Hacker News new | ask | show | jobs
by dc3k 3066 days ago
UAC limits software to user privileges, even if you're running an administrator account. If you're running an administrator account, you just click YES in a popup to grant elevated privileges when they're requested. If you're running a user account, you enter an administrator password. Disabling UAC lets anything you run use administrator privileges without alerting you. Similar to running a Linux box as root. It's a really stupid thing to disable.
2 comments
midnitewarrior 3066 days ago
It may be stupid depending on what you are doing, and how savvy a user you are.

The problem with UAC is that 90% of users have no idea when it would be necessay to click "no" when that dialog box shows up. For them, it's the box that always annoys you and you have to just click "yes" to make it go away.

I understand what it's supposed to do, but have had it disabled since it was released, and have saved hours of task interruption it in exchange for no other problems.

link
zamalek 3066 days ago
> how savvy a user you are.

I strongly disagree with that caveat. As a savvy user, UAC behaves like a burglar alarm for me. I am not savvy enough to open a 7z, PDF, JPG or DOCX in a hex editor and determine whether it contains an exploit. Even if I were alone on the planet due to the ability to do so, I wouldn't have the time to do anything else. Because I have UAC enabled, if I open a zip file and get a UAC prompt I know that something is fishy.

There are known unknowns and your savvy is perfectly suitable for that; however, your savvy won't help at all for the unknown unknowns. Double-clicking an .exe isn't the only way to get pwnd.

> you have to just click "yes" to make it go away.

Exactly, UAC doesn't really work for non-savvy users. In which case, who is the target audience?

link
tonyedgecombe 3066 days ago
My gut reaction was disabling it is rather silly but then again I can't remember ever clicking No for security reasons.
link
krisdol 3066 days ago
It’s also a popup that comes up several times every week or even day on windows. Really wish it was easier for apps on windows to run in user mode only and stick to it, but it seems like everything needs UAC on a regular basis for one reason or another.
link
pjmlp 3066 days ago
That reason is developer incompetence.

MSDN is full of posts and articles how to be a nice guy and run as user, unless of course the application needs to do some low system level calls.

And even then, there are ways to split the architecture between privilege levels.

link