Hey /g/
Since the introduction of UAC (user account control) with windows Vista there have been discussions going on between the proponents and opponents of it.
It's often a heated, unsubstantiated debate that boils down to name calling and allegedly "people not knowing what they are doing".
I have to say I tend to side with the UAC-opponents, because it's most of the time them asking to turn it off with the proponents questioning their motivation - instead of giving advice on how to actually turn it off.
I've never gotten an answer to the question why I would want to bother with UAC on a system that is isolated and well known, i.e. no foreign mass storage devices, no javascript/flash/x-objects/any other web-shit, no installation of software by the user after the initial setup.
I see how the average user might (MIGHT) get around destroying their own system or getting it destroyed by third-party malware with the help of UAC, but I've never seen the use of it on a workstation that is truly just used for that: Working. Running apps to manage customer data, running excel, etc.
Are you pro or con UAC, or are you, like me, saying there can be cases for and against it (and thus MS should make it easier to disable it). Can you give me a valid reason to have it enabled for the specific case named?
>pic related: One of the most hated pop-ups ever to be shown on a screen
Install Gentoo
The way it's implemented is shit. It makes your screen go black for a couple of seconds and then you have this stupid pop up with a darkened background.
>>53760477
That's called the "secure desktop" it's said that it can't be accessed by running apps on the system. Which is of course wrong.
>>53760477
The whole point of that is to call your attention to it, in case it's being controlled by someone other than you.
Also, you can change the settings to make it a pop-up only, without the screen blackening. You can also disable it completely.
>>53760477
Happens on Intel HD graphics most commonly, also using the basic video driver in 7 or later.
>>53760471
Linux is always an option.
Except if you have licensed applications you use for work that only support windows.
>>53760525
But you can virtualize user input, if necessary on driver level, how is it something giving security then? Sure it'll keep out optixPro script kiddies, but common sense would too. And if common sense doesn't help, allowing the user to utilize it's lack of common sense by deciding what to run or not is redundant and insecure.
>you can also disable it completely
On win8 you can't disable it via GUI, you have to meddle with the registry and if done so, it disables the app market. Only way to download apps then is meddeling with the registry again->reboot->install app>meddle with reg->reboot. I wouldn't let that count as the ability to disable it.
Turning off UAC means any application can elevate themselves to Administrator permission whenever they want without prompting you. That is fucking insanity. That is giving your PC the security of a Windows XP box circa 2003.
Now you can do whatever you like with your PC but I have to question if your time is so important that you would trade such security to avoid clicking a prompt one time.
>>53760564
Also happens on a gtx 980ti with the latest drivers.
>>53760477
That's only on Vista/7, 8 and 8.1 it's instantaneous.
>>53760606
You can have a completely save windows XP box. Just treat is as the example in the OP.
Apart from that, I myself prefer usability over security. I find it less annoying to roll back to a backup (I do them frequently, need them basically never, last roll back was two years ago) than dealing with UAC and, worst of all, the HUGE trouble shooting issue it carries, because app X crashes without admin rights, but app Y makes app Z crash when having admin rights, and so on. Trouble shooting outdated software is the biggest mess on >=Vista.
>>53760606
>avoid clicking a prompt one time
If it's an app downloaded from the web, you might just click it every single time, despite ticking the box of "don't bug me anymore". Even if it's an app you yourself have coded.
>>53760398
MS should make it a forced on all the time. Applications shouldn't be allowed to elevate whenever they want. This will also forces developers to stop requiring administrator access for everything they fucking do.
There should be an option "don't fucking bug me about allowing this specific program to run ever again". Then I'd be fine with it.
>>53760719
What about the inability to delete directly from your "C:\program files" folder without giving yourself "ownership" of the folder? Often enough there's arbitrary files left after uninstall and you are not allowed to delete them manually without walking insane extra miles that involve risking your security anyways.
Also you can't save for example text files into "C:\program files", meaning apps that store config files within their program folder can A run into problems saving these settings and B can't be customized by editing the config without getting ownership.
>>53760765
Yep can't delete gwx directly because I don't have permission. In fact nothing has permission.
>>53760820
Check it out, you don't even have permission to change a lot of the permissions.
The dialogue to do so even lacks a "[x]continue for every future error" tick box, so for every item you don't have permission to change permission, you are forced to click a button to continue with the next element, potentially thousands of times, depending on the size of the folder of which you want to claim ownership.
It's absolutely ridiculous.
>>53760820
>>53760863
There is things that do have permission though. It's called malware.
>>53760765
Insane extra mile? You mean a few clicks in a GUI permission manager?
Better yet:takeown /f "C:\Program Files" /r /d y
>>53760863
> Check it out, you don't even have permission to change a lot of the permissions.
There is literally no folder or file you can't change the permissions of. You're either mentally retarded or have the computer knowledge of a 12 year old.
>>53760966
Folder owned by NT AUTHORITY\SYSTEM with no read/modify rights granted to any other group.
How do you get into the folder without hacks, smart guy?
>>53760398
Install *BSD
I trust people with my computer so little that I set it to always ask for a password whenever UAC comes up
>>53760966
Idiot. Tons of system files you can't change permission for without fucking with the registry.
>>53760987
>>53761045
You can test this out yourself create a folder remove all permissions and set the owner as nt authority\system.
Then run the command I put on the requested file. Dumb fucks.
>>53760876
Thing is, you won't ever get malware onto an isolated/well administrated system. On top of that, rootkits don't care about UAC, since they're running driver level, so everything that could really hurt you (i.e. well done malware) would still fuck you up. Never mind the things UAC has no control over like online accounts in a browser of a non-isolated system.
>>53761045
Example?
>>53760966
"You" referred to the administrator (not user, admin). Apart from the steps it takes to take ownership, it's also a time issue, as for the reasons I've mentioned. Why not implement an easy way like a "Fuck you and your security, I'm the one to blame when I fuck up my system"-button?
>>53761199
Because then everybody would be doing that and subsequently fucking up their system and taking up Microsoft Support's time.
By making the procedure possible, but a pain in the ass to do, only people who are serious and know what they're doing can work around it.
>>53762034
From a consumer perspective, this is a non argument and nobody should defend that position, but factually you're correct I guess.
I like it and don't like it at the same time. I like it because I know before I run a program if it is going to try to make changed to my system files or registry. I don't like it because when I forget to run something as administrator I have to close and reopen the program.
>>53760477
>>53760398
That's lie running as Root in Loonix. Why don't any Loonix users do that?
>>53760398
UAC has its quirks (can only have one instance of explorer running at any given time) but its a lot better than what Windows had before. Most of the problems come from developers that have refused to change their ways since 2002.
>>53760398
It makes the problem worse because it teaches normies to mash the yes button.
