Site icon Liquidmatrix Security Digest

Vista’s UAC Security Was Designed To Annoy

Here is a great article from Ars that sheds some light on the thought process that went into Vista’s UAC from RSA 2008. Microsoft thought that death by a thousand pop ups was a good idea.

From Ars Technica:

User Account Control is easily one of the most hated features of Windows Vista, according to readers. The seemingly endless stream of UAC pop-ups, asking you to confirm this action or that action, just get in the way (and aren’t particularly zippy, given the screen redraw). Others don’t mind UAC, but there’s no doubt it’s a controversial “feature” of the OS.

At the RSA 2008 confab in San Francisco, Microsoft admitted that UAC was designed, in fact, to annoy. Microsoft’s David Cross came out and said so: “The reason we put UAC into the platform was to annoy users. I’m serious,” said Cross.

This isn’t a total revelation. UAC was designed to get in your face; it’s all about that “hey, you sure about that bauddy?”, second-guessing thing. It’s a less intimidating, less entertaining version of Clint Eastwood saying, “do you feel lucky, punk?” All this because you wanted to do something unimpressive like view all running processes on your system or install GAIM.

What makes UAC annoying is that it’s a half-breed of sorts. UAC is not a security barrier, which is one of the reasons why users hate it: they don’t see the point in a process elevation alert box that asks you to click “OK,” as opposed to inputting a password when you’re an admin.

Read on. Quite an interesting piece.

Article Link

Exit mobile version