I was shocked reading this, well almost; maybe not quite, but it seems Microsoft built the UAC prompts into Vista to annoy people and that too on purpose. The idea behind it was to force developers to write more secure code that would not allow for those UAC pop-ups to appear at all. Oh wow, so this is actually a feature then! Silly me, I was really stupid to think it was just an annoyance. So it’s official then, all those popups you encounter in Vista are actually developer’s faults and has nothing to do with MS’. Dumb developers! Somebody better teach them correct programming!
To put things in perspective, it’s not uncommon to have such a system in place. Most modern Linux distros also have a similar concept, ie. either via su, sudo or asking root password while doing admin tasks. Most distros today refuse root access all together. It’s not a bad thing. Root/Admin accounts are notoriously easy to hack into, not to mention most users use root as a default login. Using root as default is dangerous by any standards. However I hate UAC because it is far more annoying than say a sudo. It’s like, it takes me for a retard and pops up for the simplest of operations. In most cases it is unwarranted, and the other reason I hate it so much is because the messages can be really cryptic. Most of the times they look to me as downright disclaimers.
I have no problems with MS trying to make Vista a more secure platform. It’s actually a very good achievement what MS has done with Vista. All previous MS OSes had a very bad reputation for security. All said, Vista is pretty good, probably the best of the MS OSes thus far when it comes to security. However the UAC just goes overboard and that, actually, is the flaw! Most users are not technically savvy and most don’t understand what the hell UAC dialogs tell them. It’s like “WTF is that!” when the dialog pops up. Most people I know just turn off the UAC because it’s annoying. Such systems can get pwnd or infected, thus offsetting all the security Vista provides. A system that was put in place to prevent something ends up actually doing the reverse!
I don’t buy the argument that annoying UAC popups per say will somehow make software vendors write more secure code. I mean just simply having a UAC will make sure that application writers will take enough care so that their application runs on a default Vista setup. My argument is, there is actually no need for any popups at all. Developers who want their applications to run on Vista, will automatically adhere to the UAC concept. I can understand not allowing an application to write to the registry or preventing files being placed in the system area, and this can all be done subtly by not having a popup. It’s as simple as not allowing a file-write/read in the system directory. A developer is smart enough to understand that the file needs to go somewhere else, or the registry value needs to be placed somewhere other than a restricted area. For heaven sakes, most of us who have programmed on *NIX based systems have been doing this for years now and I don’t remember seeing any popups!