UAC...I turned it off and why

The other thread by member Moglex and some of the responses started me thinking about this "feature" in Win7.

I turned it off because I think it's a false sence of security, a royal pain to click, I think I'm experienced , and I already take exstensive precautions.

My system precuations:

I'm the only one who ever uses my Win 7 box
My Win 7 updates are always current
My Norton IS updates are always current and it's also hooked up to Outlook 2007. I don't open attachments from strangers. Period.
I use the Norton Firewall AND my Linksys wrt610N Routers Firewall
Encryption is deployed in my Router for Wireless and it does not transmit my SSID
I manually scan every download via Norton
I have no open ports and run Stealth per uncle Steve at grc.com
I backup every night while my eyes are closed and generate a duplicate of the backup.

I tell all my non geek friends to leave it set the way the install configures Win 7 but they need to do all the other things. My greatest fear is that Sally in North Dakota will rely only on MS/UAC to catch the nasties and forget about all the other things you need to do. I'm not that critical of MS but in many ways I wish they had never placed this feature in Win 7.

What do you think?

 

Seems reasonably fair given that you have your system set up in a well secured fashion.

My system is also well secured but my concern is that at some point I may download something containing malware with a time delayed payload that has not yet been spotted by the security industry.

You are certainly correct in stating that relying solely on UAC is foolhardy in the extreme. I think one of the main problems in computer security is people thinking they are safe because they have either UAC or Anti-Virus or Firewall or Anti-Spyware.

 

ROFLMAO.

So if you've never been burgled you presumably leave your house unlocked and cancel the insurance?

Really, the 'I've got away with it so far so what's the point?' argument does not come within the boundaries of common sense.

That's quite different from performing a careful cost-benefit analysis as Steve_S has done.

I've used many systems for many, many, years without suffering from malware but I do not intend to become complacent.

If you cross a railway track at night without looking the odds are very good you won't get hit but you'd be pretty daft to let that fact guide your decision as to whether a good look was worthwhile.

 

I think the point Steve R was making is that it is precisely because he used common sense he's never been attacked And I'm pretty sure he has other security measures in place.

 

Possibly, but that isn't what he said.

He said he 'put on a common sense hat' and then realised he'd never been attacked and probably wouldn't be.

That's quite different to saying that you did an audit of your security and came to an informed decision that one particular aspect was more trouble than it was worth.

That is way beyond 'common' sense. It requires considerable experience of the nature and frequency of threats and the precautions taken to counter them.

To equate common sense with deactivating security because you've never been 'attacked' before is to give out entirely the wrong message.

 

Good idea.

If you are suffering the ill effects of a night on the sauce it's probably not the best time to be trying to have a sensible discussion about system security.

 

Sorry, Steve, but that's a really, really, stupid attitude.

You could just as well go back and ask people the same question with respect to anti-virus, firewall and anti-spyware. (not to mention such things as locks, fuses, seat belts, etc.)

As I said earlier, if you know what you're doing and perform a careful analysis of your system and the threats it might face you may well decide that UAC is something you can live without.

That is most emphatically NOT the same as saying that because you've never suffered an attack you should turn off security software willy-nilly.

In my case, I don't find UAC to be particularly intrusive so, as (again, for reasons stated earlier) it provides a useful last ditch protection, I'm happy to leave it switched on.

Funny, you certainly don't sound too happy . And I'm unsure why you believe you can speak for everyone.

Which is entirely your own decision but not one I think you should be recommending as generally applicable, particularly as this is a forum that is undoubtedly read by people with very mixed levels of experience.


BTW, I should probably add that I more or less skipped Vista, where, I believe, UAC was a great deal more intrusive than it is in W7, which might be why I haven't found a good reason to turn it off.

After the first few days of setting up the W7 system it's hardly triggered until the glitch a couple of days back.

 

Fast is never fast enough...

Point taken.

My opinion: The way I see it the issue is who will react first and in a timely manner to your/our concern and then deploy the fix. I don't have a bone to pick with MS but my guess is that Symantic would be the first kid on the block to deploy a fix to their installed base and a post/link to the Internet population. It's what they do. It's their sole focus and their track record is pretty darn good. I'm using Symantic in this thought because it's what I use but their are certainly other AV/IS programs that would also react quicker than MS.

In my view it's really not fair to exspect a monolithic Corp like MS to react as quickly as Symantic. This has everything to do with the structure of MS and nothing to do with the individual talents of it's geeks. My gosh, memoes, staging, numerous people to sign off on an update. All understandable and part of the equation.

BTW, team Member Whiskeyman authored a great article on UAC at http://arstechnica.com/microsoft/news/2009/03/opinion-ms-should-kill-win7-uac.ars Worth a read.

 

Have large family, kids and their friends through a local network. Have never had a issue ... running minimal 3rd party apps. Along with AV on all computers, router/hardware protection via NAT and SPI. OpenDNS is network DNS at router lever for network .. with all options / Advance Settings used. THe rest of my protection is of a "Proactive" approach. A concern of Moglex is something new or time delayed attack ... this a a very real problem ... one with NO 100% solution. Any security program can fail. If it happens, it happens. The industry learns from the mistake and incorporates it the next update. The "Proactive" approach is accepting this and protect yourself via "Image and Data" backups. This approach requires dedicated HDD(s), timely (automatic is simply a setting options) backups. It also provides additional support for hardware failure, application corruption and .... human error ... an equal or possible larger problem when a computer becomes unstable / unusable. I've decided years ago, have a solution to rebuild from the ashes ... some things in life you have no control over ... accept it or get burned.

 

Absolutely.

Over the years I've seen too many people - some of them literally in tears - who have suddenly realised that they have lost large quantities of work and have no backup.

On the other hand that does not meant that I actually want to go to the trouble of invoking a full rebuild.

So whatever precautions I can take that don't cause me major harassment during day to day activities I will take.

UAC (at the moment) belongs in that category. It rarely triggers on my systems (apart from one small glitch), and, whilst it's not going to stop a sophisticated malware developer, it will certainly make life harder for script-kiddies and others of that ilk.

 

For my computer, running a complete "C drive restore" takes about 3 minutes. Most plain Jane OEM's 3-7 years old restoring from a USB attached HDD may take 30-45 minutes .. a simply solution for numerous issues we all run into with computers.

 

LOL, interesting point.

On my system with a its SSD and ESata the restore would probably be quicker than subesequent boot!

However, I'd still rather not get infected in the first place.

 

Probability

Everyone thinks differently so there will likely be no universal and total agreement on anything, including computer security. We all (at least most of us) think we have security nailed. I have to keep reminding myself that even though I have never been attacked by any serious malware, the probability is that the longer I meander through the web world the greater the probability that I will be.