Much has been said, and ridiculed, about the UAC feature in Microsoft Vista. Aside from 2 security MVPs and a handful of Microsoft employees I have not met anyone else that either likes this feature or is not asking to have it removed.
Some background: UAC comes out of the years and years of no easy process priviledge escalation control in Microsoft Windows. While working on a Workstation in an Administrator mode (default for XP and below) any process can without permission modify the registry, install drivers, change system configuration, etc. This lack of control is the main contributor to the spread of viruses, spyware and rootkits on the Windows platform and perhaps the main reason why Windows gets the “insecure” label so easilly.
So after Microsoft tried and failed to conquer the anti-spyware market, after they tried and failed to conquer the anti-virus market, they decided to actually fix the problem. (ok, truth is these efforts were being made in parallel but lying makes it sound better) So how does one fix the problem? By lifting the technology from the people that have already solved it! So they dug up their Linux guy from the basement, chained him to the steering wheel, drove him through the mobile car wash a few times and then sat him at the table to explain su and sudo.
Long story short, they stole sudo (superuser do) technology that allows a regular user to escalate to the superuser priviledge to execute a single command as the Administrator. They wrote a wrapper so that every time a process requested a restricted object (install a driver, manage users, etc) the little window will pop up with Windows needs your permission to continue. And as they were stuffing their Linux guy back into the box of manure he said something about su but they were already well on their way to kicking him down the stairs back into the basement.
The ONLY thing thats wrong with UAC
Microsoft half-assed this big time. UAC does not, and likely will not, piss off home users during their regular computer use. However, during provisioning and system troubleshooting UAC becomes a total nightmare.
All the Microsoft OEM partners know this – which is why they ship boxes with UAC disabled. No why, oh why, do they do this? Because they know that the first thing you’ll do with your shiny new system is to make it your own – add users, add hardware, install software, etc. Be prepared to approve the UAC half a dozen times. OEM’s know this, and they don’t want the support overhead. Thats why they ship boxes without UAC.
The troubleshooters and computer techs? They have no choice but to shut the annoying thing off? Why? Because Microsoft half-assed it. There has to be a way to permanently escalate priviledges to the superuser status while troubleshooting the system; The unix su equivalent – For example – I am installing a video card, yes, I know I am going to be escalating the priviledges over and over and over again until I tweak it completely so STFU and let me work. But no, you have to click over and over and over again. Was it so hard to allow a checkmark to not ask for permission during the next 5 minutes, or never to ask for permission when performing this kind of task or to just accept all access during the entire session? Apparently, it was.
I’ve held onto publishing this for a while but since everyone wants to point at the users as the problem here and not a Microsoft shortsightedness, let’s give this a spin shall we? If you need superuser priviledges during a session to perform a hardware maintenance, software installation or troubleshooting you should not be subject to Vista’s inability to cope with this. To disable UAC follow these steps:
Start> msconfig > Tools > Disable UAC > Launch
Reboot and you can actually perform a maintenance task without being nagged to death. Once you’re done go back and Enable UAC the exact same way, reboot and you’re back to normal.
Microsoft: Get your head out your ass and recognize the ITPRO should not sit around the box and approve escalation more than two times to perform a hardware or system maintenance task. By the same token, don’t think that just because someone is an ITPRO they need permanent priviledge escallation. Just provide a way to put the system into the maintenance mode – more than two prompts are too many, the second permission ought to be smart enough to ask whether this escalation should be assumed for a few minutes or remainder of the session.