Security feature in Microsoft's new Windows (Vista) could drive users nuts

TheMSsForum.com: The Microsoft Software Forum

"SEATTLE - An annoying surprise awaits 2 million consumers expected to
enthusiastically step forward in the next few weeks to help Microsoft test
its new Windows Vista PC operating system.

Volunteers will test Vista Beta 2, a near-final version of the much-hyped
upgrade of Windows. The testing is the last step leading up to Vista's
broad consumer release, scheduled for January.

Beta 2 testers can expect to encounter an obtrusive security feature, called
User Account Control (UAC). Designed to prevent intruders from performing
harmful tasks, the feature grays out the computer screen, then prods you to
confirm that you really want to do certain functions.

In early test versions, the queries crop up so often that they interrupt
routine tasks, such as changing the time clock or deleting shortcuts. And
UAC sometimes triggers an endless loop of dialogue boxes that can be
curtailed only by rebooting, says Paul Thurrott, news editor of Windows IT
Pro magazine."

http://www.usatoday.com/tech/products/2006-05-15-vista-security_x.htm?csp=34

-- Imhotep
Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Steven

Steven
Tue May 16 19:42:09 CDT 2006

I have been using Beta 2 and have not noticed the severity to the point
where I have had to reboot the computer. The feature is a security option
that can be turned off in Local Security Policy if the user wishes to and
would rather accept the risk of doing so though and there will probably be
an adequate explanation for those who want to if they access built in help.

It will be interesting to see where users and what percentage draw the line
between convenience and security as my guess is that Vista will have UAC
enabled in the final version and it should be. I don't know however if there
will be an exception list to run certain tasks without the prompt that could
include MD5 hashes of executable files that a local administrator specifies
[similar to software firewall application rules] and possibly even exempt
users that could only be designated by the built in administrator account.
Typically all or nothing approaches are not received well even with the best
of intentions. --- Steve


"Imhotep" <imhotep@nospam.com> wrote in message
news:cdqdnZDPy9JX_ffZnZ2dnUVZ_tidnZ2d@adelphia.com...
> "SEATTLE - An annoying surprise awaits 2 million consumers expected to
> enthusiastically step forward in the next few weeks to help Microsoft test
> its new Windows Vista PC operating system.
>
> Volunteers will test Vista Beta 2, a near-final version of the much-hyped
> upgrade of Windows. The testing is the last step leading up to Vista's
> broad consumer release, scheduled for January.
>
> Beta 2 testers can expect to encounter an obtrusive security feature,
> called
> User Account Control (UAC). Designed to prevent intruders from performing
> harmful tasks, the feature grays out the computer screen, then prods you
> to
> confirm that you really want to do certain functions.
>
> In early test versions, the queries crop up so often that they interrupt
> routine tasks, such as changing the time clock or deleting shortcuts. And
> UAC sometimes triggers an endless loop of dialogue boxes that can be
> curtailed only by rebooting, says Paul Thurrott, news editor of Windows IT
> Pro magazine."
>
> http://www.usatoday.com/tech/products/2006-05-15-vista-security_x.htm?csp=34
>
> -- Imhotep


Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Paul

Paul
Wed May 17 01:48:06 CDT 2006

In article <uhuu7qUeGHA.3792@TK2MSFTNGP03.phx.gbl>, in the
microsoft.public.security news group, Steven L Umbach <n9rou@n0-spam-
for-me-comcast.net> says...

> I have been using Beta 2
>

Umm, no you haven't as Beta 2 has not been declared nor released yet.
Don't get confused by the UI labels, what has been released so far is
definitely not Beta 2.

--
Paul Adare - MVP Virtual Machines
It all began with Adam. He was the first man to tell a joke--or a lie.
How lucky Adam was. He knew when he said a good thing, nobody had said
it before. Adam was not alone in the Garden of Eden, however, and does
not deserve all the credit; much is due to Eve, the first woman, and
Satan, the first consultant." - Mark Twain
Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Roger

Roger
Wed May 17 08:16:42 CDT 2006

My own feeling is that the jury is (not yet formed but effectively) still
out
on consumer acceptance of the final form of this feature. Once the
behavior is refined for release, AIUI the intent is for people that use an
admin account as their normal login to not imperil their machine by so
doing, and yet when they do activate something that does require use
of their admin privs they will be allowed to do so.
Now, in the current and prior builds many testers do find the feature
to be obnoxious. But then those testers are characteristically doing all
sorts of things that use their admin privs (exploring all the config
settings,
installing components, etc.) so perhaps the current test sample is not
characteristic of the consumer base that will only occassionally be
doing something requiring the elevated privs.

"Imhotep" <imhotep@nospam.com> wrote in message
news:cdqdnZDPy9JX_ffZnZ2dnUVZ_tidnZ2d@adelphia.com...
> "SEATTLE - An annoying surprise awaits 2 million consumers expected to
> enthusiastically step forward in the next few weeks to help Microsoft test
> its new Windows Vista PC operating system.
>
> Volunteers will test Vista Beta 2, a near-final version of the much-hyped
> upgrade of Windows. The testing is the last step leading up to Vista's
> broad consumer release, scheduled for January.
>
> Beta 2 testers can expect to encounter an obtrusive security feature,
> called
> User Account Control (UAC). Designed to prevent intruders from performing
> harmful tasks, the feature grays out the computer screen, then prods you
> to
> confirm that you really want to do certain functions.
>
> In early test versions, the queries crop up so often that they interrupt
> routine tasks, such as changing the time clock or deleting shortcuts. And
> UAC sometimes triggers an endless loop of dialogue boxes that can be
> curtailed only by rebooting, says Paul Thurrott, news editor of Windows IT
> Pro magazine."
>
> http://www.usatoday.com/tech/products/2006-05-15-vista-security_x.htm?csp=34
>
> -- Imhotep


Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Steven

Steven
Wed May 17 11:33:43 CDT 2006

I have been using what shows as Windows Vista Beta 2 Version 6 build 5308.
It sounds like UAC in it will be very similar or the same as that in the
public Beta 2 version. --- Steve


"Paul Adare" <padare@newsguy.com> wrote in message
news:MPG.1ed4912e86638c5c98a14c@msnews.microsoft.com...
> In article <uhuu7qUeGHA.3792@TK2MSFTNGP03.phx.gbl>, in the
> microsoft.public.security news group, Steven L Umbach <n9rou@n0-spam-
> for-me-comcast.net> says...
>
>> I have been using Beta 2
>>
>
> Umm, no you haven't as Beta 2 has not been declared nor released yet.
> Don't get confused by the UI labels, what has been released so far is
> definitely not Beta 2.
>
> --
> Paul Adare - MVP Virtual Machines
> It all began with Adam. He was the first man to tell a joke--or a lie.
> How lucky Adam was. He knew when he said a good thing, nobody had said
> it before. Adam was not alone in the Garden of Eden, however, and does
> not deserve all the credit; much is due to Eve, the first woman, and
> Satan, the first consultant." - Mark Twain


Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Steven

Steven
Wed May 17 11:37:13 CDT 2006

I am not real hopeful. Consider that a lot if not the majority of drivers
will not wear their seat belts which is an action that can save their life
or prevent great bodily harm. Hence we now have air bags that added cost to
the purchase of a car. Consumers are waiting for MS to implement an air bag
in the operating system. --- Steve


"Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
news:e9REqQbeGHA.3792@TK2MSFTNGP03.phx.gbl...
> My own feeling is that the jury is (not yet formed but effectively) still
> out
> on consumer acceptance of the final form of this feature. Once the
> behavior is refined for release, AIUI the intent is for people that use an
> admin account as their normal login to not imperil their machine by so
> doing, and yet when they do activate something that does require use
> of their admin privs they will be allowed to do so.
> Now, in the current and prior builds many testers do find the feature
> to be obnoxious. But then those testers are characteristically doing all
> sorts of things that use their admin privs (exploring all the config
> settings,
> installing components, etc.) so perhaps the current test sample is not
> characteristic of the consumer base that will only occassionally be
> doing something requiring the elevated privs.
>
> "Imhotep" <imhotep@nospam.com> wrote in message
> news:cdqdnZDPy9JX_ffZnZ2dnUVZ_tidnZ2d@adelphia.com...
>> "SEATTLE - An annoying surprise awaits 2 million consumers expected to
>> enthusiastically step forward in the next few weeks to help Microsoft
>> test
>> its new Windows Vista PC operating system.
>>
>> Volunteers will test Vista Beta 2, a near-final version of the much-hyped
>> upgrade of Windows. The testing is the last step leading up to Vista's
>> broad consumer release, scheduled for January.
>>
>> Beta 2 testers can expect to encounter an obtrusive security feature,
>> called
>> User Account Control (UAC). Designed to prevent intruders from performing
>> harmful tasks, the feature grays out the computer screen, then prods you
>> to
>> confirm that you really want to do certain functions.
>>
>> In early test versions, the queries crop up so often that they interrupt
>> routine tasks, such as changing the time clock or deleting shortcuts. And
>> UAC sometimes triggers an endless loop of dialogue boxes that can be
>> curtailed only by rebooting, says Paul Thurrott, news editor of Windows
>> IT
>> Pro magazine."
>>
>> http://www.usatoday.com/tech/products/2006-05-15-vista-security_x.htm?csp=34
>>
>> -- Imhotep
>
>


Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Paul

Paul
Wed May 17 11:48:31 CDT 2006

In article <uMEQq#ceGHA.1276@TK2MSFTNGP03.phx.gbl>, in the
microsoft.public.security news group, Steven L Umbach <n9rou@n0-spam-
for-me-comcast.net> says...

> I have been using what shows as Windows Vista Beta 2 Version 6 build 5308.
> It sounds like UAC in it will be very similar or the same as that in the
> public Beta 2 version.
>

As soon as beta 1 shipped, the UI was changed to indicate Beta 2. As I
said, 5308 is not Beta 2 regardless of what the UI says. Beta releases
have to meet a certain quality bar and they are declared, that is a
build is chosen that meets the quality bar. I can assure you that what
you have is not Beta 2, neither private nor public.

--
Paul Adare - MVP Virtual Machines
It all began with Adam. He was the first man to tell a joke--or a lie.
How lucky Adam was. He knew when he said a good thing, nobody had said
it before. Adam was not alone in the Garden of Eden, however, and does
not deserve all the credit; much is due to Eve, the first woman, and
Satan, the first consultant." - Mark Twain
Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by PA

PA
Wed May 17 13:52:31 CDT 2006

Just to let y'all know that there is a security-specific public Vista
newsgroup: microsoft.public.windows.vista.security
--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org

Steven L Umbach wrote:
> I have been using Beta 2 and have not noticed the severity to the point
> where I have had to reboot the computer.
<snip>

Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by comphelp

comphelp
Wed May 17 14:15:54 CDT 2006

"Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> writes:

> I am not real hopeful. Consider that a lot if not the majority of drivers
> will not wear their seat belts which is an action that can save their life
> or prevent great bodily harm. Hence we now have air bags that added cost to
> the purchase of a car. Consumers are waiting for MS to implement an air bag
> in the operating system. --- Steve

What was especially ironic and stupid about the original air bag
mandate is the paradox that
a) in the US, manufacturers were forced to design to a spect
that would restrain an unbelted passenger
but
b) as we learned through decapitations, blindings, and
maimings, first generation airbags especially those in the
US of the full deployment variety were totally unsafe to an
unbelted occupant too close the steering wheel.

Good times, eh?

That paradox has been corrected with low deployment force bags, and
additions of seat occupancy sensors and defeatable deployment for
passenger side bags, etc. But still, dont' think for a minute that
the airbag mandate doesn't have the grubby paws of the airbag
manufacturer's lobby all over it, and don't think for a moment that
for the same incremental increase in cost of an auto, there aren't
design improvements that would yield more overall safety than an
airbag in every steering column.

At least new cars aren't shipping with bombs in the steering columns
that'd snap grandma in half or pop infants' heads off.

Best Regards,
--
Todd H.
http://www.toddh.net/
Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Unruh

Unruh
Wed May 17 15:52:19 CDT 2006

"Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> writes:

>I am not real hopeful. Consider that a lot if not the majority of drivers
>will not wear their seat belts which is an action that can save their life
>or prevent great bodily harm. Hence we now have air bags that added cost to
>the purchase of a car. Consumers are waiting for MS to implement an air bag
>in the operating system. --- Steve

And if those airbags caused you to have to restart your car four or five
times a day....


>"Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
>news:e9REqQbeGHA.3792@TK2MSFTNGP03.phx.gbl...
>> My own feeling is that the jury is (not yet formed but effectively) still
>> out
>> on consumer acceptance of the final form of this feature. Once the
>> behavior is refined for release, AIUI the intent is for people that use an
>> admin account as their normal login to not imperil their machine by so
>> doing, and yet when they do activate something that does require use
>> of their admin privs they will be allowed to do so.
>> Now, in the current and prior builds many testers do find the feature
>> to be obnoxious. But then those testers are characteristically doing all
>> sorts of things that use their admin privs (exploring all the config
>> settings,
>> installing components, etc.) so perhaps the current test sample is not
>> characteristic of the consumer base that will only occassionally be
>> doing something requiring the elevated privs.
>>
>> "Imhotep" <imhotep@nospam.com> wrote in message
>> news:cdqdnZDPy9JX_ffZnZ2dnUVZ_tidnZ2d@adelphia.com...
>>> "SEATTLE - An annoying surprise awaits 2 million consumers expected to
>>> enthusiastically step forward in the next few weeks to help Microsoft
>>> test
>>> its new Windows Vista PC operating system.
>>>
>>> Volunteers will test Vista Beta 2, a near-final version of the much-hyped
>>> upgrade of Windows. The testing is the last step leading up to Vista's
>>> broad consumer release, scheduled for January.
>>>
>>> Beta 2 testers can expect to encounter an obtrusive security feature,
>>> called
>>> User Account Control (UAC). Designed to prevent intruders from performing
>>> harmful tasks, the feature grays out the computer screen, then prods you
>>> to
>>> confirm that you really want to do certain functions.
>>>
>>> In early test versions, the queries crop up so often that they interrupt
>>> routine tasks, such as changing the time clock or deleting shortcuts. And
>>> UAC sometimes triggers an endless loop of dialogue boxes that can be
>>> curtailed only by rebooting, says Paul Thurrott, news editor of Windows
>>> IT
>>> Pro magazine."
>>>
>>> http://www.usatoday.com/tech/products/2006-05-15-vista-security_x.htm?csp=34
>>>
>>> -- Imhotep
>>
>>


Top

Re: Security feature in Microsoft's new Windows (Vista) could drive by Joe

Joe
Wed May 17 20:39:58 CDT 2006

I concur with Paul, I am running 5365 and it isn't beta 2 because I keep getting
told by MSFT that bugs I have been reporting in 5365 (and 5342 before that) are
now corrected in B2. :)


--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm



Paul Adare wrote:
> In article <uMEQq#ceGHA.1276@TK2MSFTNGP03.phx.gbl>, in the
> microsoft.public.security news group, Steven L Umbach <n9rou@n0-spam-
> for-me-comcast.net> says...
>
>> I have been using what shows as Windows Vista Beta 2 Version 6 build 5308.
>> It sounds like UAC in it will be very similar or the same as that in the
>> public Beta 2 version.
>>
>
> As soon as beta 1 shipped, the UI was changed to indicate Beta 2. As I
> said, 5308 is not Beta 2 regardless of what the UI says. Beta releases
> have to meet a certain quality bar and they are declared, that is a
> build is chosen that meets the quality bar. I can assure you that what
> you have is not Beta 2, neither private nor public.
>
Top

Re: Security feature in Microsoft's new Windows (Vista) could drive by Joe

Joe
Wed May 17 20:43:19 CDT 2006

I agree, it is annoying but the folks using it right now are doing all sorts of
things they may not be doing after they have it running for a month or two and
are "stable". I noticed that the UAC was pissing me right off until all of a
sudden I didn't reload the machine for a week or so and I realized I went a day
or two without seeing it at all because I was just using the machine after I had
stabilized.... Getting through that few days though is going to be trying for
some folks.

And honestly, I almost got to the point when reloading a lot where I wasn't even
looking at the prompts anymore and I was just clicking. At that point, it has
completely lost its effectiveness as a security feature.


--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm



Roger Abell [MVP] wrote:
> My own feeling is that the jury is (not yet formed but effectively) still
> out
> on consumer acceptance of the final form of this feature. Once the
> behavior is refined for release, AIUI the intent is for people that use an
> admin account as their normal login to not imperil their machine by so
> doing, and yet when they do activate something that does require use
> of their admin privs they will be allowed to do so.
> Now, in the current and prior builds many testers do find the feature
> to be obnoxious. But then those testers are characteristically doing all
> sorts of things that use their admin privs (exploring all the config
> settings,
> installing components, etc.) so perhaps the current test sample is not
> characteristic of the consumer base that will only occassionally be
> doing something requiring the elevated privs.
>
> "Imhotep" <imhotep@nospam.com> wrote in message
> news:cdqdnZDPy9JX_ffZnZ2dnUVZ_tidnZ2d@adelphia.com...
>> "SEATTLE - An annoying surprise awaits 2 million consumers expected to
>> enthusiastically step forward in the next few weeks to help Microsoft test
>> its new Windows Vista PC operating system.
>>
>> Volunteers will test Vista Beta 2, a near-final version of the much-hyped
>> upgrade of Windows. The testing is the last step leading up to Vista's
>> broad consumer release, scheduled for January.
>>
>> Beta 2 testers can expect to encounter an obtrusive security feature,
>> called
>> User Account Control (UAC). Designed to prevent intruders from performing
>> harmful tasks, the feature grays out the computer screen, then prods you
>> to
>> confirm that you really want to do certain functions.
>>
>> In early test versions, the queries crop up so often that they interrupt
>> routine tasks, such as changing the time clock or deleting shortcuts. And
>> UAC sometimes triggers an endless loop of dialogue boxes that can be
>> curtailed only by rebooting, says Paul Thurrott, news editor of Windows IT
>> Pro magazine."
>>
>> http://www.usatoday.com/tech/products/2006-05-15-vista-security_x.htm?csp=34
>>
>> -- Imhotep
>
>
Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Steven

Steven
Wed May 17 20:45:24 CDT 2006

Wow you know a lot about air bags and that is all very interesting. I chalk
up such to the law of unintended consequences in our government's never
ending pursuit to protect us from ourselves. I don't have all the details
but I understand that the government forced the gasoline produces to include
an additive that is supposed to reduce air pollution a while back but a few
years later they found that it was polluting water and the ground big time
and they wanted the oil companies to spend gazillions of dollars to clean
that up. My favorite is the banning of handguns in the city of Chicago to
make it safer. Well what happened is that Chicago is more violent then ever
since only criminals have handguns now and have no fear of the law abiding
citizen. Will they ever learn?? --- Steve



"Todd H." <comphelp@toddh.net> wrote in message
news:84ves48nth.fsf@ripco.com...
> "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> writes:
>
>> I am not real hopeful. Consider that a lot if not the majority of drivers
>> will not wear their seat belts which is an action that can save their
>> life
>> or prevent great bodily harm. Hence we now have air bags that added cost
>> to
>> the purchase of a car. Consumers are waiting for MS to implement an air
>> bag
>> in the operating system. --- Steve
>
> What was especially ironic and stupid about the original air bag
> mandate is the paradox that
> a) in the US, manufacturers were forced to design to a spect
> that would restrain an unbelted passenger
> but
> b) as we learned through decapitations, blindings, and
> maimings, first generation airbags especially those in the
> US of the full deployment variety were totally unsafe to an
> unbelted occupant too close the steering wheel.
>
> Good times, eh?
>
> That paradox has been corrected with low deployment force bags, and
> additions of seat occupancy sensors and defeatable deployment for
> passenger side bags, etc. But still, dont' think for a minute that
> the airbag mandate doesn't have the grubby paws of the airbag
> manufacturer's lobby all over it, and don't think for a moment that
> for the same incremental increase in cost of an auto, there aren't
> design improvements that would yield more overall safety than an
> airbag in every steering column.
>
> At least new cars aren't shipping with bombs in the steering columns
> that'd snap grandma in half or pop infants' heads off.
>
> Best Regards,
> --
> Todd H.
> http://www.toddh.net/


Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Roger

Roger
Thu May 18 00:14:59 CDT 2006


"Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
news:OOJt6yheGHA.1856@TK2MSFTNGP03.phx.gbl...
<snip>
> Will they ever learn?? --- Steve
>
not so long as they have self-believe in self-superiority of judgement
and a low opinion of others' sensibilities
--
ra


Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Roger

Roger
Thu May 18 00:24:22 CDT 2006

Perhaps we have hit on something to suggest Joe.
A temporary UAC suspend - say for 24 hours at a wack.
People are going to find the trick to shut if off, at least the
more power users are, and then it is off until reenabled.
So, what if during inital config, times of extensive admin use,
etc., there was a suspend UAC for x hours ??

I have noticed that with 5381.1 it is less annoying than when I
first started experiencing it, at 5308 or whatever build that was.
Perhaps it is less invasive, but I tend to believe it is that I am
becoming more accustomed to it and also that I have to do less
hunting to find where things have been hidden (or omitted).

I still believe that if people who do run as an admin just get over
the hump of inital config, then they will not that often see the
prompting. At that point UAC is only a good thing, as they are
running as a limited user.


"Joe Richards [MVP]" <humorexpress@hotmail.com> wrote in message
news:%23n9gxxheGHA.3484@TK2MSFTNGP04.phx.gbl...
>I agree, it is annoying but the folks using it right now are doing all
>sorts of things they may not be doing after they have it running for a
>month or two and are "stable". I noticed that the UAC was pissing me right
>off until all of a sudden I didn't reload the machine for a week or so and
>I realized I went a day or two without seeing it at all because I was just
>using the machine after I had stabilized.... Getting through that few days
>though is going to be trying for some folks.
>
> And honestly, I almost got to the point when reloading a lot where I
> wasn't even looking at the prompts anymore and I was just clicking. At
> that point, it has completely lost its effectiveness as a security
> feature.
>
>
> --
> Joe Richards Microsoft MVP Windows Server Directory Services
> Author of O'Reilly Active Directory Third Edition
> www.joeware.net
>
>
> ---O'Reilly Active Directory Third Edition now available---
>
> http://www.joeware.net/win/ad3e.htm
>
>
>
> Roger Abell [MVP] wrote:
>> My own feeling is that the jury is (not yet formed but effectively) still
>> out
>> on consumer acceptance of the final form of this feature. Once the
>> behavior is refined for release, AIUI the intent is for people that use
>> an
>> admin account as their normal login to not imperil their machine by so
>> doing, and yet when they do activate something that does require use
>> of their admin privs they will be allowed to do so.
>> Now, in the current and prior builds many testers do find the feature
>> to be obnoxious. But then those testers are characteristically doing all
>> sorts of things that use their admin privs (exploring all the config
>> settings,
>> installing components, etc.) so perhaps the current test sample is not
>> characteristic of the consumer base that will only occassionally be
>> doing something requiring the elevated privs.
>>
>> "Imhotep" <imhotep@nospam.com> wrote in message
>> news:cdqdnZDPy9JX_ffZnZ2dnUVZ_tidnZ2d@adelphia.com...
>>> "SEATTLE - An annoying surprise awaits 2 million consumers expected to
>>> enthusiastically step forward in the next few weeks to help Microsoft
>>> test
>>> its new Windows Vista PC operating system.
>>>
>>> Volunteers will test Vista Beta 2, a near-final version of the
>>> much-hyped
>>> upgrade of Windows. The testing is the last step leading up to Vista's
>>> broad consumer release, scheduled for January.
>>>
>>> Beta 2 testers can expect to encounter an obtrusive security feature,
>>> called
>>> User Account Control (UAC). Designed to prevent intruders from
>>> performing
>>> harmful tasks, the feature grays out the computer screen, then prods you
>>> to
>>> confirm that you really want to do certain functions.
>>>
>>> In early test versions, the queries crop up so often that they interrupt
>>> routine tasks, such as changing the time clock or deleting shortcuts.
>>> And
>>> UAC sometimes triggers an endless loop of dialogue boxes that can be
>>> curtailed only by rebooting, says Paul Thurrott, news editor of Windows
>>> IT
>>> Pro magazine."
>>>
>>> http://www.usatoday.com/tech/products/2006-05-15-vista-security_x.htm?csp=34
>>>
>>> -- Imhotep
>>

Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Existentialist

Existentialist
Thu May 18 08:33:14 CDT 2006


"Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
news:OOJt6yheGHA.1856@TK2MSFTNGP03.phx.gbl...
> Wow you know a lot about air bags and that is all very interesting. I
> chalk up such to the law of unintended consequences in our government's
> never ending pursuit to protect us from ourselves. I don't have all the
> details but I understand that the government forced the gasoline produces
> to include an additive that is supposed to reduce air pollution a while
> back but a few years later they found that it was polluting water and the
> ground big time and they wanted the oil companies to spend gazillions of
> dollars to clean that up. My favorite is the banning of handguns in the
> city of Chicago to make it safer. Well what happened is that Chicago is
> more violent then ever since only criminals have handguns now and have no
> fear of the law abiding citizen. Will they ever learn?? --- Steve

Care to share any independent and unbiased cites on your assertion of the
rise of violence in Chicago as it correlates to a handgun ban?

--
Ex



Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Paul

Paul
Thu May 18 09:44:22 CDT 2006

In article <OqRaWAoeGHA.4720@TK2MSFTNGP03.phx.gbl>, in the
microsoft.public.security news group, Existentialist
<meursault@thebeach.invalid> says...

> Care to share any independent and unbiased cites on your assertion of the
> rise of violence in Chicago as it correlates to a handgun ban?
>

How about not, and if you want to debate gun control you both find a
news group or other forum where that is an appropriate topic for
discussion because this sure ain't it.

--
Paul Adare - MVP Virtual Machines
It all began with Adam. He was the first man to tell a joke--or a lie.
How lucky Adam was. He knew when he said a good thing, nobody had said
it before. Adam was not alone in the Garden of Eden, however, and does
not deserve all the credit; much is due to Eve, the first woman, and
Satan, the first consultant." - Mark Twain
Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by mae

mae
Thu May 18 15:15:09 CDT 2006


"Existentialist" <meursault@thebeach.invalid> wrote in message
news:OqRaWAoeGHA.4720@TK2MSFTNGP03.phx.gbl...
|
| "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
| news:OOJt6yheGHA.1856@TK2MSFTNGP03.phx.gbl...
| > Wow you know a lot about air bags and that is all very interesting. I
| > chalk up such to the law of unintended consequences in our government's
| > never ending pursuit to protect us from ourselves. I don't have all the
| > details but I understand that the government forced the gasoline
produces
| > to include an additive that is supposed to reduce air pollution a while
| > back but a few years later they found that it was polluting water and
the
| > ground big time and they wanted the oil companies to spend gazillions of
| > dollars to clean that up. My favorite is the banning of handguns in the
| > city of Chicago to make it safer. Well what happened is that Chicago is
| > more violent then ever since only criminals have handguns now and have
no
| > fear of the law abiding citizen. Will they ever learn?? --- Steve
|
| Care to share any independent and unbiased cites on your assertion of the
| rise of violence in Chicago as it correlates to a handgun ban?
|
| --
| Ex

Aggravated batteries committed with guns were down by 6percent last year.
The ordinance entails more than just the handgun ban.
See City of Chicago egov.
--
mae

Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Kevin

Kevin
Thu May 18 21:04:08 CDT 2006


"Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
news:%236AMnAdeGHA.3348@TK2MSFTNGP03.phx.gbl...
>I am not real hopeful. Consider that a lot if not the majority of drivers
>will not wear their seat belts which is an action that can save their life
>or prevent great bodily harm. Hence we now have air bags that added cost to
>the purchase of a car. Consumers are waiting for MS to implement an air bag
>in the operating system. --- Steve

Because people are idiots and will not wear a seat belt is not the reason
there are also air bags in cars these days. Air bags provide additional
driver and passenger protection. They require the use of the seat belt as
an integrated safety system. An air bag will not provide the required
protection if the driver and/or passenger is flying around the cabin of the
vehicle because they did not wear their seat belt.

Yes, the addition of air bags does incur added cost to the vehicle. So does
the inclusion of a heater, air conditioner, radio and storage compartments.

As to the level of annoyance that consumers will feel if they purchase
Windows Vista, if and when it is made available, it will be no greater than
the level of annoyance felt when Windows 98 was released. The problem will
be that the operating system in its full-featured form will be so taxing on
a middle tier system that people will feel ripped off. It will be, of
course, their own fault for not reading the system specifications that will
ship with each version of Vista.

If you want to run the top version of the Vista OS, get the biggest,
baddest, fastest computer your money can buy. Personally, I'm happy with XP
the way it is. I don't need to be able to see through desktop icons or
windows.
>
>
> "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
> news:e9REqQbeGHA.3792@TK2MSFTNGP03.phx.gbl...
>> My own feeling is that the jury is (not yet formed but effectively) still
>> out
>> on consumer acceptance of the final form of this feature. Once the
>> behavior is refined for release, AIUI the intent is for people that use
>> an
>> admin account as their normal login to not imperil their machine by so
>> doing, and yet when they do activate something that does require use
>> of their admin privs they will be allowed to do so.
>> Now, in the current and prior builds many testers do find the feature
>> to be obnoxious. But then those testers are characteristically doing all
>> sorts of things that use their admin privs (exploring all the config
>> settings,
>> installing components, etc.) so perhaps the current test sample is not
>> characteristic of the consumer base that will only occassionally be
>> doing something requiring the elevated privs.
>>
>> "Imhotep" <imhotep@nospam.com> wrote in message
>> news:cdqdnZDPy9JX_ffZnZ2dnUVZ_tidnZ2d@adelphia.com...
>>> "SEATTLE - An annoying surprise awaits 2 million consumers expected to
>>> enthusiastically step forward in the next few weeks to help Microsoft
>>> test
>>> its new Windows Vista PC operating system.
>>>
>>> Volunteers will test Vista Beta 2, a near-final version of the
>>> much-hyped
>>> upgrade of Windows. The testing is the last step leading up to Vista's
>>> broad consumer release, scheduled for January.
>>>
>>> Beta 2 testers can expect to encounter an obtrusive security feature,
>>> called
>>> User Account Control (UAC). Designed to prevent intruders from
>>> performing
>>> harmful tasks, the feature grays out the computer screen, then prods you
>>> to
>>> confirm that you really want to do certain functions.
>>>
>>> In early test versions, the queries crop up so often that they interrupt
>>> routine tasks, such as changing the time clock or deleting shortcuts.
>>> And
>>> UAC sometimes triggers an endless loop of dialogue boxes that can be
>>> curtailed only by rebooting, says Paul Thurrott, news editor of Windows
>>> IT
>>> Pro magazine."
>>>
>>> http://www.usatoday.com/tech/products/2006-05-15-vista-security_x.htm?csp=34
>>>
>>> -- Imhotep
>>
>>
>
>


Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by PA

PA
Thu May 18 21:56:53 CDT 2006

Could y'all do us a favor and please eliminate the excessive/needless
crossposting, especially to IE.Security? Thank you.
--
~PA Bear

<snip>

Top

Re: Security feature in Microsoft's new Windows (Vista) could drive by Joe

Joe
Fri May 19 10:09:53 CDT 2006

Yeah that sounds like a good suggestion, maybe when it first pops up after an
install it asks if you want to suspend for a day or two for the initial build
up. Course bad things could still get through, but that is the same as if they
turned it off permanently and maybe doing it this way the benefit comes back
instead of being always off.

I haven't tried it (note to self for the weekend testing), if I use runas or my
cpau if the newly spawned window is also impacted by UAC. If it wasn't, that
would be handy because then I just spawn a new command prompt with those rights
and the UAC doesn't pop up for anything I do from there...



--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm



Roger Abell [MVP] wrote:
> Perhaps we have hit on something to suggest Joe.
> A temporary UAC suspend - say for 24 hours at a wack.
> People are going to find the trick to shut if off, at least the
> more power users are, and then it is off until reenabled.
> So, what if during inital config, times of extensive admin use,
> etc., there was a suspend UAC for x hours ??
>
> I have noticed that with 5381.1 it is less annoying than when I
> first started experiencing it, at 5308 or whatever build that was.
> Perhaps it is less invasive, but I tend to believe it is that I am
> becoming more accustomed to it and also that I have to do less
> hunting to find where things have been hidden (or omitted).
>
> I still believe that if people who do run as an admin just get over
> the hump of inital config, then they will not that often see the
> prompting. At that point UAC is only a good thing, as they are
> running as a limited user.
>
>
> "Joe Richards [MVP]" <humorexpress@hotmail.com> wrote in message
> news:%23n9gxxheGHA.3484@TK2MSFTNGP04.phx.gbl...
>> I agree, it is annoying but the folks using it right now are doing all
>> sorts of things they may not be doing after they have it running for a
>> month or two and are "stable". I noticed that the UAC was pissing me right
>> off until all of a sudden I didn't reload the machine for a week or so and
>> I realized I went a day or two without seeing it at all because I was just
>> using the machine after I had stabilized.... Getting through that few days
>> though is going to be trying for some folks.
>>
>> And honestly, I almost got to the point when reloading a lot where I
>> wasn't even looking at the prompts anymore and I was just clicking. At
>> that point, it has completely lost its effectiveness as a security
>> feature.
>>
>>
>> --
>> Joe Richards Microsoft MVP Windows Server Directory Services
>> Author of O'Reilly Active Directory Third Edition
>> www.joeware.net
>>
>>
>> ---O'Reilly Active Directory Third Edition now available---
>>
>> http://www.joeware.net/win/ad3e.htm
>>
>>
>>
>> Roger Abell [MVP] wrote:
>>> My own feeling is that the jury is (not yet formed but effectively) still
>>> out
>>> on consumer acceptance of the final form of this feature. Once the
>>> behavior is refined for release, AIUI the intent is for people that use
>>> an
>>> admin account as their normal login to not imperil their machine by so
>>> doing, and yet when they do activate something that does require use
>>> of their admin privs they will be allowed to do so.
>>> Now, in the current and prior builds many testers do find the feature
>>> to be obnoxious. But then those testers are characteristically doing all
>>> sorts of things that use their admin privs (exploring all the config
>>> settings,
>>> installing components, etc.) so perhaps the current test sample is not
>>> characteristic of the consumer base that will only occassionally be
>>> doing something requiring the elevated privs.
>>>
>>> "Imhotep" <imhotep@nospam.com> wrote in message
>>> news:cdqdnZDPy9JX_ffZnZ2dnUVZ_tidnZ2d@adelphia.com...
>>>> "SEATTLE - An annoying surprise awaits 2 million consumers expected to
>>>> enthusiastically step forward in the next few weeks to help Microsoft
>>>> test
>>>> its new Windows Vista PC operating system.
>>>>
>>>> Volunteers will test Vista Beta 2, a near-final version of the
>>>> much-hyped
>>>> upgrade of Windows. The testing is the last step leading up to Vista's
>>>> broad consumer release, scheduled for January.
>>>>
>>>> Beta 2 testers can expect to encounter an obtrusive security feature,
>>>> called
>>>> User Account Control (UAC). Designed to prevent intruders from
>>>> performing
>>>> harmful tasks, the feature grays out the computer screen, then prods you
>>>> to
>>>> confirm that you really want to do certain functions.
>>>>
>>>> In early test versions, the queries crop up so often that they interrupt
>>>> routine tasks, such as changing the time clock or deleting shortcuts.
>>>> And
>>>> UAC sometimes triggers an endless loop of dialogue boxes that can be
>>>> curtailed only by rebooting, says Paul Thurrott, news editor of Windows
>>>> IT
>>>> Pro magazine."
>>>>
>>>> http://www.usatoday.com/tech/products/2006-05-15-vista-security_x.htm?csp=34
>>>>
>>>> -- Imhotep
>
Top

Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts by Roger

Roger
Sat May 20 18:40:59 CDT 2006

It would be interesting if you could control in your cpau so that the
token did not get restricted, and I find it dumb if it does restrict when
someone has conciously used runas to get an admin session . . .

After thinking some I believe the suggestion should be to provide a
"suspend for remainder of this login" button and have a time limiter
of say a day for those like myself that customarily hibernate a client.

Roger

"Joe Richards [MVP]" <humorexpress@hotmail.com> wrote in message
news:OfoUJZ1eGHA.4948@TK2MSFTNGP04.phx.gbl...
> Yeah that sounds like a good suggestion, maybe when it first pops up after
> an install it asks if you want to suspend for a day or two for the initial
> build up. Course bad things could still get through, but that is the same
> as if they turned it off permanently and maybe doing it this way the
> benefit comes back instead of being always off.
>
> I haven't tried it (note to self for the weekend testing), if I use runas
> or my cpau if the newly spawned window is also impacted by UAC. If it
> wasn't, that would be handy because then I just spawn a new command prompt
> with those rights and the UAC doesn't pop up for anything I do from
> there...
>
>
>
> --
> Joe Richards Microsoft MVP Windows Server Directory Services
> Author of O'Reilly Active Directory Third Edition
> www.joeware.net
>
>
> ---O'Reilly Active Directory Third Edition now available---
>
> http://www.joeware.net/win/ad3e.htm
>
>
>
> Roger Abell [MVP] wrote:
>> Perhaps we have hit on something to suggest Joe.
>> A temporary UAC suspend - say for 24 hours at a wack.
>> People are going to find the trick to shut if off, at least the
>> more power users are, and then it is off until reenabled.
>> So, what if during inital config, times of extensive admin use,
>> etc., there was a suspend UAC for x hours ??
>>
>> I have noticed that with 5381.1 it is less annoying than when I
>> first started experiencing it, at 5308 or whatever build that was.
>> Perhaps it is less invasive, but I tend to believe it is that I am
>> becoming more accustomed to it and also that I have to do less
>> hunting to find where things have been hidden (or omitted).
>>
>> I still believe that if people who do run as an admin just get over
>> the hump of inital config, then they will not that often see the
>> prompting. At that point UAC is only a good thing, as they are
>> running as a limited user.
>>
>>
>> "Joe Richards [MVP]" <humorexpress@hotmail.com> wrote in message
>> news:%23n9gxxheGHA.3484@TK2MSFTNGP04.phx.gbl...
>>> I agree, it is annoying but the folks using it right now are doing all
>>> sorts of things they may not be doing after they have it running for a
>>> month or two and are "stable". I noticed that the UAC was pissing me
>>> right off until all of a sudden I didn't reload the machine for a week
>>> or so and I realized I went a day or two without seeing it at all
>>> because I was just using the machine after I had stabilized.... Getting
>>> through that few days though is going to be trying for some folks.
>>>
>>> And honestly, I almost got to the point when reloading a lot where I
>>> wasn't even looking at the prompts anymore and I was just clicking. At
>>> that point, it has completely lost its effectiveness as a security
>>> feature.
>>>
>>>
>>> --
>>> Joe Richards Microsoft MVP Windows Server Directory Services
>>> Author of O'Reilly Active Directory Third Edition
>>> www.joeware.net
>>>
>>>
>>> ---O'Reilly Active Directory Third Edition now available---
>>>
>>> http://www.joeware.net/win/ad3e.htm
>>>
>>>
>>>
>>> Roger Abell [MVP] wrote:
>>>> My own feeling is that the jury is (not yet formed but effectively)
>>>> still out
>>>> on consumer acceptance of the final form of this feature. Once the
>>>> behavior is refined for release, AIUI the intent is for people that use
>>>> an
>>>> admin account as their normal login to not imperil their machine by so
>>>> doing, and yet when they do activate something that does require use
>>>> of their admin privs they will be allowed to do so.
>>>> Now, in the current and prior builds many testers do find the feature
>>>> to be obnoxious. But then those testers are characteristically doing
>>>> all
>>>> sorts of things that use their admin privs (exploring all the config
>>>> settings,
>>>> installing components, etc.) so perhaps the current test sample is not
>>>> characteristic of the consumer base that will only occassionally be
>>>> doing something requiring the elevated privs.
>>>>
>>>> "Imhotep" <imhotep@nospam.com> wrote in message
>>>> news:cdqdnZDPy9JX_ffZnZ2dnUVZ_tidnZ2d@adelphia.com...
>>>>> "SEATTLE - An annoying surprise awaits 2 million consumers expected to
>>>>> enthusiastically step forward in the next few weeks to help Microsoft
>>>>> test
>>>>> its new Windows Vista PC operating system.
>>>>>
>>>>> Volunteers will test Vista Beta 2, a near-final version of the
>>>>> much-hyped
>>>>> upgrade of Windows. The testing is the last step leading up to Vista's
>>>>> broad consumer release, scheduled for January.
>>>>>
>>>>> Beta 2 testers can expect to encounter an obtrusive security feature,
>>>>> called
>>>>> User Account Control (UAC). Designed to prevent intruders from
>>>>> performing
>>>>> harmful tasks, the feature grays out the computer screen, then prods
>>>>> you to
>>>>> confirm that you really want to do certain functions.
>>>>>
>>>>> In early test versions, the queries crop up