Microsoft: Vista security feature "to annoy users"

I haven’t written about Vista for awhile, so I’m overdue. From Slashdot:

“At the 2008 RSA security conference, Microsoft’s David Cross was quoted as saying, ‘The reason we put UAC into the platform was ‘to annoy users. I’m serious.’ The logic behind this statement is that it should encourage application vendors to eliminate as many unnecessary privilege escalations as possible by causing users to complain about all the UAC ‘Cancel or Allow’ prompts.

Of course, they probably didn’t expect that Microsoft would instead get most of the complaints for training users to ignore meaningless security warnings.”

Microsoft is a clueless about people’s needs as our government is now.


39 thoughts on “Microsoft: Vista security feature "to annoy users"

  1. That’s far fetched. Did this story originate from the Fud? Barcelona to launch in Q106 at 3 Ghz, muhahahahaha…

  2. So, you have an organization (Microsoft) staffed by near autristics (Bill Gates clones) and there is some surprise the organiztion doesn’t relate well to peoples’ motivations?

  3. Simple. Get a Mac. Stop the self-flagellation. Get a Mac. Stop wasting precious time, effort, and money putting up with that Microsoft POS. Get a Mac.

  4. Microsoft prides itself on its brain reserves: “Work with smart people, like yourself.” How is it that smart people can be so dense? I am a near autistic (aspergers) but it Microsoft’s problem is arrogance and living in an echochamber. Look at the packaging that Vista and Office come in. Dumb. But the geniuses at Microsoft think they are clever even though they violate such basic rules of design and usability. Only arrogance could let a smart person not listen to the body of knowledge of usability and design.

  5. Its pretty simple to go back to XP. Or, try going to Linux. Debian testing would be the ultimate choice, but I’d start with PCLinuxOS if you want it simple to administer in the beginning. Mandriva One is also worth trying – comes in Gnome and KDE versions.
    Nothing wrong with Mac either, but you have to buy all new hardware, and why should you, when the only difference is going to be the label on the case?
    Whatever, don’t put up with it.

  6. Microsoft can talk!
    A children’s game “Age of Empires” will only run in Admin mode on my Win 2000 PC. A geek showed me how to set it up to run on a non Admin user and that worked until an hour after he walked out the door. There is no way the average user could set it up.
    The game will not install on my Win Vista PC.

  7. I’m really tired of the Mac advocates saying “get a Mac” to any problem/annoyance report about Windows. Truth be told, “get a Mac” means leaving Bill Gates’ gated community and entering Steve Jobs’ Church of Cupertino.
    I have said it before and I’ll say it again… Apple’s sofware platform is as closed and proprietary as Microsoft’s …. BSD subsystem and Mach kernel nothwithstanding.
    Apple DRM, iTunes, etc.
    I’ve discovered true freedom long ago… that’s why I use Linux. I’ve got StarOffice 8, Google Earth for Linux, Sane for scanning, Nero for Linux and XCDRoast for burning, Avidemux for Linux for video editing, and a number of FOSS applications that cover all my daily needs.
    And when I need some particular windows application, I can always try runnign them on top of WINE or just run WinXP and/or Vista under VirtualBox.

  8. I’ve been writing software for about 20 years and worked with many operating systems – none are secure. There is a lot you can do to improve security, but at the cost of functionality. Microsoft is trying to make the best compromise for the mass market.
    Given that the average user doesn’t really understand even the rudiments of what goes into an OS and computer security, there isn’t a way to ensure the average consumer’s computer will remain secure over time. One thing the OS maker can do is make sure user’s know when a change is being made that could compromise security. Even one change could fatally compromise your computer, i.e., your personal information.
    It’s annoying, but you really should be made aware of when something is trying to reconfigure your computer.

  9. I suspect MS turns them on by default for legal reasons since security breaches become the responsibility of the admin that turns off the feature rather than MS.
    In any case, I see them as no different from ‘su root’ on Linux boxes.

  10. Bruce,
    Being secure is preferable to be being vulnerable to 200,000+ viruses like Microsoft Windows. If you are so smart, demonstrate that Macs are easy to hack. Since you won’t be able to do that, how about this: Name one in-the-wild virus affecting Mac OS X. One, just one.
    Can’t do that either, can you?

  11. Back in ’67 when I started programming, there were no operating systems. We have gone downhill ever since. A gig of memory just to load the OS ? (as bad as a 3 trillion dollar federal budget) If I could get CAD programs for the Mac anywhere near what I have on my PC, I would own one. (new Mac’s can run Windows. Another step in the wrong direction) XP is bad enough, didn’t have much choice. DOS didn’t do much for you, didn’t do much to you. Tiny. Fast.
    Linux ?

  12. Can someone tell me any technology that Gates and Microsoft have invented? They’re supposed to be innovative but I can’t think of anything. DOS? He bought it. Windows? Xerox and Apple. Networking? Appletalk on desktop computers. Excel? Visicalc, Lotus 123. And the list goes on and on. I’d honestly like to know.

  13. I had a laptop brought to me earlier this year, and in the course of repairing it, I saw the UAC a lot. I know, I could have just shut it off, but I originally suspected a “trespasser” and left it on in the (vain) hope it would provide a clue.
    As it happened, an October update had left the OS thinking that ONE (that’s right: ONE) system file was corrupt, and so the machine periodically decided it wasn’t legit. Also took out the sound and Aero — go figure!
    To add to the mess, AUTOCHK was bad, so CHKDSK wouldn’t run on boot. SFC /scannow took care of the file system, but I had to replace AUTOCHK to get the rest of the system running.
    Microsoft has produced (in the name of “Security”) an OS that is so paranoid it doesn’t trust itself — let alone its user.

  14. Vista is what we get until someone comes up with something better. Adapt.
    REPLY: Been there done that. Microsoft in their infinite wisdom, took out a feature that has been in every Windows version since Win95: VIRTUAL MACHINE.
    VM is essential to my graphics programs, without it they can’t run. VM was removed for “security”. Yet there are dozens of high end programs that use it. Microsoft hosed me and thousands of others.
    Vista sucks, Vista doesn’t support the need. Adaption not possible.

  15. If Macs weren’t so expensive, ran all the same software without also having to install windows, sure, I’d buy one.
    But Mac users should be happy Windows is out there, takes all the hacker attention off them, as Bruce said. Macs will end up like Windows if they become as popular, they’ll have to, or else they’ll be useless with all the virus infections they’d attract.
    Fortunately you can turn off the UAC, and you really won’t have any problems.

  16. You can easily disable UAC.
    Settings –> Users –> Disable UAC. Done.
    btw.: the UAC is inspired by Apples’ OS-X. Theres also a UAC-feature implemented. With Macs it’s a security feature, with Windows it’s user annoyance.

  17. I usually avoid religious arguments.
    It’s popular today to “hate” Microsoft just as it was popular 40 years ago to “hate” IBM. The thing to remember is neither became respective giants by being dense market-wise. Most of what I hear amounts to jealousy or at the very least a confusion of personal wants with the market wants.
    One of the biggest complaints about XP was the the relative easy of hacking by use of privilege escalation highlighted by the cheesy crowing Apple ads. Vista was the answer. The real problem is far too many applications took advantage so what probably started as a reasonable approach got bogged down by external forces.
    The point is: you can’t have it both ways. Having the best bank vault is useless if you give free access to the contents. At least Microsoft is trying to fix the problem unlike Apple who apparently tried to capitalize on their small footprint by equating lack of interest with invulnerability (and thus no need to do anything). Hopefully, recent events have caused Apple to reconsider its position.
    Actually, Vista isn’t really all that bothersome — not any more than a Linux system running a tight Selinux or some commercial firewalls.

  18. I built my first PC last summer and installed Vista on it. The first couple weeks were a little difficult with getting the RAID set up, getting used to the OS, and getting my old printer, scanner, and mice configured correctly. Since then, I haven’t had any problems and really enjoy the look and feel of Vista. My machine is very responsive, never crashes, and I almost never get the UAC pop-up. And if it annoys you, it is very easy to disable anyway.
    How many of the Vista-haters have high end machines and use it regularly? Vista may not be for everyone, but it is a fine OS if you give it a chance.

  19. I just love Vista [/sarcasm] … it keeps me so safe … especially when I get in the habit of hitting “continue” every time I see that annoying box or “run as administrator” as the only way to run half a dozen programs! Oh … but I can search fast as long as I don’t want to run many of the programs that I use to be able to use on XP!
    How many dollars … and long did it take Microsoft to develop this ‘fine’ OS?

  20. People naturally advocate the operating system they’re most familiar with. But the best guide is how satisfied users are with their OS.
    Apple’s Leopard enjoys an 81% “Very Satisfied” rating as opposed to 53% for Windows XP, 51% for XP Pro, 27% for Vista, and 15% for Vista Home Basic.
    As far as I can google, nobody’s done a similar survey of Linux users.
    Get a Mac, if you need Windows you can run it native on the same machine or in OS X running in emulation.
    As for security, there’ve been less than a handful of successful exploits but Apple’s plugged those leaks and none of them made it into the wild. As of right now, the number of viruses, worms, etc. that can affect the Mac OS is zero. Someday there may be one, but I’ve already been using Mac OS without such worries for over ten years. Much rather have that OS X with its potential security problems, than one with thousands of such malicious bits of code just waiting to pounce.
    Apple’s OS isn’t perfect, but it’s absurd to claim that it’s not best for the average user.
    REPLY: Mac’s are fine for household use, they excel at simplicity there for the average user. I used to have one (actually I had three, but got frustrated with them each time because I could not get them to do what I wished – too limted).
    But as a business OS, or as a specialty OS (like systems integration) Mac OS has no value. That’s where I come from. I can do systems integration with Windows XP any day of the week and twice on Sundays. With Vista – you can’t get 25% of specialty graphics apps, hardware devcies/drivers to run. So in that sense, Vista has become like Mac OS. Excels at simple tasks for home use, but pretty much incompatible with everything else.

  21. Anthony says:
    “VM is essential to my graphics programs, without it they can’t run. VM was removed for “security”. Yet there are dozens of high end programs that use it. Microsoft hosed me and thousands of others.”
    I use VirtualPC on Vista all of the time. This issue you raise only comes up for users of the home version of Vista.
    REPLY: Yes but when you sell a product the requires VM to run, you can’t expect users to go out and purchase this other program nor upgrade to Vista Ultimate to make it work. VM has always been in the home versions of the Windows OS until now.

  22. Computers and I go back a long ways:
    You have absolutely no idea how depressing it is to see that after forty-five years the only surviving remnant of the APRA operating system design projects are junk systems like Windows, MAC-OS, Linux, UNIX, etc. The reason Bill and his merry band are now so concerned about security is that they are top dog in the market and are the primary target for computer hackers. Even the computer hackers don’t give a damn about MAC-OS. The worst nightmare for Apple users would be if MAC-OS became popular and was therefore of interest to computer hackers. That is unlikely given that Steve has now found his true calling selling portable jukeboxes. This must please Bill because he owns approximately 16% of Apple.
    As long as you continue to implement systems in a programming language based on a FORTRAN pre-processor with no support for bit-string and character-string intrinsics and a simulation for pointers none of you are ever going to have secure operation systems or applications. Thirty-five years ago if I exceeded the size of a bit-string or character-string array the program took a hardware fault. Now ever line of code has to check for buffer overflows. The really said thing is that so many of you love C++. A pox ( on all your houses!
    P.S. Sorry the original post, WordPress and I have a failure to communicate.

  23. Anthony says:
    “Yes but when you sell a product the requires VM to run, you can’t expect users to go out and purchase this other program nor upgrade to Vista Ultimate to make it work. VM has always been in the home versions of the Windows OS until now.”
    I suggest you look at VMWare:

  24. Well, I hate MS but in answer to an earlier comment they did invent the ecmascript callbacks ajax is based on. It’s just that they haven’t innovated very much – but then that isn’t their business, they’re a license-selling shop not a technology business. The technology just lets them sell licenses.
    The best OSes for integration are the *nixes, including OSX. I’ve changed to Ubuntu for my laptop/desktop systems because I can’t be bothered to fiddle to get the multimedia I want, but it’s BSD Unix for anything more serious. I just upgraded a Windows 2003 SBS server to FreeBSD – massive immediate performance increase translates into better productivity for desktops.
    The weird thing about MS’s explanation for the annoying popups is that they are to make developers stop building apps that need privilege escalation. You’re being annoyed to focus somebody else’s mind. That sucks.
    The number of security patches isn’t the point, it’s what those security probs entail. Tell someone who’ll save time by reinstalling their whole system rather than trying to fix it, just because they looked at the wrong website in IE, that Apple users have it harder.
    I am genuinely bemused that anyone who is at all technical would choose Windows.

  25. Peter Risdon (11:29:58) :
    “I am genuinely bemused that anyone who is at all technical would choose Windows”
    Because the user interface for Linux sucks and the selection of software that runs on the Mac is very limited.

  26. I am genuinely bemused that anyone who is at all technical would choose Windows.

    I’m happy for your bemusement. So what Windows software can I run on Ubuntu? Can I run Poser? Vue 6 Infinite? 3ds Max? How about Call of Duty 4?
    Convince me it’s “better”.

  27. I’m still using Windows ME, it boots up and shuts down in a fraction of the time that Vista does. Runs okay and does the business (on my museum-piece of a PC, anyway.)

  28. Well, I hate MS but in answer to an earlier comment they did invent the ecmascript callbacks ajax is based on. It’s just that they haven’t innovated very much – but then that isn’t their business, they’re a license-selling shop not a technology business. The technology just lets them sell licenses.

    If all anyone can come up with is your example that’s pretty thin. As far as user apps go there appears to be bupkiss. That was my point, everyone talks about MS and technology when they’re real strength is the ability to drive standards to adhere to their licensed and proprietary OS.

  29. Windows Vista has more problems than one. One user suggested that a high end configuration would run Vista fine, but mine doesn’t, and it’s a brand new machine.
    I am especially amazed at how various machines running the same OS can behave differently. On my machine, Vista does some kind of ‘reset’ of the Wireless connections, and cannot connect to wireless for a few minutes after it boots up or wakes up from sleep or hibernation. How annoying can that be? My room mate, running the same OS, faces no such problem. (It’s not a hardware issue on my computer, I’ve checked running Linux). Another friend cannot connect to our home wireless network, even though we can connect to it, and even though she can connect to every other wireless network available. Is that not simply stupid?
    All this is without mentioning the humongous memory requirements of Vista. It takes up more than 1GB of RAM just to be running the OS!! And if I have other memory intensive applications running parallely, trust me, it can get pretty slow and frustrating, notwithstanding the fact that I have quite an amount of RAM.
    Those who harp about Linux, have you considered the time it takes to gather all the source files that you need every time you need to compile a new program? Every program that I need to install needs to be compiled (which is fine), but needs the source code for other programs that it links to. I am afraid I cannot afford to spend an infinite amount of time searching for source code for a simple chat program that I need to install. Linux is great, but you need time to spare to set every thing up, and not every one of us has that luxury.
    Hence, I am left with Mac, which I have decided to move to. If I need Windows, I can always install it; if I need Linux, I can always use Parallels.
    What choice do I have?

  30. fred says:
    “Raven, when you say ‘the user interface’, which one did you have in mind?”
    The need for the question is actually part of the problem. I have used KDE and X Windows and have not been impressed. It is often the little things that are the problem like not being able to cut and paste betwen applications.

  31. Raven, Arbab,
    Arbab. ALL your programs have to be compiled? I guess you must be one of the 100 people in the world running Gentoo? You NEVER have to compile using any mainstream distribution. You just install the stuff from the package manager. This is completely nuts. Get Debian and use Synaptic. Or Mandriva and use ‘manage packages’. There are 20k+ programs available at the touch of the mouse in Debian. Every one is compiled. Comes with all dependencies. However, Arbab, don’t start out with Debian. Start out with PCLinux.
    Raven, the idea that you cannot cut and paste in KDE (or Gnome, or Xfce, or Fluxbox….) is truly nuts. I and my customers use various distros for years, of course we can! It is true that copying, then closing the app you are copying from, then pasting, can fail. Just close app 1 AFTER the paste, and all will be well. But how do you think we could use word processors and spreadsheets without cut and past????
    I usually tell people to start out with Gnome, they seem to get along with it better, and its a nice clean look in default mode. Get Mandriva One, Gnome edition to have a go with it from a live CD.

  32. As an MCITP (Microsoft Certified IT Professional) on Vista, I can say with some authority that Vista is probably the most secure OS that MS has released.
    The issue is that Programers have a bad habit of elevating user privelages when it is not needed and allowing HUGE security holes. For the average user, UAC pop-ups should be a BIG RED FLAG that says, something wants to change something on my machine… do I really want that?
    If THIRD PARTY vendors want to write code that is to run on a Microsoft OS, they should follow certain rules… one of those rules is “Do NOT require admin rights to perform non-admin functions.”
    This is NO DIFFERENT than if I want to post on this site, I must obey certain rules… it is NOT my site– and although what I am POSTING may be my thoughts I MUST COMPLY with the rules of where I post.
    UAC SHOULD NOT be turned off.
    If your software does not work, or causes UAC to go crazy– BLAME THE IDIOT who does NOT know how to program without requiring elevated rights… that programer is lazy and needs to learn how to write code correctly…
    Install Vista, and run the built in software and you will not have the PC Crash… it is when you add THIRD PARTY SOFTWARE that the OS will have problems.
    To MIKE who ask to name an OSx virus—
    MAC Virus in the Wild– (Took me about 30 seconds to find— along with HUNDREDS and HUNDREDS of vulnerabilities)
    OSX/Leap-A or OSX/Oompa-A. The OSX/Leap worm or trojan is spread via instant messenger forwarding itself as a file named ‘latestpics.tgz’
    Source was US-CERT.GOV

  33. Fred and Matt:
    Fred: I am not among the 100 people in the world who run Gentoo. I run SuSe 10, which indeed does have package managers of its own. But when I want to install software of choice, the problem of compiling does come up…
    Trust me, I’ve tried it… perhaps there are shortcuts, but I haven’t been able to find them (perhaps, again, they need time invested in them?).
    Matt: Accept your point about the UAC.
    But why the hell does Windows take up so much RAM? Have you NOTICED that??
    Have you compared with Mac in that respect? (You should, really, as a lot of Windows features are Mac copies – and yes, I now use a Mac after more than a decade of Windows). I’d say Vista is so top heavy owing to the fact that MS had to rush the Vista launch to compete with Mac OS X 10.5 (Leopard) – which it failed to do as it’s so top heavy in the first place!

Comments are closed.