Should Apple be making fun of Vista UAC?
Summary: Windows Vista UAC (User Account Control) has an additional security feature called Secure Desktop that hardens the UAC privilege escalation prompt, but some people seem to be upset with this feature because they say it's annoying. Apple has even gone as far as making a new TV commercial out of it with "PC" being bossed around by a scary looking man in a black suit nagging him on each word.
Windows Vista UAC (User Account Control) has an additional security feature called Secure Desktop that hardens the UAC privilege escalation prompt, but some people seem to be upset with this feature because they say it's annoying. Apple has even gone as far as making a new TV commercial out of it with "PC" being bossed around by a scary looking man in a black suit nagging him on each word. But is this really an accurate assessment?
I don't really care how many times people say, "Oh, but UAC bothers you for no reason," because it's simply not true. Anyone who says that hasn't used Vista, and they don't really know what they're talking about. Vista and Mac OS X (as well as any version of UNIX) will ALL prompt for privilege escalation any time you try to install software, and that's how desktop operating systems should work. Windows XP and prior didn't have graceful mechanisms for handling privilege escalation and they forced you to log out and back in if you wanted to run without administrator mode, so not very many people implemented it. Vista's late to the game but that's moot since it's here now, and we need to evaluate UAC for what it is. Let's compare Vista UAC privilege escalation to Mac OS X privilege escalation with the following two videos.
Here's Windows Vista UAC at work when I try to install software. *
Here's Mac OS X privilege escalation when you try to update software.
* Note that I had to temporarily shut off the Secure Desktop feature to capture the screen movie because Secure Desktop actually locks up the entire desktop, which prevents any application from interacting or seeing the UAC prompt. Vista UAC Secure Desktop is an added security measure that prevents malicious software from interacting or masking the UAC prompt in a way that might social-engineer users into clicking Allow. This doesn't actually change the user interaction or the keystrokes required, other than the fact that you no longer see the background dim, so it doesn't change the comparison in anyway. The Mac video was shot by our own Jason Hiner with a camcorder, which is why you see the moiré patterns over the video. I'll need to ask you to pretend you see the Vista desktop dim and pretend you don't see any moiré patterns on the Mac desktop.
As you can see, Mac OS X actually requires you to do MORE work by having you type in the administrator password, whereas Vista (for the primary user running as a limited admin) only prompts you to click Allow. So if we really wanted to make the Apple commercial accurate, there should be a second security guard that makes "Mac" recite a series of letters before he gives the OK to proceed. What we have is another case of deceptive advertising. Vista UAC really isn't that bad. This is something that Mac OS X and Linux users have been living with for years, and it's something that Windows Users need to get use to for their own protection.
If Vista UAC really bothers you that much, you can turn it off and simply accept the risk of running with full administrative privileges. I'm not going to link to any tutorials on disabling UAC because anyone who can't figure out how to turn off UAC probably shouldn't be turning it off in the first place. I'm sorry if that sounds blunt, but I don't want to give any advice that endangers anyone's PC.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Microsoft Partner: Vista less secure than XP
[url=http://www.zdnet.com.au/news/software/soa/Microsoft_partner_Vista_less_secure_than_XP/0,130061733,339274261,00.htm]fyi[/url]
Kapersky
P.S.
They know something about security. ;)
I'm confused . .
1st Paragraph
The Apple UAC commercial [b]does[/b] convey the impression that UAC is annoying--quite well.
Thank youz.
Missed hypocrisy?
Priceless
[i]"I don?t really care how many times people say "oh but UAC bothers you for no reason" because it?s simply not true. Anyone who says that hasn?t used Vista and they don?t really know what they?re talking about."[/i]
I just pointed out who quite possibly 'is' an expert on the subject and who quite possibly does know all about the subject of Windows security/UAC, who also happens to believe users will simply turn UAC off.
Don't shoot the messenger! ;)
Expert? Then get his sorry butt over here
Just becuase he knows about security issues better then most doesn't automaticly make him the best person in the world to know what works best for those who don't.
I'd feel safer driving my car after a mechanic fixed it as opposed to the engineer.
less intrusive and less secure
Unless you are running your PC on a limited account.
Re: less intrusive and less secure
The idea is to require some human interaction so that viruses and trojans can't [i]automatically[/i] install malware to your machine. UAC does this well.
Message has been deleted.
Anybody who telsl me those commercials aren't effective...
...albeit they are becoming cliche.)
Come on George, you set yourself up! Too funny.
Oh, speaking of commercials...[url=http://reverendted.wordpress.com/2007/03/19/mac-vs-pc-how-would-linux-fit/]read more here.[/url]
I didn't say there weren't effective. Joseph Gerbils was "effective"
My question to you - which you don't seem to want to answer - is whether you base your IT security decisions on television commercials or not.
Who is " Joseph Gerbils"?
Oh sure I know the answer but why answer...
(After all, I am generating more clicks for you!)
Who doesn't form an impression in some part based on advertisements, regardless of the source?
Why, if I had a dollar for everytime I've been manipulated into buying something by an advertisement!..... ;)
Seriously, for strictly IT, I don't generally get swayed by TV.
But will some enterprise IT CIO get the bright idea after setting up an Apple network at home that he should do same at work??
It could happen.
Be sure you don't make a typo yourself when you criticize other people
I think you meant "is".
When you can't shoot down the idea, go after typos. Just be sure you don't make a typo yourself when you criticize other people's typos.
So your comparing Apple's Ads to Genocide?
Message has been deleted.
Ummm....my aunt and cousins base IT descisions on commercials.
I know, non-IT folks should NEVER base IT decisions based on a commercial. That would be like, oh, non-auto makers buying a car based on a commercial. Horrid! Or, gast!, a non-insurance professional buying insurance based on low price quote commercials!
George, you are such a loser.
"Apple is a master of propaganda."
Gorge, you are such a loser. I sure hope you managed to convince Microsoft NOT to base you bonus on how many people actually BELIEVE your rants!