Digging Deeper into UAC

Why UAC Is Good, after All

The basic point of UAC is simple: by raising the Consent UI every time we're going to do something that requires administrative powers, then we will be more aware of when we're doing administrative things. But, as I've already observed, being reminded of something that I already know can be blasted infuriating. So how does this help? Well, as I said in the Introduction, it wasn't until June of 2006 that I saw any value at all in the whole idea of UAC. As far as I was concerned, it was, again, nothing more than an "are you sure?" dialog box, and something that pokes a particular sore spot of mine. You see, for years I have only half-joked that if I could have just one wish for Windows, it would be a Registry entry in HKEY_LOCAL_MACHINE\SOFTWARE\ Microsoft\Windows NT\CurrentVersion called NeverQuestionMarksJudgment of type REG_ DWORD. In this fantasy, I'd just set that entry to 1, reboot the system, and never, ever, get any more confirming dialog boxes. Given that perspective, you can see that I wouldn't seem to be a candidate for liking UAC.

UAC Benefits for Users

Despite all that, I haven't really come to like UAC. Yes, clicking the Consent UI is irritating, although you get used to it. But to understand my point of view, think of UAC as having two very different kinds of benefits. First, there's what it can do both for veterans like myself (and, if you're reading this book, what it can do for you as well, more than likely), and, second, there's what it does for the less-technical Windows users.

The less-technical Windows users will, I hope, soon learn that the Consent UI is a "wake up!" call. When they're surfing around and some website says "click here to read your horoscope" or something like that and they click it, but that click triggers the Consent UI, then maybe they'll have learned enough to stop and say, "hmmm…clicking on a hyperlink doesn't usually cause Windows to gray out the desktop and put that dialog box thing up…maybe I'd better click Cancel," and thus avoid installing a piece of unwanted spyware. That'd be really nice.

UAC Benefits for Admins

But what about us techies? Isn't UAC pointless? No, I don't think so. When you first got started working with NT, or Unix, Linux, OS/X, or whatever OS you first worked with that involved user accounts where some accounts had little power and others had more power, someone probably told you a basic thing about keeping your computer secure: don't spend all day logged in as an administrator. Or, rather, someone might have told you that, but observing the behavior of others around you probably taught you that that was what we're supposed to do, but that we usually don't bother with. It's just too much trouble to run as a user and, in fact, anyone who's ever tried to use Window 2000 Professional or XP for a few days as a user has discovered that in many cases a regular old user just plain can't get anything done. Applications that are just plain get-a-job-done-not-manage-the-computer applications, what many call "productivity applications" rather than administrative tools, often fail if you're not running as an administrator, including such common tools as Internet Explorer, Outlook Express, and Outlook.

UAC as a Transition Tool

Most people who try to just log on as a standard user in XP soon run into so many things that don't work that they soon surrender and just spend all of their time behind a keyboard as an administrator-and that's been true for every other version of NT that I can recall. As a result, we're all just mentally "stuck" on the notion that we run as admins all of the time without even thinking about it; it's culturally embedded in the Windows world. The problem with spending all of your time logged on as an admin is that we all make mistakes; a few times I've clicked "delete" when I meant "rename" on some program file, or perhaps I might've inadvertently clicked "Yes" to that offer of installed spyware when I thought I was pointing at "No." In both cases, the operating system could have saved me from myself with its built-in protections, protections created with situations like this in mind, but it couldn't because when I'm logged in as an administrator, all of the safety features are off-the seat belts have been removed, the air bags shut off, and the roll bars taken out. Most of the time I don't have collisions or roll vehicles, but were I to, I'd be happy that I had those things.

With Vista, Microsoft has tried to remove the need to be an administrator in order to do day-to-day productivity activities like surfing the Net or reading e-mail. Whether they've succeeded or not is one that you'll have to decide for yourself, but I strongly suggest that you give living as a standard user in Vista a try before deciding to just chuck UAC "out the Windows," so to speak, and in the rest of this chapter I hope to give you the tools to be able to do that. Anyway, what I'm saying here is that we really need to change the culture of Windows techies and get us all running as standard users, and certainly I'm not the first person to say that.

Cultural change is difficult, but not impossible; the Unix folks went through this years ago. When you install Unix or Linux on a system, you get an account named "root" that acts like the Windows "administrator" account: it's all-powerful and that's great to use when configuring a system, but can lead to making mistakes that can cause real damage to a system that could have been avoided had you run as the Unix equivalent of a standard user. For years, everyone who used Unix spent their days logged on as root, but the folly of that soon became apparent. People tried to run as a standard user, but many Unix apps wouldn't run for standard users. Over time, Unix developers learned to write applications that could run as standard users, and nowadays most people use Unix or Linux boxes from standard user accounts rather than root, and it works fine, but it did take time to retrain both the users and the developers. In fact, the Mac OS, which you may know is built atop a variety of Unix called "BSD," has a root account, but I'm told that Apple will void your warranty if you ever log on as root! Windows is undergoing the same sort of change, and there will be some growing pains in the changeover-but it's worth it.

You know, looking back at the last few paragraphs, I'm reminded that I almost subtitled this chapter, "…Cod Liver Oil for Your PC." I've spent over two decades telling people about what their computers can do for them, revealing cool things that they might not know, and talking about how to work around annoyances; I'm not used to doing what feels like nagging people to be sure to wash behind their ears and floss-but in this case (UAC, not the ears and flossing), I think it's for the best, so please forgive me if I sometimes end up sounding a trifle like a finger-wagging preacher warning you of fire and brimstone!

I started this discussion by saying that while UAC might not be of all that much value to techies who are savvy enough to know not to click on those spyware-installing links and would never open up an unexpected attachment, it might help out in another way. That's why I've been talking about the process of cultural reacclimation from the current state of affairs to one where we spend most of our time logged on as an administrator; what's UAC got to do with that? Simple: you will still need to do things as an administrator now and then even in the bright future where we can spend our days as standard users, but it's a pain in the neck to have to log off the standard user account and then log back on as an administrator and back again. Windows 2000 tried to make that a bit less painful with the RunAs feature, but it was uneven and hard to make work for some programs. UAC, in contrast, acts as a kind of super-RunAs when you run as a standard user. We'll talk about how it works later in this chapter, but when you see it, then I think you'll agree that it makes the transition easier. Additionally, even if you still log on as an administrator all of the time, UAC has the effect of making you run as a standard user anyway-and I'll explain that too.