beta @ amanzi

I’ve been testing out both the RC1 and the more recent 5728 build and I like what I’m seeing. There’s still a lot of fit-and-finish work that needs to be done, but that’s to be expected with beta software. The only real problem I have with Vista is the way that User Account Control (UAC) has been implemented.

I like the theory behind UAC – it allows me to safely operate as a local admin without opening myself up to attacks from malware. Microsoft’s overview is:

The main goal of User Account Control is to reduce the exposure and attack surface of the operating system by requiring that all users run in standard user mode. This limitation minimizes the ability for users to make changes that could destabilize their computers or inadvertently expose the network to viruses through undetected malware that has infected their computer.

It all sounds good, but there are two fundamental flaws with the way it has been implemented in Vista.

Too Frequent Prompts

RC1 introduced huge improvements over the beta 2 and CTP builds but there are still too many prompts. The problem with this is that you become desensitized to the prompts and you end up clicking haphazardly without even thinking about what you’re being prompted with. Try installing some software, there’s a good chance you’ll get at least two UAC prompts. And just during day to day use you’ll get prompts popping up for seemingly innocent tasks – even activating Windows requires elevated privileges.

UAC also rears its head in some other strange places. I spend a lot of time at the command prompt and it’s difficult to perform administrative tasks such as “ipconfig /release” – the “renew” command doesn’t require elevations however.

The frequent and/or random prompts that appear, soon leave you wanting to switch off UAC, and this leads to the next problem.

All or Nothing Security

So there will come a time where you will make a conscious decision to turn UAC off. Fortunately Microsoft have given us the ability to disable UAC. This can be accessed through the user properties in the control panel and requires a reboot to complete the change. Now when you log in you’re greeted with the dreaded, red, security shield in the taskbar indicating that there is a serious problem. So you head to the Security Center to investigate…

The Security Center is designed to help users by providing a quick look at the most common security-related settings such as anti-virus software, firewall, automatic updates, and spyware protection. As you can see from the screenshot below, there’s a notification that UAC is off and I’m prompted to turn it back on. Now, I would expect that I should be able to acknowledge the fact that I have been warned and then choose not to see the warning again. Unfortunately there is no way to selectively turn off the notification for UAC. The only option you have is to turn off all Security Center notifications.

This is obviously not  a recommended solution as it also turns off notifications for the firewall being turned off, windows updates missing, and anti-malware software not up to date. But if you’ve made the decision to operate without the UAC forced upon you, this is your only option. So if you don’t want to see the red, warning shield in the task bar, you have to sacrifice the benefits that the security center provides too.

Interestingly, the option to turn off all notifications from the Security Center doesn’t require elevated privileges!

Summary

UAC is a feature designed to increase security by forcing users to run in a limited-privileges mode that lessens the likelihood of system-wide problems occurring as a result or either malware attacks or user errors. But the key goal when implementing security software is to strike that correct balance between usability and security, and unfortunately, Microsoft haven’t quite got there yet with Vista’s UAC.