Comments on: You are disabling UAC. Cancel or Allow? http://www.securitycurve.com/wordpress/archives/500?utm_source=rss&utm_medium=rss&utm_campaign=you-are-disabling-uac-cancel-or-allow Mon, 06 Sep 2010 07:38:49 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: Dave H http://www.securitycurve.com/wordpress/archives/500/comment-page-1#comment-162 Dave H Thu, 29 Mar 2007 17:18:12 +0000 http://securitycurve.com/wordpress/?p=500#comment-162 If the users are being prompted for trying to do the things they are conscious of doing (e.g. deleting a shortcut, changing theme, opening the management application, etc.), then that just accelerates the process of users ignoring the dialog boxes. It'd be more appropriate if these dialog boxes are generated not by user initiated events, but rather by (untrusted) background processes - you know, like a sane virus scanner or firewall. Don't know what MS is thinking... If the users are being prompted for trying to do the things they are conscious of doing (e.g. deleting a shortcut, changing theme, opening the management application, etc.), then that just accelerates the process of users ignoring the dialog boxes.

It’d be more appropriate if these dialog boxes are generated not by user initiated events, but rather by (untrusted) background processes – you know, like a sane virus scanner or firewall. Don’t know what MS is thinking…

]]> By: Dave H. http://www.securitycurve.com/wordpress/archives/500/comment-page-1#comment-161 Dave H. Thu, 29 Mar 2007 17:13:59 +0000 http://securitycurve.com/wordpress/?p=500#comment-161 If the users are being prompted for trying to do the things they are conscious of doing (e.g. deleting a shortcut, changing theme, opening the management application, etc.), then that just accelerates the process of users ignoring the dialog boxes. It'd be more appropriate if these dialog boxes are generated not by user initiated events, but rather by (untrusted) background processes - you know, like a sane virus scanner or firewall. Don't know what MS is thinking... If the users are being prompted for trying to do the things they are conscious of doing (e.g. deleting a shortcut, changing theme, opening the management application, etc.), then that just accelerates the process of users ignoring the dialog boxes.

It’d be more appropriate if these dialog boxes are generated not by user initiated events, but rather by (untrusted) background processes – you know, like a sane virus scanner or firewall. Don’t know what MS is thinking…

]]> By: Adam http://www.securitycurve.com/wordpress/archives/500/comment-page-1#comment-160 Adam Mon, 26 Mar 2007 17:12:13 +0000 http://securitycurve.com/wordpress/?p=500#comment-160 Speaking for me, it gets a lot better once you get through the setup process. I have UAC on, and see a prompt a week or so. Adam Speaking for me, it gets a lot better once you get through the setup process. I have UAC on, and see a prompt a week or so.

Adam

]]> By: kurt wismer http://www.securitycurve.com/wordpress/archives/500/comment-page-1#comment-159 kurt wismer Wed, 21 Mar 2007 04:40:47 +0000 http://securitycurve.com/wordpress/?p=500#comment-159 actually, i think asking in general is the right thing to do but you have to be careful not to ask too often... the problem with windows is that too many behaviours have significant enough security implications to warrant the prompt... the reason these sorts of prompts exist is because applications don't come pre-loaded with a fingerprint or baseline of what normal behaviour is, much less what YOUR normal behaviour is (the general your, not you specifically) and some designers have had the presence of mind to use those prompts as a means to develop that fingerprint over time... UAC (from what i gather, i avoid vista on philosophical grounds) apparently doesn't do that and that probably is a failure in the design of UAC... actually, i think asking in general is the right thing to do but you have to be careful not to ask too often… the problem with windows is that too many behaviours have significant enough security implications to warrant the prompt…

the reason these sorts of prompts exist is because applications don’t come pre-loaded with a fingerprint or baseline of what normal behaviour is, much less what YOUR normal behaviour is (the general your, not you specifically) and some designers have had the presence of mind to use those prompts as a means to develop that fingerprint over time… UAC (from what i gather, i avoid vista on philosophical grounds) apparently doesn’t do that and that probably is a failure in the design of UAC…

]]>