Show of Hands--How many of you have disabled UAC Control in Vista?

[mechBgon]

b) Because of (a), I'm making sure to use two other types of protection which when combined are likely more effective but still less intrusive.

I agree with bsobel. Given the choice between:

• Admin-class user account
• UAC disabled, no IE7 Protected Mode as a result
• Full-fledged security suite
• Top-rated antispyware

or

• Standard-class user account
• UAC enabled, using IE7 Protected Mode
• Windows Firewall
• No antivirus, no antispyware

I would choose the latter any day, if I had to pick one or the other. Using a non-Admin account with UAC takes some getting accustomed to, at least if you're a newbie to using least-privilege in Windows, but the resulting level of protection is not something to cast aside lightly IMHO.

As I mentioned before, if you can't tolerate UAC, at least switch to a Standard account instead of Administrator. That's still much better than just running nekkid with nothing but your security software.

 

[engineereeyore]

Originally posted by: bsobel

For a few reasons. First, I only keep one revision and that image is very well compressed using Acronis True Image. Second, it works like System Restore in that I can create the image even will the drive is booted and running. Third, and most importantly of all, if the hard drive dies, what good does system restore do? I keep my images on a separate drive thereby drastically reducing that risk. So serious question to you. Why should I use System Restore?

Great points on recovery (from a drive failure), system restore isn't backup, I agree. One reason to leave it on is the ability to restore individual files and folders as I mentioned quickly as needed. I've found that more than enough reason to leave SR enabled...

I do agree that file and folder restore is pretty quick with system restore. I've never personally had a problem with that so I can't speak from experience. However, I know I can easily recover data from a previous backup with Acronis by mounting the image rather than having to restore.

Again, I think it's really a personal preference. For instance, I love Windows firewall. I find it works pretty dang well when properly set up, but most people I know think it's worthless. I know a lot of it comes down to personal hatred of Bill Gates having a lot of money, but I think I've left that phase far behind me. And like I said, I think Windows for the most part is an excellent operating system. But it is my personal opinion that much of what is included is there to help the average user who doesn't have a great deal of computer knowledge. For those people who do, many of the service provide can be turned off in exchange for being smart and careful (and for the most part staying off porn sites).

Again, this is just my opinion. UAC is a great tool for what it does, I won't deny that. But for me, I just don't find it necessary.

 

[mechBgon]

For those people who do, many of the service provide can be turned off in exchange for being smart and careful (and for the most part staying off porn sites).

The bad guys go for the low-hanging fruit (no pun intended) at the pr0n sites, sure, but they don't all stop there. You'll want to stay off of Tom's Hardware Guide, Microsoft's domain, Yahoo's domain, Microstar's domain (yeah, the mobo maker), Asus's domain, Google search results... even my own former employer's website.

mech stumbles into hacked Microstar site, illustrating one of the examples I listed above. This was going on, off & on for days.

Car, seatbelt. Windows Vista, UAC. Oh noes, I have to buckle the seatbelt AGAIN?! :roll:


...well?

 

[MikeyLSU]

I also turned it off, just got bothersome and too much for me.

I actually went a couple of months with it on all the time, then just decided it was not needed. I run my computer just fine, never had any virus(etc..) problems with any system I have had.

I keep system restore on, and back up my important files every month or so. Basically if something did happen, I could format very quickly without a problem. The whole 5 steps to delete a shortcut was the big downfall to me.

 

[engineereeyore]

Originally posted by: mechBgon
The bad guys go for the low-hanging fruit (no pun intended) at the pr0n sites, sure, but they don't all stop there. You'll want to stay off of Tom's Hardware Guide, Microsoft's domain, Yahoo's domain, Microstar's domain (yeah, the mobo maker), Asus's domain, Google search results... even my own former employer's website.

Oh yeah, there are several other site where bad things can happen. File-sharing site are probably the second worse. The only virus I've ever gotten was from one of those sites. Lost my key for Star Wars Empire at War and needed to find a keygen. Oh well.

As for most of those, I don't use IE. That fixes most of the problems, but obviously not all of them. What I do find effective is clearing my browser cache, cookies, etc every time I close it. The other thing that is very effective is a tool called Ethereal. I check the network traffic quite often on my home network. I want to know what's going out, why, and to whom. And if there's something on my computer, I find it pretty dang quick.

So you'll have to forgive me if I don't blindly just say, "Windows, I'm going to let you handle it at and just pretend nothing will go wrong." UAC does absolutely nothing for me that I can't do myself. And exactly how long will it be anyway before people find holes around UAC? What are you going to do then? There aren't any holes in my approach. You can't hide network traffic.

mech stumbles into hacked Microstar site, illustrating one of the examples I listed above. This was going on, off & on for days.

Car, seatbelt. Windows Vista, UAC. Oh noes, I have to buckle the seatbelt AGAIN?! :roll:

Roll your eyes all you want. You have your seatbelt. I'll keep my 5-point harness.

...well?

Well what? Was I supposed to be intimidated or educated or something?

 

[mechBgon]

Originally posted by: engineereeyore

Originally posted by: mechBgon
The bad guys go for the low-hanging fruit (no pun intended) at the pr0n sites, sure, but they don't all stop there. You'll want to stay off of Tom's Hardware Guide, Microsoft's domain, Yahoo's domain, Microstar's domain (yeah, the mobo maker), Asus's domain, Google search results... even my own former employer's website.

Oh yeah, there are several other site where bad things can happen. File-sharing site are probably the second worse. The only virus I've ever gotten was from one of those sites. Lost my key for Star Wars Empire at War and needed to find a keygen. Oh well.

As for most of those, I don't use IE. That fixes most of the problems, but obviously not all of them.

I think it's safe to say IE is the best choice overall for browser security on Vista. read this for a concrete example and read this for another reason. The conventional wisdom needs revision

What I do find effective is clearing my browser cache, cookies, etc every time I close it. The other thing that is very effective is a tool called Ethereal. I check the network traffic quite often on my home network. I want to know what's going out, why, and to whom. And if there's something on my computer, I find it pretty dang quick.

There shouldn't be anything to find. But if there is, and it sent something important out the door, you're not getting it back no matter how cleverly you observed it sending your stuff away.

So you'll have to forgive me if I don't blindly just say, "Windows, I'm going to let you handle it at and just pretend nothing will go wrong." UAC does absolutely nothing for me that I can't do myself. And exactly how long will it be anyway before people find holes around UAC? What are you going to do then? There aren't any holes in my approach. You can't hide network traffic.

You can't recall network traffic once it's gone, however. And I'm baffled that you think you can do for yourself what UAC does for you. I think it's a much deeper topic than you've realized.

Well what? Was I supposed to be intimidated or educated or something?

I'm wondering if you buckle your seatbelt, or if you think it does absolutely nothing that you can't do for yourself, being smart and careful and all

 

[engineereeyore]

Originally posted by: mechBgon
I think it's safe to say IE is the best choice overall for browser security on Vista. read this for a concrete example and read this for another reason. The conventional wisdom needs revision

I think it's safe to say your wrong. Quotes from the first link.

Editor's Note: This story was updated to correct the impression, given by the previous headline and first sentence, that Firefox is more vulnerable to ANI exploits than IE. The author regrets the misimpression.

Not that Firefox is less secure than IE

Perhaps it's your 'conventional wisdom' that needs revision.

There shouldn't be anything to find. But if there is, and it sent something important out the door, you're not getting it back no matter how cleverly you observed it sending your stuff away.

Yes, and exactly what do you think it will send? Credit card number? Not on my computer. Bank account information? Not on my computer. Username and password for the system? So what? Having a dedicated server on my network that monitors network traffic allows me know when that happens and where it's going. Therefore I can easily change them and even if somehow something got by and my computer was hacked (which has never to date happened), I do a 10-minute restore, change my password, block the source ip from my network, and I'm off and running again.

You can't recall network traffic once it's gone, however. And I'm baffled that you think you can do for yourself what UAC does for you. I think it's a much deeper topic than you've realized.

The hell you can't. Ever heard of a file? Ethereal saves it's information to these things called files that allow me to go back at later times and see exactly what transmissions happened and when.

Do you work for Microsoft or something? Is it a personal beef with you that people don't use every little thing that comes with Microsoft? You'll have to pardon me if I've gotten along just fine without every little added 'security' measure Microsoft has provided. If you feel the need for UAC and think it's the ONLY thing that can protect you, fine. That's your opinion. But your arguments aren't good enough to convince me. My methods have been in place long before UAC was ever invented. I got along fine before and have absolutely no reason to believe I won't now.

I'm wondering if you buckle your seatbelt, or if you think it does absolutely nothing that you can't do for yourself, being smart and careful and all

Seatbelts come in many styles and mine is firmly buckled, so don't you worry.

 

[Looney]

Mine's on, and i RARELY see the prompt. Certainly beats having a limited user account and needing to keep logging in and out of admin account to do stuff.

 

[mechBgon]

Perhaps it's your 'conventional wisdom' that needs revision.

And perhaps not. The web attack vector was mitigated by IE7 Protected Mode on Vista, as you would know if you read every Windows security bulletin end-to-end Protected Mode is disabled when you disable UAC, as you may already know, reverting IE to WinXP-style operation. And whether you use IE yourself or not, malware could invoke it.

For another testimonial: http://msmvps.com/blogs/hostsn...pbadware-database.aspx winhelp2002 talks about hitting 10,000+ known-malicious websites with IE7.

:light:?

Yes, and exactly what do you think it will send? Credit card number? Not on my computer. Bank account information? Not on my computer. Username and password for the system? So what? Having a dedicated server on my network that monitors network traffic allows me know when that happens and where it's going. Therefore I can easily change them and even if somehow something got by and my computer was hacked (which has never to date happened), I do a 10-minute restore, change my password, block the source ip from my network, and I'm off and running again.

That is certainly smart practice insofar as it goes. If you have absolutely nothing on your computer that you don't mind risking having splattered across the Internet, deleted from your HDD, or both, then that's a little unusual, but hey.

The hell you can't. Ever heard of a file? Ethereal saves it's information to these things called files that allow me to go back at later times and see exactly what transmissions happened and when.

Right, right, but you can't get the traffic back from where it went to, unless Ethereal now includes Time Machine capabilities

Do you work for Microsoft or something?

Nope. I have an interest in security matters and do actively hunt malware daily. Vista x64 with 64-bit IE7 PM, UAC, WIC, Microsoft Network Monitor 3.0 and forced full DEP (and a non-Admin user account with a disallowed SRP, of course) is my tool of choice for that role. I also use Kaspersky Antivirus 6, mainly as a tripwire indicating I'm finding the "good stuff"... it gets switched off when it's time to grab samples.

But I'd never disable UAC. I may disable it once I've built a dedicated "honeypot" Vista system that I actually intend to infect, though. For now, I use a Win2000 rig with FireFox 2.0.0.4 and IE6 as my "infect-me" box, and re-image it when it's time for the next sample.

If there's someone who should boast of his credentials, however, it would be bsobel, stash and Smilin, not myself. They all recommend and use UAC. hmmm.

Is it a personal beef with you that people don't use every little thing that comes with Microsoft?

No, but if you and other people are going to throw away an extremely-powerful security tool just because it puts up prompts on your screen, I'd at least like to make sure you know it's not as superficial as prompts on your screen. And the type of proactive protection it provides, fills a gap where your firewall, signature-based and heuristics-based defenses can fall short.

Out of curiosity, since you have evidently given some thought to security, do you use a non-Administrator account for daily-driver stuff, or have you given it a try? If so, how did it work for you?

Oh, and

I got along fine before and have absolutely no reason to believe I won't now.

Zero-day exploit FTW, then. :beer:

And exactly how long will it be anyway before people find holes around UAC? What are you going to do then?

I expect the same thing that happens normally with Windows vulns: the holes get patched, and the bad guys go back to the drawing board.

 

[engineereeyore]

Originally posted by: mechBgon
And perhaps not. The web attack vector was mitigated by IE7 Protected Mode on Vista, as you would know if you read every Windows security bulletin end-to-end Protected Mode is disabled when you disable UAC, as you may already know, reverting IE to WinXP-style operation. And whether you use IE yourself or not, malware could invoke it.

For another testimonial: http://msmvps.com/blogs/hostsn...pbadware-database.aspx winhelp2002 talks about hitting 10,000+ known-malicious websites with IE7.

:light:?

No :light:, just a yawn. Yet another site proving nothing about the "superiority" of IE7 over Firefox and how it is so much more secure. Last references turned around and bit you in the butt and this is the best you can do?

All that site shows is that if you go to ridiculous websites and you have Vista with all it's features installed, plus NOD32 Antivirus, nothing got through. Well, yeehaw. I've never stated that these tools won't help you. But like I said, who in the world with a strong knowledge of computers and the internet would go to bearsxxx.porn-host.org?

And, if you had read the article, you would see that many of these were not caught by Vista, but by the anti-virus. For someone who just got hosed on his last set of links, you really should have done a better job with this one.

Now I have to give a lot of credit to my antivirus NOD32 from eset.com, which detected a lot of Malware before the site even finished loading. Which by the way was just awarded the highest rating from av-comparatives.org. You can view the full report here (.pdf)

That is certainly smart practice insofar as it goes. If you have absolutely nothing on your computer that you don't mind risking having splattered across the Internet, deleted from your HDD, or both, then that's a little unusual, but hey.

I have nothing on my computer that I'm worried about being shared. As for having files deleted, see my previous post on backing up my data.

I don't claim to have the usual approach to keeping my stuff safe. I've stated time and time again that what I do works for me. If you'd rather use UAC, go ahead. It's a great program. I just don't feel the personal need for it consider everything I already do. Why is this not alright with you? I'm not proclaiming that people need to shut it off. This is my personal opinion and experience and nothing else.

Right, right, but you can't get the traffic back from where it went to, unless Ethereal now includes Time Machine capabilities

I don't need to get it back. I'm not worried about it. To be honest, you should probably actually thank me for doing this. Why? Because I work in a position to be able to take this information and give it to the right people to have such sites shutdown. If someone screws with my computer and I have their information in my log, I can send it up the chain and have it taken care of. I'm sorry I can't go into more detail than that, but I think in reality I'm doing everyone a favor.

Nope. I have an interest in security matters and do actively hunt malware daily. Vista x64 with 64-bit IE7 PM, UAC, WIC, Microsoft Network Monitor 3.0 and forced full DEP (and a non-Admin user account with a disallowed SRP, of course) is my tool of choice for that role. I also use Kaspersky Antivirus 6, mainly as a tripwire indicating I'm finding the "good stuff"... it gets switched off when it's time to grab samples.

But I'd never disable UAC. I may disable it once I've built a dedicated "honeypot" Vista system that I actually intend to infect, though. For now, I use a Win2000 rig with FireFox 2.0.0.4 and IE6 as my "infect-me" box, and re-image it when it's time for the next sample.

If there's someone who should boast of his credentials, however, it would be bsobel, stash and Smilin, not myself. They all recommend and use UAC. hmmm.

Kaspersky, great anti-virus. I applaud your work and am happy to see you have found a setup that works for you. I have too. Can we just leave it at that?

And I would agree, those people all seem very intelligent and have found UAC to work for them. However, does that imply that anyone not using UAC can't boast in their credentials? Is this a new stipulation that I should be aware of? Personally, I think my implementation is pretty good. It's never failed. But then, I'm not here to boast about anything, so does it matter that I don't use UAC?

No, but if you and other people are going to throw away an extremely-powerful security tool just because it puts up prompts on your screen, I'd at least like to make sure you know it's not as superficial as prompts on your screen. And the type of proactive protection it provides, fills a gap where your firewall, signature-based and heuristics-based defenses can fall short.

You want to know the most powerful security tool? Unplug your computer from the internet when you're not using the internet. Do you do that for every computer you own?

Out of curiosity, since you have evidently given some thought to security, do you use a non-Administrator account for daily-driver stuff, or have you given it a try? If so, how did it work for you?

Sure, I've given it a try. Flip, anyone who's ever used Linux has done that. Didn't make a bit of difference. Well, I'm sure it would have it I even went to sites like bearsxxx. Well, actually, I guess you got me. When I downloaded my keygen and forgot to scan it first, it probably wouldn't have caused a problem. Oh well, guess that just sunk my boat. :roll:

Zero-day exploit FTW, then. :beer:

I have no illegal software, music, videos, or anything else that is illegal. FTW!!

I expect the same thing that happens normally with Windows vulns: the holes get patched, and the bad guys go back to the drawing board.

Yeah, but not before several hundred to thousands of computers get worked. Where's your UAC then? Sure hope to hell you not putting all your baskets into UAC. Fact is, no software is perfect. Nearly every piece of code has some potential for being exploited, including the tools I use. Difference is, there are a lot more people with a grudge against Windows then there are with a grudge against my tools.

EDIT: To give credit where credit is due, most of my network and security knowledge I gained from a man named Joe Doupnik, one of the smartest men I know. Does a lot of work with Novell, though tinkers a lot with Windows. He gave me a paper once on securing an XP machine and removing unnecessary Windows services. If I can find it, I'll let you know.

If you want a good laugh, type his name in google and look at his home page at Utah State University. He's a got pretty old and bad picture up there. Currently works at Oxford University though. Hopefully they have a better picture. Wrote part of the operating system that's currently being used on the space station.

 

[bsobel]

And I would agree, those people all seem very intelligent and have found UAC to work for them. However, does that imply that anyone not using UAC can't boast in their credentials?

As the person who brought this up, I wanted to clarify. Too often we have user who have zero background in security (and often less in general computing practices) come in here telling others how to make their system work best. This is usually at the detriment of other users.

The classic example around here is System Restore and the XP release. Everyone and their brother started a thread about how horrible SR was because it took some disk space and argued and argued that MS was evil and it had to be turned off (sound familar?). Ironically many of those folks later had XP problems and when we simply told them to system restore back before the issue, they couldn't. We then get stuck un-breaking these machine from folks who really didn't know enough to be tinkering with them in the first place.

So, now that you've told me a bit about your background... You know what your doing, you accept the risk, and you're doing other things to manage it. And it doesnt appear your here trying to convince others to turn UAC off (albeit, the very existance of the thread does tend to suggest that, perhaps unintentionally). Clearly your managing your box. I'd just hate to see others (say the random gpu overclocker :roll use what your doing as a basis for deciding they don't need UAC either.


Is this a new stipulation that I should be aware of? Personally, I think my implementation is pretty good. It's never failed. But then, I'm not here to boast about anything, so does it matter that I don't use UAC?

No, but if you and other people are going to throw away an extremely-powerful security tool just because it puts up prompts on your screen, I'd at least like to make sure you know it's not as superficial as prompts on your screen. And the type of proactive protection it provides, fills a gap where your firewall, signature-based and heuristics-based defenses can fall short.

You want to know the most powerful security tool? Unplug your computer from the internet when you're not using the internet. Do you do that for every computer you own?

Out of curiosity, since you have evidently given some thought to security, do you use a non-Administrator account for daily-driver stuff, or have you given it a try? If so, how did it work for you?

Sure, I've given it a try. Flip, anyone who's ever used Linux has done that. Didn't make a bit of difference. Well, I'm sure it would have it I even went to sites like bearsxxx. Well, actually, I guess you got me. When I downloaded my keygen and forgot to scan it first, it probably wouldn't have caused a problem. Oh well, guess that just sunk my boat. :roll:

Zero-day exploit FTW, then. :beer:

I have no illegal software, music, videos, or anything else that is illegal. FTW!!

I expect the same thing that happens normally with Windows vulns: the holes get patched, and the bad guys go back to the drawing board.

Yeah, but not before several hundred to thousands of computers get worked. Where's your UAC then? Sure hope to hell you not putting all your baskets into UAC. Fact is, no software is perfect. Nearly every piece of code has some potential for being exploited, including the tools I use. Difference is, there are a lot more people with a grudge against Windows then there are with a grudge against my tools.

EDIT: To give credit where credit is due, most of my network and security knowledge I gained from a man named Joe Doupnik, one of the smartest men I know. Does a lot of work with Novell, though tinkers a lot with Windows. He gave me a paper once on securing an XP machine and removing unnecessary Windows services. If I can find it, I'll let you know.

If you want a good laugh, type his name in google and look at his home page at Utah State University. He's a got pretty old and bad picture up there. Currently works at Oxford University though. Hopefully they have a better picture. Wrote part of the operating system that's currently being used on the space station.

 

[Smilin]

Originally posted by: Woofmeister

Originally posted by: bsobel
Is your experience with UAC from doing a clean install and configuring or are you having constant issues even now?

It's a clean install on two virgin drives and even after configuring, I'm having constant issues with UAC on startup.

No, it's not a clean install...

The apps that are causing this are in the OP: Rivatuner, Nvidia Monitor, Seagate Free Agent.

...and you are not having issues with UAC, you're having issues with what's causing UAC. WTF does a hardware monitor need to trigger UAC each time it's run for? It clearly needs some kernel/admin access during install but that should be the end of it. We're going in a big circle here. You know where the problem is you just want the symptom to go away without fixing the problem....

Well known programs that I depend on for (1) GFX fan control and overclocking, (2) hardware monitoring and (3) backups to my external drive. Obviously, these are pretty important apps. Agreed that my problem is with the apps that need to be fixed, but what am I supposed to do? Write my own programs? And if these apps were fixed, my view of UAC might change, but I fear that there will always be some new app out there that we want to run at startup that will not quite pass muster with UAC. Sure every program should be written correctly the first time, but that doesn't happen very often and frankly, nobody knows that better than MSFT. Accordingly, MSFT could have at least given us some control over exceptions using some additional method of security when configuring the exception. I'm willing to configure the exception standing on my head reciting ancient Greek if that's what MSFT needs to authenticate the exception--I'm just not willing to do that more than once per app.

c) What are your qualifications to be making the risk/reward tradeoff: Certainly as owner of your box you have most if not all the moral right to do what you want, however now your out suggesting others do the same. As such, I'd like to know what qualificaitons you have that should allow you to make this kinda of a recommendation to others.

I never advised anybody to turn off UAC, I simply stated that I had done so. In fact that's why I started this thread, I wanted to know who else had turned off UAC and if not why not. As such, my qualifications don't really matter. However, since you asked, one of my roles at work is the equivalent of being my company's Chief Information Officer and our in-house and off-site IT people are my direct reports. My professional background also includes a stint at a federal agency where I worked on some of the first computer crime investigations.

I don't buy this. As a CIO you would never put up with such craplications being placed on your corporate desktop images. Yet you put them on your personal desktop and gripe when the expected happens?? You're no dummy, why would you gripe at this expected outcome?

Like I said earlier, turn off UAC if you want. You can drive without a seatbelt if you want too. It's a free country. Chances are you'll be fine without UAC but please spare us the "I've been hacked thread" if it turns out otherwise.

 

[mechBgon]

I don't have time for full rebuttals during my brief lunch break, so this'll have to be quick

No , just a yawn. Yet another site proving nothing about the "superiority" of IE7 over Firefox and how it is so much more secure. Last references turned around and bit you in the butt and this is the best you can do?

All that site shows is that if you go to ridiculous websites and you have Vista with all it's features installed, plus NOD32 Antivirus, nothing got through. Well, yeehaw. I've never stated that these tools won't help you. But like I said, who in the world with a strong knowledge of computers and the internet would go to bearsxxx.porn-host.org?

If you didn't read the article carefully, FireFox was a valid attack vector because it lacks the integrity features of IE7 in Protected Mode. Also, if you think you have to visit risky sites to be exposed to zero-days, think again. Tom's Hardware Guide, ever heard of them? Their advertising partner was serving up ANI exploits. Since you're here, clearly you do visit computer-hardware websites.

I have no illegal software, music, videos, or anything else that is illegal. FTW!!

As I just mentioned, all you need to do to be exposed is to visit a normally-safe website that ain't safe anymore.

Why is this not alright with you?

Because you seem not to have a full grasp of what-all UAC does. You're saying you can do everything for yourself that it can do. Read all of this and then read both pages of this and now tell me with a straight face that you are able to manually split your token and etc. I don't mind if you want to think differently, but be informed about it when declaring how it does "absolutely nothing you can't do for yourself."

When I downloaded my keygen and forgot to scan it first, it probably wouldn't have caused a problem.

As someone who downloads malware and has it analyzed with over 40 antivirus products, I wouldn't go betting the farm on any signature-based product today. Not Kaspersky, not anything, not all of them combined. I've seen new Trojans go right by every single scanner, yet when they're executed...? Yep.

Anyway, that's all I have time for, except to mention that non-Admin user accounts do make a serious difference. That's based on about 300,000 machine-hours of systems used by average employees, as well as my own informal research.

Since it appears there is more heat than light being generated, I'll leave it at that if you're tired of discussing it. One more article worth a look, from Bill's crew: http://www.symantec.com/enterp...vista_and_current.html

Be informed, be safe, and good luck

 

[engineereeyore]

Originally posted by: mechBgon
Since it appears there is more heat than light being generated, I'll leave it at that if you're tired of discussing it.

Be informed, be safe, and good luck

Agreed. There's always more than one way to skin a cat. If you're happy, great. I'm happy. So let's just agree to disagree.

:thumbsup:

 

[Woofmeister]

Originally posted by: Smilin

Originally posted by: Woofmeister

Originally posted by: bsobel
Is your experience with UAC from doing a clean install and configuring or are you having constant issues even now?

It's a clean install on two virgin drives and even after configuring, I'm having constant issues with UAC on startup.

No, it's not a clean install...

Pardon me? What do you mean it's not? How do you know? Are you omniscient?

The apps that are causing this are in the OP: Rivatuner, Nvidia Monitor, Seagate Free Agent.

...and you are not having issues with UAC, you're having issues with what's causing UAC. WTF does a hardware monitor need to trigger UAC each time it's run for? It clearly needs some kernel/admin access during install but that should be the end of it. We're going in a big circle here. You know where the problem is you just want the symptom to go away without fixing the problem....

Yes, we're going in a circle because you continue to absolve MSFT from responsibility for a problem they should have anticipated. I don't know why NVIDIA's Monitoring software triggers UAC, I just know that it shouldn't and there are lots of other programs that do the same thiing. That MSFT did not make some provision for this with UAC is part of the problem just as much as software that needlessly accesses kernel/admin. MSFT threw lots of elbows to make its operating system the only game in town. Forgive me if I hold them partially responsible for ensuring compatibility with all the software that's out there even if its poorly written.

I never advised anybody to turn off UAC, I simply stated that I had done so. In fact that's why I started this thread, I wanted to know who else had turned off UAC and if not why not. As such, my qualifications don't really matter. However, since you asked, one of my roles at work is the equivalent of being my company's Chief Information Officer and our in-house and off-site IT people are my direct reports. My professional background also includes a stint at a federal agency where I worked on some of the first computer crime investigations.

I don't buy this. As a CIO you would never put up with such craplications being placed on your corporate desktop images. Yet you put them on your personal desktop and gripe when the expected happens?? You're no dummy, why would you gripe at this expected outcome?

Ah, more omniscience. What don't you buy? My current role or my previous experience? Of course I would never allow these applications to be installed in our corporate environment--we don't allow any applications to be installed without approval. We do that to protect our network from the lowest common denominator. You're not seriously suggesting that the same absolute standard should apply to the home enthusiast who wants to install legitimate software on his own machine are you?

Chances are you'll be fine without UAC but please spare us the "I've been hacked thread" if it turns out otherwise.

I promise to spare you the "I've been hacked thread", happy?:gift:

 

[bsobel]

I don't know why NVIDIA's Monitoring software triggers UAC, I just know that it shouldn't and there are lots of other programs that do the same thiing.

How can you possibly make such conflicting statements? I don't know what the program is doing, but it shouldn't trigger UAC regardless. UAC triggers if the app tries to modify parts of the system you need to be an admin to modify. Perhaps it's opening registry keys with write permissions when only read is needed, perhaps it's doing one of a number of other things which it shouldn't be doing. Written properly you'd get the UAC prompt at install and thats it.

I agree *completely* that it's annoying that Nvidia hasn't fixed this. What I don't agree is that it's MS's fault that they haven't. On the positive side your other comment "but I fear that there will always be some new app out there that we want to run at startup that will not quite pass muster with UAC" should prove to be false. The amount of non UAC aware applications will continue to dwindle as updates come out. It's much like any other new feature in Windows that apps are required to support (terminal services, fast user swtiching, power management, etc). Initially none of the apps really support it, today they 'just do' and no-one starts threads about how annoying fast user switch is since their app doesnt work with it.

 

[mechBgon]

Originally posted by: engineereeyore

Originally posted by: mechBgon
Since it appears there is more heat than light being generated, I'll leave it at that if you're tired of discussing it.

Be informed, be safe, and good luck

Agreed. There's always more than one way to skin a cat. If you're happy, great. I'm happy. So let's just agree to disagree.

:thumbsup:

Agreed. And if you really have enough power to take down bad sites, I can supply you with an ongoing list of bad domains that need to get blown away. But I don't think you'll find it easy. Starter: xujace.com.

 

[Woofmeister]

Amen to more heat than light being generated. I had no idea that this post would generate such a visceral response or that UAC would have such passionate and knowledgeable defenders. I hope everyone understands that I was genuinely interested in other people's opinions on UAC and it was not my intention to start a flame war.

As for me, our discussions have made me reconsider my position and, as of right now, I've turned UAC back on. I'll see if I can live with it for a while longer until Nvidia and Seagate get their act together (not much hope for freeware like Riva though).

Oh, and mechBgon, you may not remember, but five or six years ago when I first signed on to Anand as a bona fide noob building one of my first PCs, you were one of the people who tried to help me get my system to POST.

I'll never forget that!

 

[bsobel]

[(not much hope for freeware like Riva though).

If you don't mind a little tweaking this should let Riva work for you without the UAC prompt until it's updated properly..

 

[Woofmeister]

Originally posted by: bsobel

[(not much hope for freeware like Riva though).

If you don't mind a little tweaking this should let Riva work for you without the UAC prompt until it's updated properly..

 

[fierydemise]

I think in 6 months UAC will be a much smaller issue, right now developers have not gotten used to Vista and UAC and many have relied on having admin access like that did in XP, once the developers start to adapt and Vista's marketshare continues to grow I'm sure we'll see a lot fewer programs with UAC prompts.

 

[n7]

Originally posted by: bsobel

[(not much hope for freeware like Riva though).

If you don't mind a little tweaking this should let Riva work for you without the UAC prompt until it's updated properly..

Wow nice.


Except i did everything as described by Dingchow & then FlyingHorse (though not the registry haxing since Dingchow said it wasn't necessary), & after enabling UAC i rebooted only to find it blocking the OCing/fan profiles, not to mention PeerGuardian.

I suppose i could try the registry hax Flyhorse mentions there, but i'm not sure it's the same doing it in x64 vs. x86 as he is?

 

[mechBgon]

Oh, and mechBgon, you may not remember, but five or six years ago when I first signed on to Anand as a bona fide noob building one of my first PCs, you were one of the people who tried to help me get my system to POST.

I'll never forget that!

See, I'm not completely evil! Tiresome, maybe...

Just for fun, here's some pics of VirusTotal analyses. See how your signature-based and/or heuristics-based protection does against these in-the-wild attack files.

http://pics.bbzzdd.com/users/mechBgon/sample_1.GIF

http://pics.bbzzdd.com/users/mechBgon/sample_2.GIF

http://pics.bbzzdd.com/users/mechBgon/sample_3.GIF

http://pics.bbzzdd.com/users/mechBgon/sample_4.GIF

http://pics.bbzzdd.com/users/mechBgon/sample_5.GIF

http://pics.bbzzdd.com/users/mechBgon/sample_6.GIF

http://pics.bbzzdd.com/users/mechBgon/sample_7.GIF


Maybe a layer or two of proactive protection wouldn't hurt, eh? Granted, the security software might detect later stages of the attacks, and might detect some of them better in context. But I think the point is made: security software isn't invincible. Consider carefully before you dismiss the value of proactive protection such as UAC and non-Admin user accounts.

 

[mechBgon]

Originally posted by: n7

Originally posted by: bsobel

[(not much hope for freeware like Riva though).

If you don't mind a little tweaking this should let Riva work for you without the UAC prompt until it's updated properly..

Wow nice.


Except i did everything as described by Dingchow & then FlyingHorse (though not the registry haxing since Dingchow said it wasn't necessary), & after enabling UAC i rebooted only to find it blocking the OCing/fan profiles, not to mention PeerGuardian.

I suppose i could try the registry hax Flyhorse mentions there, but i'm not sure it's the same doing it in x64 vs. x86 as he is?

I'd try my hand at generating one of them-there compatibility fixes for RivaTuner, except my wimpy litte nVidia 6600 vanilla has no fan to control, so I'm not sure if I can play ball with you luckier guys. Is someone game for trying to generate one? See http://technet2.microsoft.com/...c2811033.mspx?mfr=true

 

[Maximilian]

I have it disabled, i see no reason why a savvy user would have it enabled. Ive read many reasons from security people who i think are extremely paranoid and i am actually surprised they have their computers assembled and connected to the internet, they would be much safer unplugged and back in the box! In fact no just ship the thing back to the manufacturer, it'll be safe there

Ive had 0 problems.