I seriously don't think I understand what it *is* designed to do, other than to annoy and confuse. The problem seems to be that Windows can't tell the difference between a user-initiated action and an action that's possibly unauthorized.
If Windows tried to differentiate between user-launched and not, malware would simply send keystrokes/mouse-movements...
Since it's pretty much impossible to launch regedit or a snapin accidentally, the prompt seems redundant.
Double-clicking (or malware doing ShellExecute on) a .reg file...
Then it should alert when a process tries to do somtehing fishy, not simply when the process starts. It's impossible to know beforehand whether an app has been compromised or not. Again, this is what AV/antispyware software is there to detect.
Full HIPS style protection is outside the scope of UAC... IMHO what UAC does and protects again is perfectly fine for what it was designed for - only thing that really bothers me about UAC is the developer side of the story (not properly documented, no clean/supported way to drop
At the same time, there are no prompts when TuneUp installer registers its services, which is where a malware app could do some real harm.
That's because you're already running the installer with admin privileges, to have write access to %ProgramFiles%.
I just can't see a scenario where I should be prompted before I knowingly execute a known application. It serves no purpose if the app is fine, and it serves no purpose if the app is a trojan, because I cannot know that. At the very least there should be an option like "Do not prompt for this application again".
Keep in midn that the main benefit of UAC is protecting you from stuff that happens behind your back, combined with the fact that Windows can't (and shouldn't!) try to differentiate between user-initiated actions and programmatic actions.
Why should there be a prompt to run a spyware scanner? How is it useful? Potentially, how many people will get spooked by the warning and decide not to run the scanner after all?
There shouldn't be a prompt. The programmers of the spyware scanner should have programmed properly
, following the age-old design guidelines that's been available since NT4... move the privileged code to a service, let the GUI run as normal user code. Presto, problem solved. Yes, it's more work for the programmers, but it's the proper way to do things, and it's been for like fifteen years.
Shame on Microsoft for not dumping the 9x line sooner, and shame on them for making the default user on NT have admin privileges until Vista.
That may well be. I still don't get why deleting items does not require admin rights, but renaming does.
Probably because there's some (registry setting?) to "hide" items from AllUsers on *your* user account - while renaming would try to rename registry keys / .lnk files from AllUsers.
However, Norton was working on a UAC white-list app that would allow one to okay a UAC prompt once & then have the system remember that app as being okay & never prompting again. I haven't heard anything about that program lately, though.
Convenient, but a bad idea anyway. It was covered in another thread