Windows Now

It just that Symantec Knows that the UAC goes overboard.

Apple had it for a long time, but you dont see it very often, and it requires you to type in  your password. for example: If you are an administrator, you only get it when you add/delete accounts, attempt to modify system files (IF you have the privileges to), attempt to modify parts of the Library, and sometimes if you installing an app (NOT by dragging it to your computer), especially if it modifies system files in the installer.

And if you are NOT an administator, you get it when you try to modify the system, but that version ALSO needs that name of an administrator, along with their password, but you don't get it when you are editing your home folder.

Although I dont like Symantecs products, UAC still has a major flaw: giving control to the user. Whenever my mom (who knows nothing about computers, she does email and internet, thats about it) sees a message, she is just going to click continue or yes pretty much no matter what. What UAC needs to do is be able to tell you when something is actually harmful, and not pop-up when you do something routine (like copy a file to another hard drive, the reason why I turned it off in the first place). If UAC can become smart and be able to only pop up in dangerous situations, then it would be awesome. Maybe if Windows could ship with Windows Live OneCare, although I know thats never going to happen unless hell freezes over

@ Graham: In my experience (and I am a "power user"), Vista's UAC behaves exactly as you described it for Apple.

Brendan G,

So, you DON'T get it when you change the time?

Anyone that has used Windows Vista at all will be familiar with User Account Control (UAC) prompts. The

Dan, have you used Windows Vista? Windows Vista requires a password. If you don't want your mom doing these things, don't give her the admin password. If you don't give her that, she can press "yes" all she would like, no harm will be done.

Also, everything that it pops up about can potentially cause harm. The reason it can't get "smart" about it, is because if it was "smart" hackers could play with its intelligence. The whole idea is to prevent people from changing your settings without an admin password.

Graham, you do not get it when you change the time-zone, but yes, changing time does offer a dialog. However, I do not think that a normal user really has any need to change the time. This should be something managed by administration. Especially since you can have it synchronized. With the synchronization, they should have no need for changing it.

List244,

I guess you do not travel.

Graham,

Also remember that the reason that many app trigger UAC prompts is because they're poorly written with respect to security. Part of the goal of UAC is to compel developers to minimize the need for such priveledges in the first place; apps that absolutely have to request an elevation can make the process somewhat safer by providing a valid cert for their binaries. Symantec's actions would undermine any incentive to improve.

In many ways, Apple had an easier time in this reguard because OSX was so different from MacOS Classic that is forced developed to step back and rethink before porting their apps, so there was more incentive to address these issues up front and earlier on.

Bryan,

that was over 5 years ago. lots of software has been created since and you don't have these problems in Mac os X (except when idiots create drivers for Wacom tablets), not even from companies that are less than 5 years ago.

What's is with this layout? doesn't IE have a built-in spell-checker?

I still think my main point is essentially correct:

Since OSX has been available, it has had strong default security and permission settings, and so any developer wanting to write an application for OSX had to take that into account from the begining of development/porting.

In contrast, Windows has traditionally given applications more flexibiliy. Although NT had the necessary infrastructure, Microsoft hasn't enforced it due to compatibility concerns. They've certainly encouraged developers to make programs that can work in limited accounts, but there's been little incentive to do work that wasn't absolutely necessary--including, frankly, for other product groups within Microsoft.

With UAC, Microsoft is finally begining to lock Windows down in a manner similar to OSX. Problem is, in doing so, the negligence of these developers has been made much more visible, hence many pop up elevation prompts where it wouldn't otherwise be necessary.

Over time, more developers will take limited priviledges into account when targeting Vista (it may actually be a logo requirement), and the number of prompts should be comperable to what you see in OSX.

In other words, for Vista to be bug-free, it would have to be COMPLETELY rewritten, and run apps for XP in a virtual machine that is included in the OS.

Graham, nothing is bug-free. lol Also, in response to your travel question.. First, if you are traveling with a computer, you should be an admin. Second, even if you are not, you can change the time-zone, which should be enough.

Graham,

Isn't that a bit of a leap? It isn't a matter of Vista having bugs--though I'm sure they're there--but rather there are still a large number of applications written without regard for the constraints of limited user file rights. With UAC in place, the hope is that this will provide a strong enough penalty to push most developers to make their apps work in limited accounts. The only ones that should run with admin rights are those that genuinely need it.

It's misleading to try to characterize this as a matter of Vista being broken compared to OSX.  OSX apps are, on the whole, much better citizens. This is, as I've mentioned earlier, largely a result of the "clean break" approach they took. They could get away way with this because, prior to the release of OSX, Apple's market share was dwindling and the most important thing was to put Apple back in a technologically strong position (and they've certainly succeeded). In contrast, there are over half a billion Windows users on Earth, and that market has high expectations of compatibility, especially in the corporate market (where Apple, particularly prior to the release of OSX, had negligible presence). The result is that Microsoft can't make the same kind of clean break, but must evolve the platform over time.

Think about a large city: If you wanted to make the buildings more green / energy efficient, you wouldn't just level everything and rebuild--it would be too expensive, and disenfranchise too many people--rather you'd make changes in an opportunistic manner, perhaps making other improvements on the way. That's Windows. OSX is more like a planned community: it's well designed and well manicured, but you wouldn't try to apply the same design approach to the scale of say, New York City.

It isn't so much a value judgment as it is a difference of scope and context.

On www.windows-now.com Robert McLaws writes about an Idea Symantec has on disabling UAC. I must say I

I've been a user of Norton Antivirus for many years, but after all the recent fuss from Symantec the last year or so, I will not be buying their products anymore.  I'm going to be looking at other solutions for my Vista antivirus needs.

I am a Mac fan(atic), but I have also been running Vista since Beta 2 and now RTM (We're an MS Gold Partner).

I think of myself as somewhat of a power user, but I run without Admin rights on my normal account, on both systems. Doing normal tasks I don't need to elevate on either system, ever.

While Vista may ask for admin rights more often than OS x, its often a topic of setting rights correctly. It may be a hazzle... once. But just spend a little time configuring security on your computer or your parents computer correctly, and it won't be asking you.

On most typical tasks I haven't needed to elevate, not even moving files between disks.

I agree with the sentiment that Symantecs moves are bad. I tend to think Symantec makes easy to use products, but I feel they're making blunders now. They're actually, scarily enough, arguing that everyone should be able to make security products for the OS? Having cleaned computers of the "WinSafe Antivirus 2005" product all too many times (its a pure scam, localized into many languages including norwegian, that makes you pay for it by VISA to "unlock" it after it "finds viruses", only to get a happy message, reboot, and it resets... You can't unlock it, just pay and pay and pay. And of course you can't uninstall it, and it seems to register with the Windows XP Security centre. *ugh*

As to changing the time: you CAN use local computer policy to adjust who does that, even grant it to lower rights users, but there's actually no need. Just adjust the time zone, works like a charm.

Anyone that has used Windows Vista at all will be familiar with User Account Control (UAC) prompts. The

PingBack from http://www.vistalogy.com/2007/01/18/symantec-anti-uac-product-is-a-very-bad-idea/

I agree! Vista does ask for confirmation a lot but as someone who knows what they are doing i hardly see it, The good news with the UAC is that unless you click it it seems to just sit in the back ground waiting for you to press it before the security continues.

Someone else already raised the point but "However, I do not think that a normal user really has any need to change the time. This should be something managed by administration. Especially since you can have it synchronized. With the synchronization, they should have no need for changing it." You just do not travel!

As for symantec trying to get some action from it, i would give symantec another penny if i could help it! unfortunately MSBackup is *** so you are basically left with Veritas, any other actual GOOD software for backing up out there?

I  hate symantec and luckily i removed two copies of its existance yesterday and installed www.nod32uk.com much much much better software! The fastest and smallest scan engine in the world with the best VB100% rating ever!

Ugh, Myles... I do travel... with my own computer, where I am the administrator. Also, on Windows Vista you can change the time-zone. If you can change the time-zone, what need is there to change the actual "time?"