Should Apple be making fun of Vista UAC?

Should Apple be making fun of Vista UAC?

Summary: Windows Vista UAC (User Account Control) has an additional security feature called Secure Desktop that hardens the UAC privilege escalation prompt, but some people seem to be upset with this feature because they say it's annoying. Apple has even gone as far as making a new TV commercial out of it with "PC" being bossed around by a scary looking man in a black suit nagging him on each word.

SHARE:
TOPICS: Windows
348

Windows Vista UAC (User Account Control) has an additional security feature called Secure Desktop that hardens the UAC privilege escalation prompt, but some people seem to be upset with this feature because they say it's annoying. Apple has even gone as far as making a new TV commercial out of it with "PC" being bossed around by a scary looking man in a black suit nagging him on each word. But is this really an accurate assessment?

I don't really care how many times people say, "Oh, but UAC bothers you for no reason," because it's simply not true. Anyone who says that hasn't used Vista, and they don't really know what they're talking about. Vista and Mac OS X (as well as any version of UNIX) will ALL prompt for privilege escalation any time you try to install software, and that's how desktop operating systems should work. Windows XP and prior didn't have graceful mechanisms for handling privilege escalation and they forced you to log out and back in if you wanted to run without administrator mode, so not very many people implemented it. Vista's late to the game but that's moot since it's here now, and we need to evaluate UAC for what it is. Let's compare Vista UAC privilege escalation to Mac OS X privilege escalation with the following two videos.  

Here's Windows Vista UAC at work when I try to install software. *

Here's Mac OS X privilege escalation when you try to update software.

* Note that I had to temporarily shut off the Secure Desktop feature to capture the screen movie because Secure Desktop actually locks up the entire desktop, which prevents any application from interacting or seeing the UAC prompt. Vista UAC Secure Desktop is an added security measure that prevents malicious software from interacting or masking the UAC prompt in a way that might social-engineer users into clicking Allow. This doesn't actually change the user interaction or the keystrokes required, other than the fact that you no longer see the background dim, so it doesn't change the comparison in anyway. The Mac video was shot by our own Jason Hiner with a camcorder, which is why you see the moiré patterns over the video. I'll need to ask you to pretend you see the Vista desktop dim and pretend you don't see any moiré patterns on the Mac desktop.

As you can see, Mac OS X actually requires you to do MORE work by having you type in the administrator password, whereas Vista (for the primary user running as a limited admin) only prompts you to click Allow. So if we really wanted to make the Apple commercial accurate, there should be a second security guard that makes "Mac" recite a series of letters before he gives the OK to proceed. What we have is another case of deceptive advertising. Vista UAC really isn't that bad. This is something that Mac OS X and Linux users have been living with for years, and it's something that Windows Users need to get use to for their own protection.

If Vista UAC really bothers you that much, you can turn it off and simply accept the risk of running with full administrative privileges.  I'm not going to link to any tutorials on disabling UAC because anyone who can't figure out how to turn off UAC probably shouldn't be turning it off in the first place. I'm sorry if that sounds blunt, but I don't want to give any advice that endangers anyone's PC.

Topic: Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

348 comments
Log in or register to join the discussion
  • Microsoft Partner: Vista less secure than XP

    OK, George, here's someone who knows what they be talkin' 'bout:

    [url=http://www.zdnet.com.au/news/software/soa/Microsoft_partner_Vista_less_secure_than_XP/0,130061733,339274261,00.htm]fyi[/url]

    Kapersky
    D T Schmitz
    • P.S.

      That's [url=http://www.kaspersky.com/]Kaspersky Lab[/url] Folks.
      They know something about security. ;)
      D T Schmitz
    • I'm confused . .

      The article starts off talking about Vista *without* UAC - how is that relevant here?
      john.murray9
      • 1st Paragraph

        [i]"Security company Kaspersky claimed that Vista's User Account Control (UAC), the system of user privileges that can be used to restrict users' administrative rights, will be so annoying that users will disable it."[/i]

        The Apple UAC commercial [b]does[/b] convey the impression that UAC is annoying--quite well.

        Thank youz.
        D T Schmitz
        • Missed hypocrisy?

          Maybe you missed the point of George's article, which is that UAC is actually [i]less[/i] intrusive than the equivalent escalation method in OS X.
          william.furr
          • Priceless

            Another priceless 'Ou'ism:

            [i]"I don?t really care how many times people say "oh but UAC bothers you for no reason" because it?s simply not true. Anyone who says that hasn?t used Vista and they don?t really know what they?re talking about."[/i]

            I just pointed out who quite possibly 'is' an expert on the subject and who quite possibly does know all about the subject of Windows security/UAC, who also happens to believe users will simply turn UAC off.

            Don't shoot the messenger! ;)
            D T Schmitz
          • Expert? Then get his sorry butt over here

            and let HIM sit at my neihbor's house and let him know when to run an app or not.

            Just becuase he knows about security issues better then most doesn't automaticly make him the best person in the world to know what works best for those who don't.

            I'd feel safer driving my car after a mechanic fixed it as opposed to the engineer.
            John Zern
          • less intrusive and less secure

            If you walk away from your computer, I can install any software I want on it. If you have a Mac, I have to know the admin password to install software...
            woot!
          • Unless you are running your PC on a limited account.

            Which I believe is exactly how Apple does it by default, and I think Vista was supposed to do?
            ajole
          • Re: less intrusive and less secure

            At my institution, walking away from your PC with it unlocked is a security breach regardless of what OS you're running.

            The idea is to require some human interaction so that viruses and trojans can't [i]automatically[/i] install malware to your machine. UAC does this well.
            william.furr
        • Message has been deleted.

          georgeou
          • Anybody who telsl me those commercials aren't effective...

            just doesn't know what they are talking about! (wink)
            ...albeit they are becoming cliche.)
            Come on George, you set yourself up! Too funny.

            Oh, speaking of commercials...[url=http://reverendted.wordpress.com/2007/03/19/mac-vs-pc-how-would-linux-fit/]read more here.[/url]
            D T Schmitz
          • I didn't say there weren't effective. Joseph Gerbils was "effective"

            Did you even read my comment to you? I didn't say there weren't effective. Joseph Gerbils was "effective". Apple's always been "effective" in marketing; they have always been some of the best propaganda artists in the world.

            My question to you - which you don't seem to want to answer - is whether you base your IT security decisions on television commercials or not.
            georgeou
          • Who is " Joseph Gerbils"?

            Play the "rodent" card. I sure sign you've lost an online debate....
            Harry_Boner
          • Oh sure I know the answer but why answer...

            ...when I can just 'get you going'?
            (After all, I am generating more clicks for you!)

            Who doesn't form an impression in some part based on advertisements, regardless of the source?

            Why, if I had a dollar for everytime I've been manipulated into buying something by an advertisement!..... ;)

            Seriously, for strictly IT, I don't generally get swayed by TV.

            But will some enterprise IT CIO get the bright idea after setting up an Apple network at home that he should do same at work??

            It could happen.
            D T Schmitz
          • Be sure you don't make a typo yourself when you criticize other people

            "Play the "rodent" card. I sure sign you've lost an online debate.... "

            I think you meant "is".

            When you can't shoot down the idea, go after typos. Just be sure you don't make a typo yourself when you criticize other people's typos.
            georgeou
          • So your comparing Apple's Ads to Genocide?

            I know you don't like Apple but Joseph Goebbels? C'mon Bro.
            Tigertank
          • Message has been deleted.

            georgeou
          • Ummm....my aunt and cousins base IT descisions on commercials.

            That's why they got Windows95. That's why they both switched to Mac.

            I know, non-IT folks should NEVER base IT decisions based on a commercial. That would be like, oh, non-auto makers buying a car based on a commercial. Horrid! Or, gast!, a non-insurance professional buying insurance based on low price quote commercials!

            George, you are such a loser.
            nomorems
          • "Apple is a master of propaganda."

            Bwah ha ha! George, please! Can't you come up with anything ORIGINAL when slamming Apple? Just re-using the decades old, and still thriving, judgments and accusations against Microsoft does not count. What's next? You going to say Apple doctored video in a trial?

            Gorge, you are such a loser. I sure hope you managed to convince Microsoft NOT to base you bonus on how many people actually BELIEVE your rants!
            nomorems