Post #285,936
5/31/07 10:49:55 AM

Wrong in caps is still wrong
home - a place where more than one person may live
Play I Some Music w/ Papa Andy Saturday 8 PM - 11 PM ET All Night Rewind 11 PM - 5 PM Reggae, African and Caribbean Music [link||Tune In]
Post #285,940
5/31/07 11:57:28 AM

Which part is wrong?
Explain this to me. You've signally failed so to do.
Peter [link||Don't Let The Terrorists Win] [link||There is no K5 Cabal] [link||Home] Use P2P for legitimate purposes! [link||A better terminal emulator] [image||0|Darwinia||]
Post #285,945
5/31/07 1:17:02 PM

Ok. Lets review
[link||http://technet.micro...sta/aa906021.aspx] User Account Control: Delivering a More Secure Desktop The main goal of User Account Control is to reduce the exposure and attack surface of the operating system by requiring that all users run in standard user mode. This limitation minimizes the ability for users to make changes that could destabilize their computers or inadvertently expose the network to viruses through undetected malware that has infected their computer.
With User Account Control, IT administrators can run most applications, components and processes with a limited privilege, but have "elevation potential" for specific administrative tasks and application functions.
Conversely, when users encountera system task that requires administrator privileges, such as attempting to install an application, Windows Vista will notify the user and require administrator authorization. This type of prompting helps ensure that users do not accidentally make modifications to their desktops. It also helps eliminate the ability for malware to invoke administrator privileges without a user's knowledge.
As a defense-in-depth measure, User Account Control also provides additional protection for administrators through its Administrator Approval Mode. With Administrator Approval Mode, Windows Vista will run most applications with standard user permissions even if the user is an administrator. If a user wishes to run a program that requires administrator permissions, they must give consent through a User Account Control prompt. This helps limit malware's ability to make system-wide changes without the administrator's knowledge. However, Administrator Approval Mode does not provide the same level of security or control as a true standard user account. So what does this say really. Its says, up to now the vast majority of windows users have operated as administrators. Our advanced new operating system doesn't let you do that anymore...and requires you to enter information whenever you decide to add or delete any software, access any site that is somewhere MS deems "unsafe" and so on and so on. In addition, you can't run software that needs admin rights without specifically granting them at some prompt somewhere. Sorry, at this point I have to agree with Peter that the vast majority of people will find the easiest way to delete or disable this as possible...rendering it useless and ineffectual. You also seem to think it [link||can't be disabled], if I read you correctly. You are mistaken.
Too much of today's music is fashionable crap dressed as artistry.Adrian Belew
Post #285,947
5/31/07 1:33:27 PM

"Attack Surface"?!?! Sheesh.
Post #285,949
5/31/07 1:48:24 PM

At least I didn't write it :-)
Leave it to MS to come up with something like that.
Too much of today's music is fashionable crap dressed as artistry.Adrian Belew
Post #286,006
5/31/07 11:05:42 PM

(Isn't that pretty large - on a sponge? ;-)
Post #285,962
5/31/07 6:14:20 PM

I LOVE the scenario where they say disabling is reasonable
During demos.
Hey, we want to sell some crap. Hey, it runs horrible when UAC is enabled. No problem, turn it off.
Post #286,008
5/31/07 11:48:03 PM

That typifies the problem with UAC:
Marketing got a say. :-/
Their goals are noble. Unfortunately, their execution leaves something to be desired. Part of that problem is the sheer historical weight of programs and habits of defaulting to Administator privileges for everything. Reviewers are not helping by laying the problems almost entirely at Microsoft's feet. That's not to say the Microsoft have made mistake with it, of course.
Is it enough to love Is it enough to breathe Somebody rip my heart out And leave me here to bleed
| | Is it enough to die Somebody save my life I'd rather be Anything but Ordinary Please
-- "Anything but Ordinary" by Avril Lavigne. | · my · · [link||blog] · · [link||website] · |
Post #285,974
5/31/07 7:15:43 PM

Well now.
That seems to be as close to a descriptions of what "sudo" does in as many words.
Except... "sudo" has more granularity.
Sorry. Innovation? no. Making headway? Absolutely not. Catching up? Not hardly.
Okay, let up be serious here. "sudo" has been around for a while, a long while. I've used it since *BEFORE* 1998.
At least Microsoft picked a good model to "embrace and extend". They did muck it up quite badly. They "re-thought" the interface ... badly. They made it complicated. They made it cumbersome.
Oh well, at least it is in the right direction. 10 steps forward, 9 steps and a few inches of a skid back again.
-- [link||greg], [link||REMEMBER ED CURRY!] @ iwethey PGP key: 1024D/B524687C 2003-08-05 Fingerprint: E1D3 E3D7 5850 957E FED0 2B3A ED66 6971 B524 687C Alternate Fingerprint: 09F9 1102 9D74 E35B D841 56C5 6356 88C0
Post #285,977
5/31/07 7:44:40 PM
5/31/07 7:46:27 PM

You means I can use it to assign a group of people (based on group membership) the ability execute specific command (or a group using pattern matching wild cards) as a specific user (NOT ADMIN USER), ie: a production user that has very clearly defined rights against certain files and certain hardware.
I doubt it.
"Those who fail to understand UNIX are doomed to reimplement it. Poorly"

Edited by crazy
May 31, 2007, 07:46:27 PM EDT
Post #285,983
5/31/07 8:05:48 PM

that was my understanding
[link||] if one looks in the registry you will see a key that points to \\windows\\gnu\\bin\\ HTH thanx, bill
Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free american and do not reflect the opinions of any person or company that I have had professional relations with in the past 51 years. meep
reach me at [link||]
Post #285,984
5/31/07 8:14:08 PM

I was giving them the benefit of the doubt.
You are right. Most of (All) the "Milestones" Microsoft has made with Vista for security have been in UNIX, since... forever or at least since the "everything is a file" idea came about.
It is really a shame. I just hope they fix it.
-- [link||greg], [link||REMEMBER ED CURRY!] @ iwethey PGP key: 1024D/B524687C 2003-08-05 Fingerprint: E1D3 E3D7 5850 957E FED0 2B3A ED66 6971 B524 687C Alternate Fingerprint: 09F9 1102 9D74 E35B D841 56C5 6356 88C0
Post #286,012
6/1/07 1:23:06 AM

DACLs. Windows-only folk make a big deal out of these, saying that the UID/GID-based security of UNIX filesystems is inadequate, and that you need NTFS (which, for all that it's attached to a steaming pile of shit operating system, is actually a pretty good filesystem).
Tell me again when the proprietary UNIXes grew these? Was it 1992ish? When did VMS have these? 1982-ish?
Windows: failing to understand that writing a badly-designed wizard is not the same as innovation since 1995.
Peter [link||Don't Let The Terrorists Win] [link||There is no K5 Cabal] [link||Home] Use P2P for legitimate purposes! [link||A better terminal emulator] [image||0|Darwinia||]
Post #286,026
6/1/07 10:11:09 AM

Thanks Bill
I think I said it much briefer earlier on but Pete and Chuckles are apparently not capable of reading anything I say because I set off their 'must attack' system
Play I Some Music w/ Papa Andy Saturday 8 PM - 11 PM ET All Night Rewind 11 PM - 5 PM Reggae, African and Caribbean Music [link||Tune In]
Post #286,035
6/1/07 12:58:57 PM

Re: Thanks Bill
Which part of "I agree with Peter" didn't you get from Bill's post?
Peter [link||Don't Let The Terrorists Win] [link||There is no K5 Cabal] [link||Home] Use P2P for legitimate purposes! [link||A better terminal emulator] [image||0|Darwinia||]
Post #286,047
6/1/07 2:46:41 PM

I'm thinking... was more about tone than topic
Too much of today's music is fashionable crap dressed as artistry.Adrian Belew
Post #286,085
6/2/07 7:01:36 PM
6/5/07 2:52:37 AM

It's the other way around; the poor nitwit is incapable...
...of understanding what Peter writes. (Or rather, pretends to be.)
Peter complains that Vista's UAC works like shit -- i.e, fails to *do* what it sets out to do -- in large part because it's too annoying; Andrea Dear gibbers in reply about how Peter doesn't get what Vista's UAC *sets out* to do, i.e, its purpose. No, fuckwit, he's known *that* all the time -- what he's been saying all along in this thread is, it doesn't *succeed* at it. But Andrea just refuses to get that distinction.
Just re-read the thread slowly and you'll se that that's where the "problem" (as artificial and intentional as it is) lies.
And therefore fuck knows if the reason s/he/it doesn't jump down your throat is your more conciliatory (Why, BTW?) tone in that one post -- or just the fact that s/he/it is apparently not *intentionally refusing* to understand what s/he/it is reading when it is written by anyone else but Peter or me. (Could that have anything to do with the fact that most of the rest of you guys haven't yet publically declared your understanding of s/he/its $hillness?)
Personally, I think the latter seems quite a bit more likely.
[Edit: Aaargh, typo!]
[link|mailto:MyUserId@MyISP.CountryCode|Christian R. Conrad] (I live in Finland, and my e-mail in-box is at the Saunalahti company.)
Ah, the Germans: Masters of Convoluted Simplification. — [link||Jehovah]

Edited by CRConrad
June 5, 2007, 02:52:37 AM EDT
Post #286,187
6/4/07 4:22:20 PM

You're wrong again
as I stated originally, the purpose of UAC is to limit or control the behavior of users, not to annoy admins
Admins can turn it off Users can't turn it off if an admin has set it up on their machine without an admin password they won't be installing whatever it was that brought up the UAC prompt
Play I Some Music w/ Papa Andy Saturday 8 PM - 11 PM ET All Night Rewind 11 PM - 5 PM Reggae, African and Caribbean Music [link||Tune In]
Post #286,188
6/4/07 4:26:59 PM

Point = Missed. Intentionally or otherwise.
bcnu, Mikem
It would seem, therefore, that the three human impulses embodied in religion are fear, conceit, and hatred. The purpose of religion, one might say, is to give an air of respectibility to these passions. -- Bertrand Russell
Post #286,195
6/4/07 5:29:47 PM

Thank you so much for AGAIN explaining the *purpose* of UAC.
You didn't happen to see the bit where I wrote, "doesn't get that Peter has known the *purpose* all along", did you...?
So, a big thank you also for demonstrating so brilliantly my point from the previous post -- namely, that you just plain *refuse* to understand anything Peter or I write.
Now, couldn't you do us all a favour and just not reply to stuff you don't (because you refuse to) understand? (Like, I'm sure, this post.)
Thank you.
[link|mailto:MyUserId@MyISP.CountryCode|Christian R. Conrad] (I live in Finland, and my e-mail in-box is at the Saunalahti company.)
Ah, the Germans: Masters of Convoluted Simplification. — [link||Jehovah]
Post #286,203
6/4/07 8:01:32 PM

Is UAC described in the official Microsoft literature as a way to "limit or control the behavior of users"? Or is it described as a way to improve the security of the system? You could take the dodge that in order to secure the system you have to "limit or control the behavior of users", but that is an implementation detail. I believe[1] the advertised purpose of UAC is to increase security. And in that respect, it fails -- specifically because it instead implements a way to "limit or control the behavior of users". [1] I lied. I actually know that's the [link||advertised purpose]. User Account Control (UAC) is a new security component of the Microsoft\ufffd Windows Vista operating system. UAC enables users to perform common tasks as non-administrators, called standard users in Windows Vista, and as administrators without having to switch users, log off, or use Run As. <snip> By separating user and administrator functions while enabling productivity, UAC is an important enhancement for Windows Vista.
Kip Hawley is still an idiot.
Purveyor of Doc Hope's [link||fresh-baked dog biscuits and pet treats]. [link||]
Post #286,225
6/5/07 8:57:46 AM

Re: Question
as I said before that is how the MS spokesman at the Vista launch I attended described it He was debating an attendee who thought UAC needed to be turned off immediately on all Vista installs
Play I Some Music w/ Papa Andy Saturday 8 PM - 11 PM ET All Night Rewind 11 PM - 5 PM Reggae, African and Caribbean Music [link||Tune In]
Post #286,242
6/5/07 5:02:13 PM

ahh, cascading shills
There is never an authority, and no one can ever be held accountable for claiming something, because after all, it's not like they expected anyone to believe them anyway.
Post #286,313
6/6/07 11:38:01 AM

The speaker was Michael J Murphy
you can visit his blog at [link||]
Play I Some Music w/ Papa Andy Saturday 8 PM - 11 PM ET All Night Rewind 11 PM - 5 PM Reggae, African and Caribbean Music [link||Tune In]
Post #286,331
6/6/07 3:46:53 PM

And I'd want to do that because?
Occupation: IT Evangelist
At least you can pretend that you are looking out for the best interest of your company, and that its best interest does not necessarily coincide with the advancement of a particular technology.
Of course, you ARE pretending, since your career DOES depend on it.
This guy can't even pretend. He is a shill, with no doubt.
Post #286,400
6/7/07 8:47:35 AM

Not a shill
he works for MS
Play I Some Music w/ Papa Andy Saturday 8 PM - 11 PM ET All Night Rewind 11 PM - 5 PM Reggae, African and Caribbean Music [link||Tune In]
Post #286,440
6/7/07 3:29:44 PM

Serious question: Are you brain damaged?
Have you been in a car accident? Maybe a little light on oxygen for a while?
Post #286,451
6/7/07 4:51:34 PM

Re: Serious question: Are you brain damaged?
at the risk of quibbling with the dictionary, I've always had a slightly different understanding of the term at a 3 card monte game, the 'winner' with the handful of cash who is a partner of the dealer is a shill
from Wikipedia:
A shill is an associate of a person selling goods or services or a political group, who pretends no association to the seller/group and assumes the air of an enthusiastic customer. The intention of the shill is, using crowd psychology, to encourage others unaware of the set-up to purchase said goods or services or support the political group's ideological claims. Shills are often employed by confidence artists and governments.
Certainly, I think that is what Chuckles means when he calls me a shill
Play I Some Music w/ Papa Andy Saturday 8 PM - 11 PM ET All Night Rewind 11 PM - 5 PM Reggae, African and Caribbean Music [link||Tune In]
Post #286,456
6/7/07 5:47:43 PM

Ah, the wonders of Wikipedia
where if you don't like it, you get to change it.
And the wonders of focused limited definitions.
You/he promote the environment, purposefully ignoring flaws, because it benefits you.
You are both shills.
He is a directly paid one, you are indirectly since it benefits your career in general.The more people that adopt it, the more money he makes and the more likelyhood your skillset will keep you employed.
And the comment concerning brain damage was a kind one, because otherwise, you'd be displaying the ultimate skill of a shill, the ability to ignore the incredibly obvious.
Purposeful stupidity is such an endearing trait, wouldn't you say?
Post #286,464
6/7/07 7:14:26 PM

I had always understood the term by his definition.
Employees aren't shills UNLESS they are on the net pretending NOT to be employees.
Too much of today's music is fashionable crap dressed as artistry.Adrian Belew
Post #286,467
6/7/07 7:21:26 PM

Indeed; if they self-identify properly, they're salespeople.
Post #286,488
6/7/07 10:18:53 PM

I disagree (new thread)
Created as new thread #286487 titled [link|/forums/render/content/show?contentid=286487|I disagree]
Post #286,524
6/8/07 10:34:53 AM

I'm ambivalent. However, in Mega$loth's case ...
they actually have a titled position of "Evangelist". I'd be pressed not to call an evangelist a shill.
bcnu, Mikem
It would seem, therefore, that the three human impulses embodied in religion are fear, conceit, and hatred. The purpose of religion, one might say, is to give an air of respectibility to these passions. -- Bertrand Russell
Post #286,209
6/4/07 9:56:58 PM

The problem here is you are defining a very limited user set
those on controlled machines. That isn't the majority and it certainly isn't the user set that creates most significant security problems.
Again, UAC is a "security tool" that is annoying enough to the vast majority for them to rip it out..making it not only annoying but completely ineffective.
Too much of today's music is fashionable crap dressed as artistry.Adrian Belew
Post #286,217
6/5/07 2:44:39 AM

"he's known" - HTH </CRC>
Peter [link||Don't Let The Terrorists Win] [link||There is no K5 Cabal] [link||Home] Use P2P for legitimate purposes! [link||A better terminal emulator] [image||0|Darwinia||]
Post #286,219
6/5/07 2:53:52 AM

Aaargh! Fixed, thanx. (I can has cheezburger now?)
Post #286,221
6/5/07 7:08:32 AM

Can't or pretends is the same in this case
While he may not get income directly from MS sales, his career is so tightly bound to running an MS infrastructure his opinion is essentially worthless.
And since he really only pretends to be technical ie: he can follow a cookbook but does not really seem to understand what is going on under the covers, ie: the perfect Windows "tech"), you can't really expect him to have any coherent discussion on the matter.
I always wondered about "pure" IT guys. Those that are tied with supporting the entire company, doing infrastructure stuff, like file serving, authentication, email, printing, networking, backups, non-customer specific DBA, etc.
People in these positions often seem to lose focus on the company and what it needs to do to service its customers, since customer contact is so indirect to them.
They get to "tax" the organization, and incompetent people can last a lot longer than anywhere else since the group as a whole is often blamed for their mistakes, which means only a top level firing can start moving the group forward.
Seem like the perfect place for MS specific people to hang around.
Post #286,228
6/5/07 9:56:11 AM

Oy you
we are customer service thank you very much, we are constantly trying to improve the customer experience doing it faster and cheaper than ever before. thanx, bill
Quantum materiae materietur marmota monax si marmota monax materiam possit materiari? Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free american and do not reflect the opinions of any person or company that I have had professional relations with in the past 51 years. meep
reach me at [link||]
Post #286,241
6/5/07 5:00:07 PM

Oy back
Your customers (the real ones, not the internal ones) are the ones using your service. Your infrastructure is in direct support of your customer's active experience.
If they don't like what you have to offer, they can go to a competitor.
You don't fall into the category described above.
Post #286,265
6/5/07 7:30:20 PM

Another way to disable UAC - TweakUAC.
[link||Download Squad] has a pointer to [link||TweakUAC]. (I found it via [link||Office Evolution], via a search on [link||MJF's Blog]).
Caveat emptor, and so forth.
Cheers, Scott. (Who is happy he has no interest in running Vista.)