Windows Vista® - A Look Ahead  

Cloudeight InfoAve Premium - Feature

A Look Ahead - Windows® Vista® - The Next Generation of Windows®

Windows Vista's User Account Control (UAC)

One of the most significant changes in Windows Vista over any previous version of Windows is called "User Account Control" (UAC). UAC is an alternative to the way many people currently use Windows (XP) which is as administrators. Running your computer as an administrator gives you the right to change settings and install programs. The problem with that is that it makes Windows XP PCs more susceptible to undetected installation of spyware and other malicious programs. In other words, it's easy to "sneak a program" on a computer being run by an administrator with "administrator privileges".

Windows Vista's User Account Control (UAC) is based on a standard mode designed to prevent the installation of programs -- including unwanted software -- unless the user specifically grants permission. And if the user is not logged on as an adminstrator, he/she will have to enter a password to elevate to administrator status. Simply put: adminstrator status in Windows XP gives you the right to do anything you please on your computer, carte blanche. Administrator status on Windows Vista, does not. Because Vista uses UAC, you have to specifically authorize each installation via popup window:

Windows Vista® - A Look Ahead

Basically what UAC does is temporarily elevate your user status to something akin to a "super adminstrator" - granting you temporary permission to install software and/or change settings.  The key is that this temporary elevation of status doesn't require logging out of the PC and back in as a higher-level administrator. This is exactly why everyone we know runs Windows XP as an administrator - because if you ran Windows XP as a "standard user" (i.e. not an administrator) then you would be required to logout and log back in, just to install  programs or make settings changes. And, by the time you did all that you'd probably forget what the heck you were going to install or change anyway. So, Windows Vista gets around this by elevating your status from "ordinary administrator" to "super administrator" (these are our terms for simplicity - not official terms) which allow you to install programs and change settings, etc. without logging out and logging back in. And soon as you're done doing the installation or setting changes, you're demoted back to lower user status.

Some experts call it one of the most important changes in Windows Vista. Yes, but we see in our crystal ball that down the road having something pop up in your face every time you make any changes to your computer or want to install a program is going to get very annoying. Here's the problem we can foresee with UAC: After you've seen about 10,000 of these UAC warnings, you're not going to read them- you're going to grow so use to clicking "Continue" that, in the end, if you're not careful, you will take the chance of installing something you don't really want anyway. This would defeat the purpose of UAC.

Right now, in our opinion, there are too many of these UAC dialog boxes popping up. Everything you do, in Vista, seems to require a temporary elevation in user status. For instance, one would think that Microsoft would trust Microsoft Windows Update, right? Wrong. You get a warning that Windows Update is trying to install something on your computer (DUH! Yes a Windows Update!). You can't even drag a file from the desktop to a folder without one of these warnings popping up. How many spyware/adware/malware programs drag files across you desktop. Come on! Security is nice, but it ought to at least make sense.

Microsoft needs to use better judgment here. If we cannot trust the company that makes the operating system, who can we trust? If we cannot drag and drop files without a UAC dialog popping up in our faces, then something isn't quite right. Microsoft needs to do away with some of the UAC dialogs or there's going to be so many of them popping up that people will just start ignoring them - and click "continue" without thinking. And that is going to defeat the purpose of UAC.

Although the 'standard' user in Windows Vista will have more direct control over more settings than a 'standard' user in Windows XP,  Vista requires elevated privileges for many setting changes and all software installations and this means more User Account Control pop-ups. After a few months of testing Vista, we can tell you this gets totally annoying. And it looks like Microsoft is finally getting the word that this sort of pop-up overkill might kill consumer desire to upgrade to Windows Vista (that is if the extremely high minimum requirements just to run Vista don't kill it first).

Microsoft says it has been responding to feedback from testers to reduce the number of User Account Control interruptions. "Our goal is that, once the PC is set up and people are using it on a daily basis, the prompts will be nearly invisible to them," said Jim Hahn, a product manager in Microsoft's Windows division. Is that really what they mean? Does Microsoft want these warning to become as invisible to the user as the current "Download" warnings displayed by browsers every time you download a file? How many people really pay attention to them after they've seen these same warnings 50,000 times? I hope that's not what Microsoft really meant - that they want people to get so used to these UAC warnings that they become "invisible" to Vista's users.

And, UAC is not the only big change in Windows Vista. Here are some of the others:

Internet Explorer 7 runs in a "protected mode" which is meant to stop Websites and attackers from using Internet Explorer to install unwanted software or change settings. Here again, you'll have to also deal with User Account Control popups as well as IE7 warnings. Warnings, warnings, warnings. How many warnings will we see before we start ignoring them. That's a big problem Microsoft faces as it tries to shore-up security. Microsoft has always put convenience ahead of security until recently. Can you blame them? They were giving people what the people wanted: a convenient, easy-to-use operating system. Now, Microsoft has no choice. It has been blasted ad nauseum for Windows inherent lack of security and its focus on ease-of-use and convenience. We're all going to have to get use to a different way of doing things - even if we continue to stick with Windows XP. Sometime in the future, MS will issue Service Pack 3 for Windows XP and when they do you can bet it will include some of the security features of Windows Vista.

Vista incorporates anti-spyware protections into Vista (Windows Defender). That's in addition to the new anti-virus and maintenance services that Microsoft is selling on a stand-alone basis, competing with existing security vendors such as Symantec, Zonelabs, Computer Associates, McAfee, Webroot, PC Tools, and Sunbelt. Personally, I think Windows Defender is desperately lacking. It doesn't detect much adware and adware can consume system resources faster than Wimpy can consume a hambuger.

Other changes in Windows Vista are not so visible. Like a new technique to make it harder to exploit what's known as a buffer overrun -- a common problem caused by a program trying to write more data than it should to a temporary holding space in the computer's memory. The new technique loads the system code into totally random places in memory, making it tougher to find weaknesses to exploit. This is known as "Address Space Layout Randomization". It's not new and not unique. It's been around awhile and has been used in various flavors of the Linux operating system.

Windows Vista is the first version of Windows to be developed completely under the "Trustworthy Computing Initiative", announced by Bill Gates in early 2002, then reeling from a series of high-profile security vulnerabilities and exploits.

And, even with all the changes in Windows Vista,  security will be an ongoing challenge. Hackers and miscreants are not just going to throw their hands up and say: "Well, we'll have to go out and get real jobs now, Windows Vista whooped us good."  We all know when Windows Vista is final and becomes "the" current Windows version - as is being installed on almost every new PC being built, hackers, evil-doers and miscreants will be finding ways break down its security. This should remind us that no matter what security programs you have installed; no matter which version of Windows you're using or will be using; not matter how many anti-badware software programs you have installed - nothing will ever protect you as well as that gray matter you have between your ears and good old common sense. Keep that thought in your mind whenever you're using a computer connected to the Internet and you'll be a lot safer than those who rely on software alone to protect them.

Next time in our Vista series? Who knows? Something good though :)


Save 20% On PC Tool's Award-Winning Spyware Doctor
It's the spyware protection we use on our personal PCs


  Our favorite program of all-time! Roboform. Get the free version now!

Cloudeight Start Page | Cloudeight Home Page  |  Close This Window