Main Area and Open Discussion > General Software Discussion

Windows 7 — first impressions

<< < (6/18) > >>

a_lunatic:
However, Norton was working on a UAC white-list app that would allow one to okay a UAC prompt once & then have the system remember that app as being okay & never prompting again. I haven't heard anything about that program lately, though.-Innuendo (November 30, 2009, 10:13 AM)
--- End quote ---

Here's one but only works with Windows 2000/2003/XP/Vista but it does NOT support 64bit :down: & I have not tried it as I only got 64bit
http://www.replaceuac.com/

f0dder:
I seriously don't think I understand what it *is* designed to do, other than to annoy and confuse. The problem seems to be that Windows can't tell the difference between a user-initiated action and an action that's possibly unauthorized.-tranglos
--- End quote ---
If Windows tried to differentiate between user-launched and not, malware would simply send keystrokes/mouse-movements...

Since it's pretty much impossible to launch regedit or a snapin accidentally, the prompt seems redundant.-tranglos
--- End quote ---
Double-clicking (or malware doing ShellExecute on) a .reg file...

Then it should alert when a process tries to do somtehing fishy, not simply when the process starts. It's impossible to know beforehand whether an app has been compromised or not. Again, this is what AV/antispyware software is there to detect.-tranglos
--- End quote ---
Full HIPS style protection is outside the scope of UAC... IMHO what UAC does and protects again is perfectly fine for what it was designed for - only thing that really bothers me about UAC is the developer side of the story (not properly documented, no clean/supported way to drop rights).

At the same time, there are no prompts when TuneUp installer registers its services, which is where a malware app could do some real harm.-tranglos
--- End quote ---
That's because you're already running the installer with admin privileges, to have write access to %ProgramFiles%.

I just can't see a scenario where I should be prompted before I knowingly execute a known application. It serves no purpose if the app is fine, and it serves no purpose if the app is a trojan, because I cannot know that. At the very least there should be an option like "Do not prompt for this application again".-tranglos
--- End quote ---
Keep in midn that the main benefit of UAC is protecting you from stuff that happens behind your back, combined with the fact that Windows can't (and shouldn't!) try to differentiate between user-initiated actions and programmatic actions.

Why should there be a prompt to run a spyware scanner? How is it useful? Potentially, how many people will get spooked by the warning and decide not to run the scanner after all?-tranglos
--- End quote ---
There shouldn't be a prompt. The programmers of the spyware scanner should have programmed properly, following the age-old design guidelines that's been available since NT4... move the privileged code to a service, let the GUI run as normal user code. Presto, problem solved. Yes, it's more work for the programmers, but it's the proper way to do things, and it's been for like fifteen years.

Shame on Microsoft for not dumping the 9x line sooner, and shame on them for making the default user on NT have admin privileges until Vista.

That may well be. I still don't get why deleting items does not require admin rights, but renaming does.-tranglos
--- End quote ---
Probably because there's some (registry setting?) to "hide" items from AllUsers on *your* user account - while renaming would try to rename registry keys / .lnk files from AllUsers.

However, Norton was working on a UAC white-list app that would allow one to okay a UAC prompt once & then have the system remember that app as being okay & never prompting again. I haven't heard anything about that program lately, though.-Innuendo
--- End quote ---
Convenient, but a bad idea anyway. It was covered in another thread.

JavaJones:
Jump Lists:
http://windows.microsoft.com/en-us/windows7/products/features/jump-lists
http://blogs.zdnet.com/BTL/?p=16143

Another "Ooo, shiny and new, only available in Win7!" feature that was actually available all the way back to WinXP and maybe even Win2k, although at that time it required more work on the part of the developer (see Winamp for example). Still a cool feature though, and much more powerful and flexible in Win7 in any case.

- Oshyan

tranglos:
If Windows tried to differentiate between user-launched and not, malware would simply send keystrokes/mouse-movements...
-f0dder (November 30, 2009, 11:32 AM)
--- End quote ---

Sure, but then what's the point of prompting in the first place? If I'm about to start a virus, UAC doesn't know about it and neither do I. Only my AV software will. and if I'm starting a benign app, UAC serves no purpose.

Since it's pretty much impossible to launch regedit or a snapin accidentally, the prompt seems redundant.-tranglos
--- End quote ---
Double-clicking (or malware doing ShellExecute on) a .reg file...
-f0dder (November 30, 2009, 11:32 AM)
--- End quote ---

There has always been a prompt for double-clicking a .reg file, and that's good. On the other hand, starting regedit without any command-line parameters is not in itself harmful. I would sooner understand a prompt before regedit tries to write to the registry. I can't accept a prompt just for starting regedit.

Maybe this is a character issue, f0dder :) None of the UAC annoyances are present on XP, of course, but there is a distant hint of the same. XP creates a folder called "System Volume Information" on every drive. If my understanding is correct, this folder is used to keep the System Restore snapshots. These folders are inaccessible to admin users - you can't see what's inside, you can't read the contents nothing. Since the folders are locked out, I don't know if defraggers or apps that show disk usage by folder can even do their work properly. Maybe, maybe not. I turn System Restore off first thing after installing XP, because I don't like black boxes on my system that take up who knows what amount of space and can't be managed by the admin. Do I trust System Restore will work when needed? Not at all.

UAC, and the other new Vista/7 "security" features are in the same league. They lock me out of things on my own system I may want to look at and know about, and I don't like that.

Keep in mind that the main benefit of UAC is protecting you from stuff that happens behind your back, combined with the fact that Windows can't (and shouldn't!) try to differentiate between user-initiated actions and programmatic actions.
-f0dder (November 30, 2009, 11:32 AM)
--- End quote ---

So far it's only trying to protect me from starting applications I want to start. It serves no purpose on a properly maintained system. Thankfully I can turn it off :)

MilesAhead:
Jump Lists:
http://windows.microsoft.com/en-us/windows7/products/features/jump-lists
http://blogs.zdnet.com/BTL/?p=16143

Another "Ooo, shiny and new, only available in Win7!" feature that was actually available all the way back to WinXP and maybe even Win2k, although at that time it required more work on the part of the developer (see Winamp for example). Still a cool feature though, and much more powerful and flexible in Win7 in any case.

- Oshyan
-JavaJones (November 30, 2009, 12:46 PM)
--- End quote ---

I like 7stacks.  But after using it for awhile I seemed to remember these little gizmos for the OS/2 Taskbar where you click it and a whole "drawer" full of icons extends(kind of like how the equalizer pops out on a Winamp skin.) Of course 7stacks using glass which makes it more fun.  But it's essentially the same salt shaker only transparent.

Navigation

[0] Message Index

[#] Next page

[*] Previous page