Why do idiots disable UAC & claim it's not a security function?

Discussion in 'other anti-malware software' started by STV0726, Feb 5, 2012.

Thread Status:
Not open for further replies.
  1. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Why do idiot tweak guide authors disable UAC & claim it's not a security function?

    I'm not going to mention names specifically, but if you do a Google search for "Windows 7 Tweak Guide," you'll likely find what I am talking about.

    Why do idiots disable UAC, suggest others to do the same, (claim they aren't suggesting it and that they are just giving you [incorrect] information,) and claim it's OK because it isn't a security feature. They then link articles from Microsoft folks and they misquote what was originally said and give the impression that Microsoft wants you to disable UAC and/or UAC will not make your computer any safer.

    Let's get the facts straight...

    UAC is and isn't a security feature. It is something that every multi-user operating system should have. It is a secure, controlled method of elevating user privilege tokens. Mac OS X has had something similar called Authenticate (the lock icon) even before Windows Vista came out, so it's nothing new. No conspiracies here; UAC is simply an elevation mechanism.

    In the way UAC is implemented for a standard user, it is a convenience feature. It allows you to run full-time as a non-administrator to take advantage of the security benefits of using least user access, while elevating specific processes/applications to an administrative level only when you need to make such changes to system settings or install new software onto the machine. If you disable UAC and run as a standard user full time, you are just as secure, but you are going to pull your hair out eventually.

    The way UAC is implemented for an administrator (Admin Approval Mode) is most certainly a security function. The local administrator is given an admin token and a standard user token. The standard user token is used for executing things unless it specifically requests admin privileges. The secure elevation process helps ensure that the user is specifically intending to allow a program, be it 1st or 3rd party, to borrow admin privileges, as these can be abused by drive-by malware installations. Some people argue this is a "line in the sand" concept, but so is any HIPS-type of measure. If the user is going to be ignorant and assume hitting "yes" to everything is the right thing to do, that's user error, not an issue with UAC. UAC, if used correctly, is a great security measure and is capable of stopping some threats from executing and installing dead in their tracks, thus allowing antivirus software to easily clean them up without having to fight them. Keep in mind, however, that I am mainly arguing for UAC on the "classic Vista" or "Always Notify" setting.

    So, that's the facts. Now, let's apply the facts to what these "idiots" are recommending...

    They are recommending turning UAC off because "it is not a security function" and they don't want to be prompted before making administrative changes because they irritates them. So given that explanation, we can infer that they are indeed running as an administrator, because if a prompt bothers them that much, there's no way they are going to be running as a standard user and dealing with having to log out to make any administrative changes.

    So, these "expert tweakers of Windows" are promoting the idea of turning UAC off, and running full time as an administrator. Now do you realize how stupid what they are purposing is? Golly gee, if it weren't for the improved code mitigations in Windows 7, they might as well be running Windows XP all over again.

    Recommendation: Stop reading tweak guides blindly. Only you know how you want your computer to run. Just because someone writes a tweak guide and seems to be smart and clever based on how he tells you to partition your hard drive, doesn't mean he knows what's best for you in terms of security. In fact, I find a lot of people know quite a bit about computers in one sense, but know next to nothing about security.

    This tweak guide I read over-complicates some things, while it tells you to over-simplify your OS back to Windows XP on other things. Tweak guides...one of my pet peeves.

    Another one of my pet peeves...troubleshooting for 3rd party software vendors that tell you to "disable UAC" as a step in troubleshooting. No vendor should ever advice that. UAC should be enabled fully and left on right when Windows is installed, as it controls registry virtualization. They need to design their software with UAC in mind, and stop telling people to disable it.

    The phrase I like to employ is: Programs should be designed to run on Windows...Windows shouldn't be tampered with to run poorly written programs.

    Peace out, sorry for the rant, someone needed to say it.
     
    Last edited: Feb 8, 2012
  2. kupo

    kupo Registered Member

    Joined:
    Jan 25, 2011
    Posts:
    1,122
    Because they click yes at everything, so they just disable it to not be annoyed.
     
  3. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Just because you think you'll click "yes" at everything doesn't mean that's how it will play out all the time.

    There's been cases of people browsing a website and they click to visit another page (that has been hijacked) and all of the sudden a drive-by download has started and if their antivirus doesn't recognize it yet, UAC could step in and stop it from installing.

    I would hope someone wouldn't click yes to something if they weren't even trying to install something or do anything. You see that's a big chunk of the point behind UAC - ensuring YOU started something versus NOT YOU.

    And, like I said before, if they are disabling it to not be annoyed, that definitely implies they are running as an administrator, and therefore not only are they abandoning UAC but they are abandoning the concept of least user access, which is inarguably one of the best first layers of defense for Windows or any operating system for that matter.

    I've seen people that disable UAC (among other Windows security functions), then install tons of realtime protection products. Oh the irony...all of those products are running at the same level as any malware that tries to install. Let's make it easier for the criminals, and bog our PC down at the same time.
     
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Trick for click junkies

    Just enable UAC to "only elevate signed programs", disable "Installer detection" and set UAC to "silently elevate"

    Together with a decent (free) AV this keeps the badguys off
     
  5. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    I was searching for a video on YouTube of a security expert who talked about this.

    I know this goes without saying, but you are still making a considerable security sacrifice by doing that. However, that being said, if you absolutely cannot tolerate UAC on the presets Windows 7 offers, then that is MUCH better than disabling it altogether and losing registry virtualization and the other silent benefits.

    But going back to my original point and complaint...

    These "expert tweakers" aren't even mentioning any middle ground options. They are instead feeding people false information that UAC has nothing to do with security. They are also linking and technically misquoting and misinterpreting things Microsoft employees have said. Even worse, there are people so ignorant that they still believe UAC prompts exist only as a friendly reminder to let you know you are about to make a setting change. >_<

    Read this, I actually don't believe I've read this article before (which is odd as I have read so much about UAC over the past year), but I just found it: http://www.zdnet.com/blog/bott/fixing-windows-vista-part-2-taming-uac/436
     
  6. kupo

    kupo Registered Member

    Joined:
    Jan 25, 2011
    Posts:
    1,122
    Many people hate to run as standard user. They just tend to run administrator account because of how XP was, I do wish that they learn how to harden their setup. To add insult to injury, some even disable Windows Firewall because their game can't connect to the server.
     
  7. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Hehe, you are so right on. I laughed at "add insult to injury."

    Yup, let's not bother doing a simple Google search (or heck, start menu search) on how to open a port or allow a program, let's just turn the darn thing off, right?

    Anyway, I guess I was more questioning why people claiming to "know a lot" about computers are trying to suggest and promote the idea that least user access isn't security. Because like...it's so totally about security. Are they joking?

    I know there will always be people that turn it off just because they couldn't care less, and that's fine, they can enjoy their drive-by malware. It's not a matter of IF, it's WHEN.
     
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    From strong to weak IMO


    Limited user :thumb: :thumb:

    Admin, UAC on max, used with care :thumb:

    UAC (on Max) set to auto-elevate denying unsigned programs to elevate is hard devision between Admin and LUA for a subset, hoping the AV will catch malware which is signed

    UAC on, blindly clicking away all pup-ups makes UAC useless in practises or UAC off :thumbd:
     
  9. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Back when Vista was originally released, didn't Microsoft emphasize that UAC was not a security tool but a convenience tool? I believe MS has changed their stance over the past few years and now claims UAC is needed for security reasons.
     
  10. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,734
    hitchhikers guide to "hack the planet" :D
     
  11. Wroll

    Wroll Registered Member

    Joined:
    Nov 29, 2011
    Posts:
    549
    Location:
    Italy
    Although I have UAC enabled, I don't remember saving me from anything dangerous. The antivirus is gone from my computer, I think the UAC will be next.
     
  12. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,741
    Location:
    New York City
    Ditto.
     
  13. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    I have it disabled. It gets annoying, and when I got infected in 2008, there wasn't a peep from it. Plus I have AppGuard.
     
  14. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Because when does it really save you? I leave it on because it's tied to the Windows token system and I don't want to mess anything up now that I've installed my programs already.

    The fact is that if I get an exploit in one of my programs and it asks for admin access I will probably know not to give it. 99% of the users out there will see "Oh, Firefox wants something, ok" and click yes.

    It's a security mechanism that relies on
    1) The user making a decision
    2) The user being informed on the consequences of those decisions

    Neither of those are very strong security imo.

    UAC is best used as a developer tool ie: taking advantage of low rights or at the very least not hogging admin rights whenever possible.
     
  15. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    You guys still are not getting the point, I'm afraid...

    1. Some of you are claiming you turn UAC off only to replace it with another whitelist/HIPS technology that relies on the same concept - user knowledge.

    2. Some of you are claiming it "does not seem to save you." Well guess what, I have had antivirus software installed and for the last 2.5 years and it has not needed to save me. Same goes for my firewall, least user access, and sandboxing. With my careful browsing habits, I have been lucky enough to not stumble upon any exploits. Does that mean I should disable my firewall, least user access, etc.? NO! Come on guys, we all are Wilders users, it should be common sense that...well...common sense online can only go so far. There are legitimate websites getting hijacked left and right. It is for this reason that "it does not seem to save me...yet" is not a valid reason to abandon security at all.

    3. I am sick and tired of people using the "user error/click happy" excuse as a reason to turn UAC off. User Account Control is directly related to the exact, identical principles that state importance of least user access. If you are arguing or even considering that least user access is not a significant security measure, then I am sorry to inform you that you are not thinking correctly. If you need to look that up, go do that, and you will find countless Microsoft TechNet documentations and white papers, even from antivirus vendors, arguing for least user access.

    Beyond that, by misunderstanding the purpose of UAC, you guys are essentially arguing that least user access is not needed. By suggesting that non-tech savvy users will just "click yes anyway", you are also insinuating that they might as well turn off UAC and run as an administrator full time. You could not make a more irresponsible recommendation - that is the worst thing to do for computer security. You are essentially downgrading and putting at risk all other layers you install to the system by doing that. Not a smart idea at all. :thumbd:

    So in closing, if you do not find User Account Control to be convenient (which I find it highly convenient as I can run non-admin full time), and you wish to disable it, then your only other option to be just as secure by the means of least user access, is to run as a standard user full time and only switch to an administrative user when you need to make system changes or installations.

    But it is clear that is not what you guys are implying. You are implying you don't want to deal with the least user access, and would rather install other technologies to rely on. I am a huge proponent of whitelist based measures like application sandboxing software, but I am a bigger advocate of utilizing the built-in measures of Windows first. You guys should know by now that when you run as an administrator full time without the Admin Approval Mode system of UAC, you run a considerable risk of malware running at the same level as your security software, and having an easier time disabling or corrupting it. This goes without saying.

    All of this should go without saying. Least user access is one of the most rudimentary, yet also most effective first steps you can take for the security of any operating system. Yes, it is a first step still, and is not sufficient by itself, but it makes a huge impact on your security. There is no argument about that; it is pure fact and has been proven. All User Account Control does is aim to make that more convenient. If you disable UAC, you either just made your life as a standard user more irritating, or you made your admin account completely insecure. Your choice, your computer, but I would be highly opposed to recommending that to anyone. :thumbd:

    IMPORTANT: I realize I need to add immediately the disclaimer that by "idiots" in the title I am NOT referring to you guys here on the forums. I am referring to the people who write such tweak guides and come off as "experts" when they are telling users to do things that have a considerable negative impact on their security. I am sorry deeply if it came off as me calling you guys idiots, as that was not my intent.
     
    Last edited: Feb 5, 2012
  16. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    I personally turn UAC off on my machines .Most of my friends and family who have their own pcs have UAC enabled but dont know what it does or what its for other than being something that dims thier screen occasionally when they click certain things.They then go ahead and click anyway.The majority of my friends and family dont know what UAC is for and dont care.Personally I think UAC is badly implemented in its default state.For the majority protection is better performed invisibly without any user intervention ..imo
     
  17. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    So then you are either going to be running as a standard user for your daily computing tasks, or running as an administrator insecurely and putting your other layers of security (like av) at risk.
     
  18. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Simply putting it, if people do not understand XYZ functionality - whatever it may be - and, if it's something that gets in the way, then they will seek for a way to disable it. Then, they'll spread the word. Those who hear it, will also disable it, and simply because they also don't understand it.

    Note: I'm excluding those who know what they're doing, when they disable it.

    For instance, let's take the example of Java updating mechanism. Java will add an autorun entry, so that from time to time it checks for updates. When this happens, it will ask administrative permissions to the user. My question is: Will MOST know that alert is for Java or simply something called Java? Oh, it must be Java wanting to update. Let me click Yes.

    Guess what? It was a piece of malware, using a stolen digital signature. It wouldn't be the first time. With this people UAC is a false sense of security and nothing else.

    They first need to know what's a digital signature and what each UAC alert means. Then, they also should be aware of the fact that malware has used stolen digital signatures before. So, what's the point of UAC for them, if they will probably and most likely just click OK/Yes?

    These people are better off with other preventive measures. I'm not saying to entirely disable UAC. Not at all, otherwise those using IE9 will loose Protected Mode, but it's possible to teak UAC enough while still retaining Protected Mode.

    There are other preventive measures, that won't demand as much from the user.

    For instance, if one sets up somebody's system running Java to automatically elevate Java updater, and alerts the user for that, then the user will know if a warning appears about something called Java, then it's no good. And so on...

    Install them a decent antivirus, install them some browser extension that will alert for malicious domains; educate them to check files with Virus Total as well. I have created a dedicated browser profile just for that task for a relative of mine; it makes it more "easy". My relative just needs to click the browser icon in the tray bar; nothing else.

    You'll just have to understand some people simply do not want to waste their time with these kind of stuff. The same way I have no interest in wanting to know how to make pants. :D

    -edit-

    I'm excluding other security measures, such as isolation applications, etc.
     
  19. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    I always run as an administrator( i personally dont think theres that much of a risk to my pcs) as do 99% of my family and friends who purchase a new pc/laptop and follow the new pc setup instructions.In fact I dont know anyone who has purchased a new computer and not setup as an administrator.Most dont know what that is anyway and just follow the setup prompts.If they did i guess all the security companies that we like to use would be redundant :eek:
     
  20. badkins79

    badkins79 Registered Member

    Joined:
    Dec 23, 2011
    Posts:
    60
    Location:
    Maryland
    UAC is only helpful for "superusers". They are the only users who understand the concept of admin rights or why a webpage shouldn't need admin rights.

    For the other 90% of users, they will click ok without reading it. A disabled UAC is exactly the same as one that gets a yes click everytime.

    Even still, I keep it active and don't recommend people turn it off. It would be better if more information was given so an average user could figure out the correct answer. If they would read it that is.
     
  21. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA
    I do not recall UAC [either on Windows Vista or Windows 7] saving none of my clients [“clients” : people I've helped clean up PCs from infections] from getting infected by...let's say Fake Scanner Pages...They just see the fake page loading while relying on Java Script, telling them that they have “855 infections” and they soon click on it and download the trojan downloader who installs the fake AV and POOF !

    Even UAC many times doesn't alert them about clicking on the fake AV because it doesn't require elevated privileges to install.


    But...stupid as stupid does...there is no cure for stupidity...


    People can have AV, FW, AS, anti-exe, anti--everything and even...get infected...:rolleyes:


    Carlos
     
  22. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,522
    Location:
    USA - Back in a real State in time for a real Pres
    UAC is pretty much useless.

    Anybody who is click happy should have their own computer & suffer the consequences. Or run Linux and really be protected. Not the psuedo-protection of UAC.
     
  23. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    No, UAC is not useless. To be useless, everyone would have to say it's useless. It's useful to me. It allows me to elevate whenever I need from within a standard user account; therefore it's useful.

    Without UAC, IE9 would be running with full administrator rights, if the user is running as an administrator. In a standard user account would run with the same set of privileges a standard user would have. UAC forces IE to run in a very restricted environment.

    The issue is the user him/herself. Let's not try to focus on Linux, and Windows is the issue, when it's not. ;) But, allow me just to say that Anybody who is click happy should have their own computer & suffer the consequences could also be applied to Linux or any other O.S other than Windows.

    If these problematic Windows users were using Linux, you'd be saying they should use a real secure O.S, such as Windows. :p
     
  24. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    1) I've argued the same exact thing for noisy HIPS - they rely heavily on the user and it's the same reason as UAC that I don't use them.

    2) I agree. Saying "Well it's never saved me" just means you haven't gotten unlucky enough to get into the situation where it would. That doesn't mean it's worthwhile.

    3) UAC is based on least privilege but it's best used as a developer tool - not for users. If a user can know to deny and allow which programs every single time than sure it's a fine tool for users. The average user will never know nor can we expect them to care to know.

    LUA is nice. Access restriction is at the basis of all security. UAC's "backend" MIAC system definitely plays to that thankfully. But the "frontend" that interacts with the user is fairly useless for anyone who doesn't understand it ie: the vast majority of users.

    Again, UAC is a dev tool, it's protected mode. Applications should never give UAC prompts ideally and if you ever get a UAC prompt you should always be able to hit "yes."

    I think that disabling it is a bad idea because it can screw with the ACL/MIAC system but I don't really like the concept.
     
  25. TigerRaptorFX

    TigerRaptorFX Registered Member

    Joined:
    Sep 9, 2011
    Posts:
    58
    UAC is one of those features I did use for a couple of weeks before disabling it. I don't think it is useless but it definitely is annoying.
     
Loading...
Thread Status:
Not open for further replies.