This is really no surprise, but they can harp on about Admin rights until they are blue in the face.
It's to late to change peoples Windows habits

All security has a "price to pay" - in the "nix" environment it means having to type your full password before you can access certain critical processes - before Vista I ran as a standard user not admin so the price I paid was having to "run as administrator" and enter a password to access these similar critical processes.

With Vista, and now Seven I run as a user with both Admin and standard user and the UAC to automate the switch between the two levels - so much easier, just a single click.

I learned my trade in a professional computing environment where data security was one of, if not the, main consideration - so I may not be typical of most home users where security is normally an afterthought but for anybody the odd extra click is a small price to pay for the benefits it provides.

It would be nice if the UAC could remember applications which have been deemed acceptable but this would introduce another potential problem - this list has to be stored somewhere - and malware can be designed to impersonate an item on this list and gain admin rights, so I think that the combination of the system and the users input is the best way.

The education of the users into the "why" of UAC as well as the "how" is the difficult task, but once this is done and developers learn to write for the standard users rights things should be a lot more secure.

The interesting thing is, in my experience, users totally new to computing accept the UAC without a problem, and it's those who grew up with XP and it's bad security design who have most problems.

Just my two cents

Barman58 said:

Just my two cents

Nice, maybe you should do some reporting :)

Barman58 said:

The education of the users into the "why" of UAC as well as the "how" is the difficult task, but once this is done and developers learn to write for the standard users rights things should be a lot more secure.

The interesting thing is, in my experience, users totally new to computing accept the UAC without a problem, and it's those who grew up with XP and it's bad security design who have most problems.

Couldn't agree more.

Gary

I do like the fact that there is more control over UAC in 7 but it still makes it scary to a user that has been using XP & hasn't tried Vista due to its bad press. I have quite a few elderly customers that call me when they get a popup & don't know what to do. I installed Vista for a few of them & they liked it if UAC was off & not asking questions every 5 minutes.

There is such a wide mix of users and abilities, and that's what makes this UAC argument stuff all the more difficult for MS.
They try to insert more security into the system and many long time users yell about the intrusions, many more accept and deal with the intrusions for the added security, and the newer users have no idea what to do...funny mix to deal with 4 sure.

Well put Nigel.
I've been doing this so long now that I don't surf like I used to. I have a few favorite places to go and forums to post too, so the likelyhood that I'll run across a compromised site is almost nill, but that doesn't mean I let my guard down. I do run as Admin most of the time, mainly just to do my normal routines, but if I have to go surfing for some info to help someone with a fix I'll switch to a limited account before I do that.
There may be a better way I know, but this is just how I deal with things, and I have UAC off (i know...bad Chappy.. )

Chappy said:

Well put Nigel.
I've been doing this so long now that I don't surf like I used to. I have a few favorite places to go and forums to post too, so the likelyhood that I'll run across a compromised site is almost nill, but that doesn't mean I let my guard down. I do run as Admin most of the time, mainly just to do my normal routines, but if I have to go surfing for some info to help someone with a fix I'll switch to a limited account before I do that.
There may be a better way I know, but this is just how I deal with things, and I have UAC off (i know...bad Chappy.. )

I agree, I have a handfull of sites I visit everyday & I never go outsite of those unless I'm doing research using Google because thats my best friend.