One of the vaunted features of Windows 7 is the updated User Account Control settings. The change being the addition of a slider and UAC grades — one grade at the Vista level of annoyance and three grades of off (off a little, off a lot, and #*%!@ OFF!!).
Who'd have thought such a little dialog could do so much harm? Not Microsoft. Credit: ZDNet.com.au
Microsoft would call this something like "notification grades", but really its just a test of one's patience and security-mindedness.
I was waiting for the security problems to occur after Windows 7's release and for users to lower their slider too far — or the default grade (which is not the highest security possible, but one lower) was not secure enough.
Alas that was not to be, for problems have occurred in the beta version of Windows 7. The default security level treated a change of the UAC slider as permitted, therefore if you wrote a program that changes the UAC, then Windows 7 is your playground and you could do whatever you wanted.
Microsoft originally defended their UAC design, but it smelt more of hurt geek pride. Theoretically and technically, the design is possibly fine; in practice its implementation is absolutely flawed.
After much wailing and gnashing of teeth to Microsoft's respose (here's but one example), the decision has been made to secure the UAC prompt. Come Windows 7 RC1, UAC settings will now run in a "high integrity" process which will require elevation, and changing the UAC settings will produce a confirmation prompt. Better to take the hit now then have the UAC-lowering programs flooding the internet.
Kudos to the Windows 7 team to have the gumption to admit a mistake and swallow some pride. I'll leave to them the last thought, which summed up their position nicely:
When we started the "E7" blog we were both excited and also a bit uneasy. The excitement is obvious. The unease is because at some point we knew we would mess up. We weren't sure if we would mess up because we were blogging about a poorly designed feature or mess up because we were blogging poorly about a well-designed feature. To some it appears as though with the topic of UAC we've managed to do both.