more "hidden", master switch type of setting.

The slider bar needs to reflect setting up just the notifications that people may find bothersome; which the way it is worded presently makes it falsely imply.

 

Here everyone, we need a bit of comedy to lighten this thread up...

This screenshot is from a guy new to Windows Vista/7. He did not know that the "root" Administrator account is disabled by default, unlike on Windows XP. Therefore, he assumed he could safely demote his original admin account (that was created during the Windows initial setup) to a standard user.

In doing so, he locked himself out of Windows.

 

Yikes.

 

Priceless!!!

 

That's why I always advocate a combination of LUA + SRP as outlined here (or, as an alternative, LUA + Applocker but I don't know enough about that as I've moved to Linux) . An application that should not execute (like a drive-by download or an email attachment) will not execute. Period. The user doesn't have to make any decision about it. The only UAC popups would come from legitimate applications asking, e.g., for an update.

Well, although I've said that I moved to Linux I'm running Windows 7 in Virtualbox as LUA + SRP, and I don't get popups all over the place. How come I must be doing something wrong

 

UAC is not as evil as many would like it to be... I only see alerts when I manually initiate something that I know it needs administrator rights.

There are a few exceptions, though. I've mentioned Java, which adds an autorun entry that will trigger the updater. Which can be annoying for those who don't understand what UAC is all about.

Others must be doing something wrong, not you.