Trend recommends disabling Vista UAC

Discussion in 'other anti-virus software' started by david_h, Jun 24, 2008.

Thread Status:
Not open for further replies.
  1. david_h

    david_h Registered Member

    Joined:
    May 14, 2007
    Posts:
    32
    I've just installed Trend Micro Internet Security Pro which has a feature to encrypt keystrokes. A great idea. Unfortunately every time the keystroke encryption program starts it requires the approval of Vista's User Account Control. This of course happens every time the computer starts up. This can get annoying. When I asked Trend's help desk if there was a way around this annoyance their advice was to permanently disable UAC. Their words were "Rest assured that even though this feature of Vista is disabled, the level of protection on your computer is not compromised."

    Not the advice I expected from a security company.

    Seems Microsoft wasted a lot of time and money developing UAC.
     
  2. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    Hello David,,
    i thought most companies managed to avoid the uac prompts by now. vista has been out long enough to work out how vista works and to get avoid any unnecessarily prompts from UAC. surely the application from trend should have a service with admin rights which would avoid the uac prompt.

    what version of trend micro is it?

    its strange thou on linux you get prompts similaar to uac when you need root its just its not very often you need access to the root account.
     
  3. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    The average user always clicks 'ok' in UAC anyway... :doubt:
     
  4. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    that is true. now in vista you need two clicks to excute malware instead of one XD.
     
  5. david_h

    david_h Registered Member

    Joined:
    May 14, 2007
    Posts:
    32
    The version of TMIS Pros is 2008. And you are correct, Trend should have worked out a way of getting this through UAC without the need for user intervention. While UAC can be annoying I do think it serves a very useful purpose (for the user that thinks before clicking).
     
  6. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    UAC is useless for an ordinary user just like classical HIPS are.
     
  7. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    In my opinion Microsoft would have done better to invest in 'hardening' their OS instead of offering placebo security with UAC. Regular users think Vista is very secure, and always click 'ok'.

    With 'hardening' I mean technology like AppArmor on Linux for example.
     
  8. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I use TMIS 2008 and I don't get the uac prompts concerning Trend. Is it possible there is a setting you haven't set yet. I am running Vista Home Premium 32 bit. It is possible it would work differently in the 64 bit version.

    And the UAC function in Vista Works great in my opinion. It was a good addition towards security.
     
    Last edited: Jun 24, 2008
  9. Zeena

    Zeena Registered Member

    Joined:
    Apr 25, 2008
    Posts:
    409
    Location:
    UK
    Hi David h :)

    I don't know if you already know this...

    But if you Turn OFF UAC ... You will also be Turning OFF Protected Mode in IE7 :(
     
  10. Zeena

    Zeena Registered Member

    Joined:
    Apr 25, 2008
    Posts:
    409
    Location:
    UK
    Hi David :)


    Yep! ... Me Again! :D

    There is a compromise that I think might work for you ;)

    You get to keep Protected Mode
    You get to keep UAC
    But you lose the UAC pop ups!

    Only trouble is... It involves the registry :(

    And I really don't like giving out instructions to do with the registry :doubt:

    WARNING!
    1/ I have never followed these instructions myself.
    2/ Please only follow these instructions if you feel confident making changes to the registry.
    3/ Please make a System Restore point and Back Up the Registry before following the instructions.


    With UAC turned - ON

    Launch REGEDIT and go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
    Double-click ConsentPromptBehaviorAdmin on the right, set its value to 0 ( Use 2 later to to restore the default ), and click OK

    Now UAC continues to run, which means features such as Internet Explorer Protected Mode stay active, but UAC doesn't display any prompts.
    WARNING!
    You are Not as safe as you would be with UAC promps active.
    But this is a far better option than turning UAC OFF all together.
     
    Last edited: Jun 24, 2008
  11. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Yes, so is said about the classical HIPS but for ordinary user- no benefit except for IE,s protected mode. They should had extended this protected mode thing for all web based applications etc.
     
  12. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    UAC is not placebo security. It does work. I'm a power user (very powerful one) and UAC saved me more than once. Sometimes you execute something by mistake but instead i get confirmation window and click cancel. No harm done.
    WHat stops malware from displaying message "Now please disable antivirus for this very cool program to work properly". I can assure you more than 75% of ppl would actually do that. Nothing can save you from own stupidity.
    It may sound harsh but ppl generally are stupid. They take usage of PC and internet for granted but in fact anyone would have to go through an "Internet driving school of safety" just like we have to for cars.
    If presented to users in proper and also fun way it would greatly improve internet as whole. But now every one work as they wish. Imagine how traffic on streets would look like if we'd be doing like that there...
     
  13. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    @RejZoR
    I agree with you that UAC has potential for power users. But the fact that lets say 90% of the Vista users will click 'ok' anyway makes it placebo. Are people stupid, I'm not so sure. Computers and especially security is quite complex for people who barley know how to properly use basic program features.

    Microsoft has tricked it's customers with Vista advertising it as a secure OS. By properly using UAC it is indeed secure (at least more secure then previous Windows versions) but their regular customers won't benefit from this.

    It's a very cheap solution, just integrating a HIPS and call it secure. Like I said before, they should invest their time in 'hardening' their OS.
     
  14. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Ordinary users are not power user. UAC saved u more than once, may be u r playing with malware. What u mean by executing something by mistake? Malware?
     
  15. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Well, only thing thats safe enough these days for regular Joe's is computer thats turned off... thats a fact.
     
  16. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    @RejZoR
    How about Mac's or Linux pc's? I'm not trying to slap a dead cow, but it's too simple to say it's the users fault. Software vendors should take their responsibility and make their software 'really' secure.

    It would be the same if a car manufacturer would install some superior brakes and advertise it as the car with the shortest brake distance, but only you need the skills of a near professional driver to make benefit from them, while this is not mentioned... :doubt:
     
  17. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    Why not just use tweakuac instead of messing with the reigistry.It does it for you and can be switched on or of at will.I always use the silent mode.
    tweakuac
    http://www.tweak-uac.com/
    ellison
     
  18. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Well sure, give Linux to users and all your problems are gone because they won't be able to do anything. But when they'll make it for the masses, same story will repeat on Linux. Huge market share and dumb ppl behind it make wonders, trust me... Thats how it is. You'd be surprised how much just a few tips in a proper way can improve users security. And i had plenty of Joe's to teach so far...
     
  19. PoetWarrior

    PoetWarrior Registered Member

    Joined:
    Apr 16, 2007
    Posts:
    335

    Here's one for you. I was selecting some folder in Vista HP when all of a sudden my cat jumped in my lap and I accidentally grabbed a system file instead and was about to move it to some unknown place. That's when the UAC popped up and I was really thankful for it. I hit cancel. No harm done. Stuff like that happens every once and a while.

    Had a couple of web sites cause the UAC to pop up too. So I do like the UAC. :D
     
  20. The_Duality

    The_Duality Registered Member

    Joined:
    Apr 3, 2007
    Posts:
    276
    Location:
    Liverpool, UK
    I have been wondering about this program for a while now. I understand how it works by suppressing the annoying prompts when you are an administrator - but it says it allows you to keep all the benefits of UAC such as IE running in "protected mode". If UAC is in quiet mode, what is the need for protected mode? Considering that the prompt would be supressed anyway.

    I don't understand - could someone explain for me? Cheers :)

    Additional note: Personally I like UAC - although I do not like the way the tweak-uac website describes people who use it as people who require protection from themselves...
     
  21. danny9

    danny9 Departed Friend

    Joined:
    Feb 18, 2004
    Posts:
    678
    Location:
    Clinton Twp. Mi
    Alright.
    I have my hard hat on and am ready for any debris that may come my way.

    I have Vista basic on my laptop.
    I do not like UAC.
    I find it irritating, annoying and aggravating.
    Needless to say it's disabled as well as Windows Defender.
    I use the software I like and not what MS says or thinks I should use.

    Have to go now---incoming! :D
     
  22. CountryGuy

    CountryGuy Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    139
    Even Linux and Apple machines cannot stop a basic user, running as root (which, when it goes to the masses, is gonna happen) from installing malware. The only saving grace is there isn't enough of a user base for malware writers to make such software yet.

    UAC reminds me a little of the sudo command, changing your rights temporarily. I think its a good thing.
     
  23. nasdaqms

    nasdaqms Registered Member

    Joined:
    Jun 17, 2008
    Posts:
    38
    please disable it!

    i also heard that the experts in china said the uac has something weak in security.actually,it can be exploit in hardware by hacker
     
  24. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    Yes UAC is like sudo in linux. I have not used the Mac recently though I understand there is a similar feature. How can MS be criticized for it when it is in every major OS. In anycase UAC's role was to 1) get vendors to code in such a wat that won't require admin access 2) make users think twice about executing a file that required admin access. Trend should have found a way to implement the feature so that it wont trigger uac.
     
  25. david_h

    david_h Registered Member

    Joined:
    May 14, 2007
    Posts:
    32
    Hi - are you using TMIS 2008 PRO? It's only the PRO version that has the keystroke encryption program. Also this program is not enabled by default (probably because of the UAC hassle). Previously I was using TMIS 2008 (not PRO version) and there were no UAC problems.
     
    Last edited: Jun 24, 2008
Loading...
Similar Threads
  1. JerryM
    Replies:
    12
    Views:
    3,064
Thread Status:
Not open for further replies.