Why do idiots disable UAC & claim it's not a security function?

Discussion in 'other anti-malware software' started by STV0726, Feb 5, 2012.

Thread Status:
Not open for further replies.
  1. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
  2. DBone

    DBone Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1,041
    Location:
    SoCal USA
    Yep, you can never have too many programs that ask, "are you sure you wanna open this?" <yes>, "are you really sure you wanna open this?" <yes>, "are you really, really, really sure you wanna open this?" <yes>, "OK"
     
  3. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    I don't. If you have a keylogger you already lost.
     
  4. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,752
    Location:
    Toronto Canada
    I'd disagree.
     
  5. Technical

    Technical Registered Member

    Joined:
    Oct 12, 2003
    Posts:
    471
    Location:
    Brazil
    I never understood why for some users sudo (su) is a great security option for Linux and UAC is just an annoyance. Really, I never understood that...
     
  6. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719

    Umm, because it was not supposed to be, as has been well documented ages ago.

    That being said, it is evidentily no longer just a way to nag coders into compliance, but now a security feature. Not exactly sure just how it is considered a security feature when the default account has both root and user tokens, and all it takes is a simple "ok" click to install malware etc.

    I should think that integrity levels would be considered the security feature over UAC, but most seem to think UAC is really where the increased security comes from.

    Really though, in the end, if the user has root, the security is only as strong as thier decision making processes. I think we all know how strong that is typically. No way around that, UAC or not.

    Sul.
     
  7. Melf

    Melf Registered Member

    Joined:
    Sep 7, 2010
    Posts:
    105
    UAC makes it impossible to gain root privileges without the express consent of the user. This is the case because of the whole concept of a "secure desktop", that can not be spoofed by any program.

    It is arguable how good a security function it is because it's not default deny, but, that's not the question is it ;)
     
  8. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    ^ +1

    I still hold my original position (and quite firmly I grip it) that if you truly believe that User Account Control (on "classic Vista mode" aka "Always Notify") provides you ABSOLUTELY NO enhancement to your overall PC security, then you don't know what you're talking about. Though I admit I was wrong and I have since apologized multiple times for using the word "idiot" in the thread title. I even tried to change it.

    It's so hard to explain why the above is true without feeling like I'm re-spitting out this thread all over again, but if you turn off UAC your only truly safe option is to run full-time as a standard user, and then it will be very inconvenient without the ability to elevate on a per program/process basis. If you don't understand the fundamental concept that running consistently as an admin (such as doing your daily computing and Internet tasks) puts your other security layers at risk, then... oi :rolleyes: This has been proven time and time again from independent techies to Microsoft TechNET article after article.

    **Yes there are stolen signatures

    **Yes there are social engineering/ignorant/stupid/insert favorite term here users because UAC relies on the user to make a decision but this can be modified to not be the case!

    **Yes there can be exploits though most (if not all) of them I've seen rely on the Windows 7 UAC default setting which questionably makes UAC useless

    **Yes turning off UAC (whether you do it from the Control Panel or SysConfg) will COMPLETELY disable it, not just the notifications, and therefore it will turn off Protected Mode and File/Registry Virtualization which was generally agreed in this thread's long history to be definitely beneficial. Using Group Policy editor you can turn off the prompts without losing those functions so I don't see why anyone would fully turn it off.

    **No UAC is not perfect but it is necessary for Admins who don't want everything to automatically assume admin rights, and it is a godsend convenience feature for standard users needing to elevate something. Turn it off at your own risk and inconvenience.

    **No, I personally do not want to start this thread all over again because I honestly was lukewarm about the direction it went last time and we certainly don't need to argue the same talking points again and again only to reach the same conclusion. As I've said before though, I deeply, truly appreciated all the constructive comments and wonderful opinions that were shared in this long thread!

    I guess what I would suggest is to make sure you are reading the whole entire thread before you post something new. :)
     
    Last edited: Jul 2, 2012
  9. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,344
    Location:
    Europe, UE citizen
    If you look for opinions, you'll find opinions. ;) . Constructive comments are not only " Yes, good, I agree ".
     
  10. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Disagree with me to the roof...I'm just near-guaranteeing you'll find a near-exact copy of your disagreement somewhere among the 8 pages. :)
     
  11. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Btw...it seems you didn't link to any specific video but rather a search...

    All of those don't seem to specify what settings they are using, but the way they claim "Windows 7 UAC Bypass" implies to me they are using defaults, which I've already denounced as "less than good" for security.

    Oh and...YouTesters really aren't proof.
     
    Last edited: Jul 2, 2012
  12. carat

    carat Guest

    +1 :thumb:
     
  13. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    You confuse the reality. Not many would say it offers ABSOLUTELY NO enhancement. But some say it offers nothing of significant value WHEN the user doesn't understand what it all means.

    IMO it would have been better to just create an admin account completely separate from a user account, and not mix and match the two tokens together. I understand it would not be as "friendly", but as it is, any "idiot" (sorry, couldn't resist ;) ) can click OK whenever the UAC prompt comes up, and so much for the "security". Well, not quite, but it is not as robust if you just click ok on everything.

    Sul.
     
  14. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Users would simply run in their admin account at all times.
     
  15. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    lol, too true that. You think that is why they decided to make the default account a hybrid? I thought it was for the convenience, but it may well have been due to the very thing you state.

    Sul.
     
  16. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Definitely.
     
  17. woomera

    woomera Registered Member

    Joined:
    May 21, 2004
    Posts:
    212
    youre absolutely right, UAC is bulletproof and cannot be bypassed by any virus!
     
  18. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    That's not what I said, Mr. Obvious Troll.

    And @Sully: If that's your viewpoint then I'm fine with it and probably to some degree agree with it. UAC's value is greatly reduced when the user doesn't understand which is why it essentially becomes trivial - not because of the technology - but because it's user dependent.

    So to be clear: me sticking to my original statement/opinion is really solely against people who say UAC offers NO benefit whatsoever, and believe me, those people exist, and it's a free country, and their writing tweak guides that make my blood boil. :p

    Futhermore, I have no problem with people who feel UAC is nothing significant when you add user uneducation.
     
  19. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    You asked the 'why', so you have to consider the context:

    1) people coming from 95/98/XP were used to a certain way of using their computer, and the constant UAC prompts were perceived as bit of an imposition and an insult ("of course I meant to open it!");

    2) Many programs of that era* unnecessarily asked for elevated privileges, which markedly increased the frequency of the UAC prompt.

    The mindset of users was that "if I want to run something, then you should run it when I ask - I shouldn't have to ask twice." The mindset behind UAC is that "users should be aware when software wants to run with elevated rights, and explicitly give permission for that to occur."

    Years later, one generally only sees the prompt for programs that actually require elevated rights, and it's not such a big deal (IMO).

    I found tweak guides very useful back in the 95/98/XP days - but you are correct that no one should read anything blindly (whether on the internet or otherwise.)


    *as someone who still plays old games, it's a big reminder when I see how many of them need to be run as Administrator in order to function correctly.
     
  20. exus69

    exus69 Registered Member

    Joined:
    Mar 15, 2009
    Posts:
    164
    I'll take the honors for that lol

    do you know how I am visiting this page?? by typing "idiots" in the address bar and the saved cache gives the latest page :D ;) :p

    I've come to the following conclusion as far as UAC is concerned (I am using Win 7 32 bit) :

    1)If you wanna turn off UAC run as a standard user like STV mentioned. This will be extremely beneficial in an environment where the following programs are used (am not taking into consideration custom made software):

    Office 2007
    Adobe Acrobat Reader
    FastStone Image Viewer
    7Zip
    Browser of your choice
    VLC Media Player
    Instant messenger of your choice

    Not once will the above programs ask for higher privileges except for updates. Lets keep the updates part aside for a sec. The above set of programs are used in majority of Windows systems. If you are the kind of user who doesn't like to keep trying new software in the market(this, in itself, is a lengthy topic of discussion i.e.how to try unknown software in a clean pc) then this setup (UAC off + Standard user) is PERFECT. The above setup also applies to a small office where productivity is the key.

    Now as far as the updates are concerned you can do it at a fixed time(maybe non working hours in case of office and maybe when no one else is using the computer in your house). In this case u login as admin (with UAC off) but notice the difference here is that you are using the Admin account only for updates and for no other purpose. So you are not visiting any porn site (or to be precise you are not visiting any non-update website) using admin+uac off. Updates finished. Logout of Admin. I would like to call the above setup "protection by inconvenience!!" although I think its not a major inconvenience. You just login to the Admin account once a day or maybe once in 2 days for updates.(NOTE: I've noticed that my NIS 2012 updates in Standard User Account as well)

    2)For people in favour of UAC keep it to max. So Admin + UAC Max. Now people criticizing UAC because of the way it works i.e. leaving the decision to the user, you can give those kind of users just one advice(yes I kno am repeating this) and that is to always click a "NO" while surfing. So that takes care of one of the biggest attack vector(Here am assuming that you've other protection mechanisms in place as well. As a Wilders member, defense-in-depth is our birthright!!). Agreed malwares have become very sophisticated and they dont need Admin privileges to run but here atleast we are stopping them from escalating and doing more damage.

    For them to not do even that little damage running in user space we've EMET, Applocker, well configured Sandboxie etc. etc. (which is obviously out of scope and off topic as far as this thread is concerned). As far as the updates are concerned you follow the same strategy as above but in this case you login as Admin+UAC Max. So now you know all those UAC pop ups are related to the updates.

    By the way, I want to know what is the best way to schedule updates for all softwares on a desktop pc. When I talked about updating it was the manual way but I wanna know the automatic way.

    ------------------------------------------------------------

    There are always going to be views and counter views about any security mechanism. The reader has to decide what fits best:

    1)According to the programs installed on his/her computer
    2)According to the environment he/she is in (work vs. home)
    3)According to the kind of people who are going to use the computer
    and their "adventures" with the particular security mechanism in question.

    If you ask me whether I like UAC or not then the answer is yes I like it.

    Note to experts: I might be wrong here somewhere in my understanding about UAC so I would like to know what you guys think about it. I welcome genuine criticism :)
     
    Last edited: Jul 2, 2012
  21. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,797
    This is how I look at it.

    UAC was built with (at least) 3 objectives in mind:

    a) security for admins (compared to admins in XP days)
    b) convenience and compatibilty, esp. for standard users (compared to limited users in XP days)
    c) better coding by programmers/developers

    The thing is with all those 3 objectives in mind, they had to make a trade-off 1 way or another (e.g. they removed the initial requirement of pressing Ctrl-Alt-Del). With Vista, I would say they 'got it right' with a) but was then criticized by several different groups. That brought about another aspect to look at and hence this was born:

    d) convenience for admins (compared to default AAM in Vista)

    Needless to say, they made the decision to give priority to d) over a) to so-call 'please the crowd' as seen in Win7 default UAC settings. We all know the criticisms they get by the 'security community' with this decision but that move alone might have brought about a ' slightly warmer response' to UAC overall. I might even describe it as choosing "the lesser of two evils". I've seen people who refused to use UAC later on moving to the default UAC settings in Win7.

    With all of these, Microsoft (inc. developers of UAC, marketing departments, people like Mark Russinovich, other employees, etc) couldn't really reach a consensus as to which 'label' best describes UAC's objectives. Call it 'security' and you know what happens. Call it 'convenience' and still, you know what happens. Calling it "better coding by programmers/developers" seems reasonable enough (and even then not all programmers would agree).
    So, the easy way out was as Fabian Wosar mentioned:

    If MS themselves can't decide, what more us the end-users? Each and every single one of us here have different ways we use/administrate our computers and some things may take higher priorities over another. To add to this, we all have our own agendas and interpretations of what UAC is/what UAC isn't. I know STV0726 has asked to remove the word but I wouldn't call anyone who disables UAC (or recommends to do so)- without knowing one's backgrounds, way of computing and reasonings/intentions behinds their actions - an 'idiot'.

    After all, why blame them when MS themselves can't decide and when too much conflicting information (take note I'm not necessarily saying misinformation) floating around? If I were to poke fun...I'd call UAC: User Acccount Confusion. :p

    P.S. Personal opinions of a strong proponent of UAC at Always Notify.
     
  22. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Another reason I'm mad at myself for the original title of this thread is because it's not really correct...

    If you want to turn off UAC you can and still be safe...you just have to run full-time as a standard user.

    So really the group of individuals I'm directing all this at are those that turn UAC off and refuse to accept the now long-proven fact that running as an admin is not a good security move in any way, shape, or form.

    As far as the way I see it...you can criticize UAC all you want. Yes, unfortunately things trying to run will be a user decision prompt. But it is UAC that keeps admin accounts by default in Admin Approval Mode. The best part of that technology is not the prompts, but rather the fact that nothing by default is given the keys to the heaven until you see a prompt...

    This is why I never saw it as "are you sure you want to do this"...I always saw it as "were you expecting this to now need admin rights?"

    If simple users are just educated to always hit "no" to prompts when they're browsing the web or not doing anything that will prevent a lot of fakery. Not all, but a lot of it. Users can be educated.
     
    Last edited: Jul 2, 2012
  23. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    I think that's more 'training' than 'education'. Education is much harder. A lot of people tell me that that's exactly what they do - hit "no" whenever they see any prompts. This is the same reason why they're running out of date browsers and plugins, as they deny any prompt to update.

    Education would be if they knew when to say Yes, and when to say No.
     
  24. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    I don't use a Standard User account so for me running as a limited admin (UAC) is a very good alternative.

    much better than running as a full admin all the time, if you ask me.

    I have it set to max and it bothers me very rarely, unless I do some admin stuff.
     
  25. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Again, you are confusing the reality.

    I turn UAC off and refuse to accept the "long-proven fact" that running as admin is somehow "bad" or "taboo".

    I don't advise this for everyone of course. But, simply because I choose to run as admin as my normal login does not mean anything more than I take full responsibility for my own actions, all the time. If I choose to run something, it runs. If I choose to use a method to restrict something, like a browser, it is restricted. The difference is that I must know what to restrict and have a means to restrict it, instead of letting user credentials and the security policy, or UAC, tell me what I cannot do and then give permission.

    You are lumping all eggs into one basket, and they will not fit. Again, it is the uneducated users who want to be admin but not have the knowledge to correctly do so, these are the group you should be referring to.

    I do not agree that I must be a user, in any way, shape or form. A user account is for activities one performs as a user. An admin account is for activities one performs as an admin. If you perform primarily admin functions, a user account does nothing more than cripple your productivity. Now, how many fit that mold might be another question ;)

    Sul.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.