Windows Vista, UAC, Defender and Viruses...#

Well, I am back from the SDN Event in Driebergen. It was a fun event, I have met quiet a few people and, after a few years, finally met Dr. Bob again. One of my session was about the Windows 7 Taskbar (an update for the components is in the pipe line, btw). And when talking about Windows 7, one of the question coming up was the user account control (UAC) and how - IF - they have changed it.

While talking about that, I started out to remind them WHY it was implemented in Windows Vista and WHY I have not turned it off, ever. The reason is simple: it was implemented to block viruses from invading your computer and yes, it works. My story for them was as simple as it was obviously surprising for most of them sitting in the room.

About two years ago, I started a small experiment. I set up a computer with a new and clean Windows Vista install. Leaving the UAC on and running updates as Windows reminded me to do just that. The way a user should be working with the PC. However, I have not installed any third party Anti-Virus software, nor any third-party firewall, just the on-board tools Windows Defender and the UAC. I used this PC regularly for internet surfing, writing mails, doing some fun, testing software and so on. I let my girl friend use it for internet surfing - she knows how to use a computer, but by far, she is no geek, or even close to that. She does Excel, Word, mails online, games online, iTunes, etc. Even some peer-to-peer sharing. She had an administrative account and I explained to her what UAC meant and why it was implemented.

Well, end of last year I put on Norton AntiVirus, McAffee and a few other anti-virus tools and ran the big test: All tools reported the same final results: 0 viruses found!

Now my challenge to you: try that with Windows XP in todays Internet world ;-)

Conclusion: yes, the UAC is bothersome at times, and when it pops up to often, it will get the user aggravated, but it has its purpose. With Windows XP's on-board tools you simply where at a large risk when you went online. I am a believer of the UAC and, while it bothers me at times, I support it.

With Windows 7 it shows up less often. So some settings will be changed easier than under Windows Vista without the user confirming that. But as far as I have seen, none of the changes (except setting the computer time of course) will survive the next reboot of your computer. And if you don't mind, under Windows 7 you can move up the UAC messages to the Windows Vista level again. And yes, if you still mind, you can turn it off as well, but I know, I won't.   

Conferences | Development (English) | English | Internet | Leben | Windows | Windows 7
Tuesday, March 31, 2009 10:27:56 AM (W. Europe Standard Time, UTC+01:00) #    Comments [5]  | 

 

Google AdSense


Tuesday, March 31, 2009 11:18:21 AM (W. Europe Standard Time, UTC+01:00)
I have turned off the UAC and the last virus that I saw on my (private) computer was when DOS 5.0 was the newest Operating System (I think it was Format/A or so). And I do a lot of Internet surfing nowadays.

It all depends on what web sites you visit, what software you download (pirated software contains more viruses) and how good you are at identifying emails that contain viruses.
Andreas Hausladen
Tuesday, March 31, 2009 2:07:42 PM (W. Europe Standard Time, UTC+01:00)
In my opinion it's the user rather than UAC or any sort of protection software that has a much bigger influence on whether a machine becomes infested or not.

It's rare you hear about a techie or developer with a virus or spyware problem but not so rare to hear they're running without antivirus software and have been for many years. Myself I haven't used antivirus, antispyware or third party firewalls for about 5 years and my WinXP and before that Win2000 systems were never infested.

If you had a 12 year old kid using the computer though, that's a whole new ball game.
Lachlan Gemmell
Tuesday, March 31, 2009 2:47:36 PM (W. Europe Standard Time, UTC+01:00)
You can achieve the same results (i.e. no malware despite no AV/FW installed and despite not being particularly careful with internet use) under Windows XP with very little hassle, e.g. by using either Aargon Margosis MakeMeAdmin tool or the even bettter MachMichAdmin script published by German c't magazine (which can also be used as a drop target or a send-to item).

It always amazes me how anyone - especially people who know about computers - could insist on working with full administrative privileges at all times. I haven't logged in to any administrative or even a power user account for anything but initial OS setup since the early Win 2000 days and am doing just fine even on my development machines. Yes, some apps require manual tweaking but since Vista came out these have been getting increasingly few and far between and using tools like SysInternals' Process Monitor and Aaron's LuaBuglight identifying the necessary tweaks usually is a piece of cake.

That's not to say I don't like Windows 7's UAC approach...
Oliver Giesen
Tuesday, March 31, 2009 4:03:56 PM (W. Europe Standard Time, UTC+01:00)
> Now my challenge to you: try that with Windows XP in todays Internet world ;-)

I' doing that for some time now; no problems so far. Either use a non-administrator account (for non-expert users) or start browser and other critical internet-connective applications in another user's context with runas /safecred (if you occasionally need administrative rights).


> [Andreas] It all depends on what web sites you visit, what software you download (pirated software contains more viruses) and how good you are at identifying emails that contain viruses.

That's it.
Moritz Beutel
Tuesday, March 31, 2009 4:06:58 PM (W. Europe Standard Time, UTC+01:00)
You are correct, you seem to have two choices:

1. Put up with UAC asking you to confirm everything you do under the sun and crashing programs that expect certain things to happen that UAC prevented.

2. Download a freeware virus scanner or pay $29.99/year for good one.

Either way, after surfing the web for 3 weeks, you will not have any viruses. However, I am sure your useage experience will be a lot better with option #2.
David
Comments are closed.
All content © 2010, Daniel Wischnewski
On this page
Archives
 Full Archives By Category
October, 2009 (2)
September, 2009 (4)
August, 2009 (1)
July, 2009 (1)
June, 2009 (4)
April, 2009 (2)
March, 2009 (1)
February, 2009 (2)
January, 2009 (6)
September, 2008 (3)
August, 2008 (5)
July, 2008 (1)
June, 2008 (4)
May, 2008 (5)
April, 2008 (2)
March, 2008 (7)
February, 2008 (8)
January, 2008 (8)
December, 2007 (5)
November, 2007 (12)
October, 2007 (38)
September, 2007 (11)
Promoted Links
CodeGear
Delphi-Feeds
Delphi-PRAXiS
The Windows Developers Source
Blogroll OPML
 Coding Horror
 Daniel Magin
 Marco Cantú
 The Old New Thing
 Thomas Pfister
My current Flickr Images
www.flickr.com
Dies ist ein Flickr Modul mit �ffentlichen Fotos und Videos von dwischnewski. Ihr eigenes Modul k�nnen Sie hier erstellen.
Recommendations
Sitemap
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Special Pages
Conference & Papers Downloads
Most Requested Blog-Pages
Most Requested Downloads
Top User Agent Strings
Disclaimer

The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

Theme design by Jelle Druyts