New
#71
And here is that answer....Running everything in standard user with UAC off is faster because all of those so called "security" layers aren't operational, and is not needed because the token which is currently used is a standard user. Why waste processor cycles for useless processes? There are lots and lots of malware that uses social engineering that can "bypass" UAC just like that, why waste processing time if with or without UAC you can catch bad things? MIC, UIPI and so on is there so that if a so called malware wants to install it self silently UAC will catch it, but come on, this is 3+ years since UAC is first introduced, are those malware/virus developers really that stupid?
a) When using standard account:
- loss of protective benefits of mandatory integrity control using integrity levels, including User Interface Privilege Isolation and Protected Mode of Internet Explorer
- worse application compatibility due to disabling of file and registry virtualization
- loss of UAC prompt when a program isn't working due to lack of admin rights, which lets the user know why the program failed; some programs will give an informative error message at such a failure, but some won't
- loss of ability to elevate programs through UAC
- switching to admin account to do admin activities is more dangerous (see below)
If you were to work on a Help Desk,, you would know that the more information you can get the better when trouble shooting. You can't always get it direct form the user. Sorry, but they have no clue what they are asking or talking about, they have no idea what they are even telling you when they are trying to tell you what is wrong. The more information the better. Even in a home user environment.
Uhhh,, prove it with,, IE8. ..... .... Yes, there might be safer browsers.. it's called Security through Obscurity.IE, don't use it, it's bad for anything - unless your company is depending it's life on it (which is VERY BAD), still dont' use it (argue your boss to move to another safer browser)... No matter what version, as long it's IE, stay away from it (unless MS can prove otherwise in a wide open public test with several hundred thousand testers and tested for at least a year straight). With LUA or not, stay away from IE period.
But, try convincing any company that has invested a ton of money in a model that does work to change for one that isn't so sure. Sorry,, FF works well for what it does, but put it under certain business models and it chokes.
blah blah blah nix blah blah blahPrivilege elevation is still somewhat doable through "Run as..." context menu, too bad this method doesn't behave as transparent as sudo in *nix.
Answered above already.Once you understand the difference between Admin and Standard user, when you need to do system administration, you login to admin account, do whatever you need (update apps, install new apps [installers has been scanned with AV], update drivers, etc), then log off and use standard user for everything else. You don't use admin to browse the net, especially use IE while in admin account, that's suicidal.
No one is arguing that.You can get malware/virus. With UAC enabled or not, you can still get it, with admin + UAC, your virus/malware will infect your whole system in an instant (there are many thread posts that proofs just that). With LUA, the one that's infected is the limited user's files/account, it won't spread to Windows's core. Login to another user (preferably admin) and clean it up.
Again,, answered aboveThe basic idea of UAC is to let regular Windows user (those who uses admin account all the time) to be able to practice safe computing without learning anything, that's all there is to it. UAC strips you off your admin privileges and saving you in the process. But for those who understands the basics of how multi user environment works, using UAC + LUA is moot, it checks and do everything to strip you out off something you don't have... It's pointless..