2951
Living Room / Re: Death in Family
« Last post by f0dder on December 03, 2009, 04:02 AM »Oh man, very sorry to hear that 
Recent Posts
That app gives a bad name to open source - as if most OSS needs to run as full admin with unsigned drivers!Well, to be fair, it takes a fair amount of work and a bit of cash to get your drivers signed - iirc you even have to set up a company (as a legal entity) in order to get a driver signing license.-MrCrispy (December 02, 2009, 05:54 PM)
Not just UAC, but also driver signing...The arrogance of the UltraDefrag developers doesn't really make me want to even try the app...-f0dder (December 02, 2009, 02:10 AM)
Any app that has to have UAC disabled in order to work will never touch my hard drive.-Innuendo (December 02, 2009, 12:10 PM)
Yup. I think the only advantage would be the encrypted password in the shortcut. I 'spose you could always use a macro to get around typing in a pw but it would kind of defeat the securty.Encryption doesn't help a lot when it's automated...-MilesAhead (December 01, 2009, 11:31 PM)
All those people annoyed by uAC should give linux a try. sudo su is all it takes to have a shell in which to be admin, while the rest of the system is user-owned. I couldn't find a way to do this the time I was on windows.Simply start cmd.exe with administrative privileges - on Vista and Win7, open the start menu, type cmd, and hit ctrl+shift+enter. Same goes for recent versions of FARR-urlwolf (December 01, 2009, 12:27 PM)
- and the trick can be used for other apps than just cmd.exe . Notice that it won't work for explorer, though, because of the way explorer.exe handles multiple instances and your desktop.
i don't really care about power consumption.Bad boy! BAD, bad boy!-superboyac (November 30, 2009, 01:26 PM)
Sure, but then what's the point of prompting in the first place? If I'm about to start a virus, UAC doesn't know about it and neither do I. Only my AV software will. and if I'm starting a benign app, UAC serves no purpose.If you get an UAC prompt by something that isn't an installer, you should be very suspicious. And it adds an extra barrier, your antivirus app might not have the latest-and-greates trojan in it's database.-tranglos
There has always been a prompt for double-clicking a .reg file, and that's good. On the other hand, starting regedit without any command-line parameters is not in itself harmful. I would sooner understand a prompt before regedit tries to write to the registry. I can't accept a prompt just for starting regedit.There's a command-line option to silently import .reg files to the registry... unfortunately, because of the way UAC is implemented, elevation is only available while starting a process - you can't temporarily gain/drop admin privilege in-process. How often do you need to start regedit anyway?-tranglos
None of the UAC annoyances are present on XP, of course, but there is a distant hint of the same.Not if you run it in the standard & unsafe admin-user way. If you do it properly with a limited user account, there's more annoyance than Vista with UAC.-tranglos
These folders are inaccessible to admin users - you can't see what's inside, you can't read the contents nothing.You don't need to poke around there, just like you don't need to delete system files. You can give yourself access with cacls.exe anyway.-tranglos
It serves no purpose on a properly maintained system.Sure it does, it keeps bad stuff out. I'll rather be using UAC and not suffer the performance penalty of antivirus software... (not something I'd suggest for other people though). And I like how Vista is finally forcing developers to program correctly. Again, too bad it didn't happen 10+ years ago.-tranglos
Agreed, but I don't use that Norton program nor am I one of those people who think UAC is bad. First thing I do after installing Windows 7 is go to the Control Panel & crank UAC up to max.AMEN to that!
Now *there* is a setting that has the wrong default value.-Innuendo (November 30, 2009, 03:32 PM)
I seriously don't think I understand what it *is* designed to do, other than to annoy and confuse. The problem seems to be that Windows can't tell the difference between a user-initiated action and an action that's possibly unauthorized.If Windows tried to differentiate between user-launched and not, malware would simply send keystrokes/mouse-movements...-tranglos
Since it's pretty much impossible to launch regedit or a snapin accidentally, the prompt seems redundant.Double-clicking (or malware doing ShellExecute on) a .reg file...-tranglos
Then it should alert when a process tries to do somtehing fishy, not simply when the process starts. It's impossible to know beforehand whether an app has been compromised or not. Again, this is what AV/antispyware software is there to detect.Full HIPS style protection is outside the scope of UAC... IMHO what UAC does and protects again is perfectly fine for what it was designed for - only thing that really bothers me about UAC is the developer side of the story (not properly documented, no clean/supported way to drop rights).-tranglos
At the same time, there are no prompts when TuneUp installer registers its services, which is where a malware app could do some real harm.That's because you're already running the installer with admin privileges, to have write access to %ProgramFiles%.-tranglos
I just can't see a scenario where I should be prompted before I knowingly execute a known application. It serves no purpose if the app is fine, and it serves no purpose if the app is a trojan, because I cannot know that. At the very least there should be an option like "Do not prompt for this application again".Keep in midn that the main benefit of UAC is protecting you from stuff that happens behind your back, combined with the fact that Windows can't (and shouldn't!) try to differentiate between user-initiated actions and programmatic actions.-tranglos
Why should there be a prompt to run a spyware scanner? How is it useful? Potentially, how many people will get spooked by the warning and decide not to run the scanner after all?There shouldn't be a prompt. The programmers of the spyware scanner should have programmed properly, following the age-old design guidelines that's been available since NT4... move the privileged code to a service, let the GUI run as normal user code. Presto, problem solved. Yes, it's more work for the programmers, but it's the proper way to do things, and it's been for like fifteen years.-tranglos
That may well be. I still don't get why deleting items does not require admin rights, but renaming does.Probably because there's some (registry setting?) to "hide" items from AllUsers on *your* user account - while renaming would try to rename registry keys / .lnk files from AllUsers.-tranglos
However, Norton was working on a UAC white-list app that would allow one to okay a UAC prompt once & then have the system remember that app as being okay & never prompting again. I haven't heard anything about that program lately, though.Convenient, but a bad idea anyway. It was covered in another thread.-Innuendo
everything starts faster, most notably firefoxSuperFetch
there doesn't seem to be as much process' starting or they start faster
dunno?-cmpm (November 30, 2009, 04:18 AM)
).As ludicrous as I consider this case to be I must say I love the idea of jail time for executives whose companies break the law. Damn right!Amen to that!-Eóin (November 26, 2009, 08:14 PM)
Sorry, sir, we found pubic hair and semen in your laptop keyboard. Apart from the mere morality issues of what you've been doing, which could taint the minds and souls of our pure fragile engineers, this could be a big health risk!
We found traces of cocaine on your laptop lid and the monitor, so we cannot fix the machine. By the way, your DJ set at the rave last Thursday sucked, go blow yourself.
and if anything else should go wron-tranglos (November 24, 2009, 04:46 PM)
