UAC. Have you turned your's off?

when I had UAC running at high it didn't do anything to prevent that software from compromising the system.
Of course it didn't. That's not what it is supposed to do. The UAC system does NOT prevent a machine from being infected. The UAC system does not stop a virus. The UAC system does NOT prevent malware from being installed. You might was well have said, after running the UAC system my computer's hard drive still became fragmented over time.

The UAC system informs you, the admin, when an application is trying to elevate itself to have admin rights. If you have the slider bar all the way to the top, the UAC system will inform you, the admin, when you do something that needs to elevate to admin status. Either way, if you say yes, it elevates and does WHATEVER it was going to do. The UAC system does not step in and further try to prevent anything from happening.

I still cannot believe how many people think that UAC is supposed to stop these types of problems. It's a notification system, it allows you to escalate to an admin without switching user accounts. It does not provide the functionality of an AV application or an anti-malware application.
sorry for not being totally clean, it didn't inform me at all that the software was doing something that wasn't good like giving itself admin rights under a user account
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64Intel Core i7 2670QM 2.2GHz 3.3GHz Turbo Mode12GB Dual Channel DDR3 at 1333MHz2GB GDDR5 AMD Radeon 6990M
Computer Manufacturer/Model Number
Alienware M17x R3
OS
Windows 7 Ultimate x64
CPU
Intel Core i7 2670QM 2.2GHz 3.3GHz Turbo Mode
Memory
12GB Dual Channel DDR3 at 1333MHz
Graphics Card(s)
2GB GDDR5 AMD Radeon 6990M
Sound Card
Audio Powered by Klipsch
Monitor(s) Displays
17.3-inch WideFHD 1920 x 1080 60Hz WLED
Screen Resolution
1920x1080
Hard Drives
120GB SSD slot 1
1TB HDD slot 2
Case
alienware laptop case
Cooling
Dual heatsink and fans
Keyboard
Alienware multi color keyboard
Mouse
logitech G300 gaming mouse
Other Info
Intel® Centrino Advanced-N 6230 2x2 agn+ Bluetooth

finally got it!!!
sorry for not being totally clean, it didn't inform me at all that the software was doing something that wasn't good like giving itself admin rights under a user account

If you didn't get a UAC prompt and you had it on, that could mean one of two things.

A) It doesn't do any system alteration instead it is a user level attack which only effect the user account. C:\User\[your-username] does not require any special priviliges as long as you are the user in question.

B) The permissions (could be file ACLs, or any ACLs) on the system have been compromised which allows the malware to write to select locations without provoking UAC.
 

My Computer My Computer

At a glance

Windows 10 Pro (x64)Intel Core i7-3930K (3.2GHz - 4.5GHz)4x Samsung 4GB PC3-12800 DDR3 (16GB 1600MHz)Nvidia Geforce GTX 690
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Alienware Aurora ALX R4
OS
Windows 10 Pro (x64)
CPU
Intel Core i7-3930K (3.2GHz - 4.5GHz)
Motherboard
Alienware Aurora-R4 x79
Memory
4x Samsung 4GB PC3-12800 DDR3 (16GB 1600MHz)
Graphics Card(s)
Nvidia Geforce GTX 690
Sound Card
SteelSeries Siberia Elite
Monitor(s) Displays
Dell UltraSharp U3011
Screen Resolution
2560x1600
Hard Drives
Samsung 850 Pro 256 GB, Seagate 1TB Desktop Hybrid HDD, 2x Western Digital 4TB Green HDD
PSU
875W Some Dell PSU <.<
Case
Alienware Aurora ALX
Cooling
Custom Liquid Cooling (EK CPU & GPU blocks) dual EK 480RAD
Keyboard
Logitech G710+ Mechanical
Mouse
Logitech G700s
Internet Speed
Verizon Fios (50 mbps average)
Other Info
Server: Intel NUC D54250WYK: i5-4250U, 16GB, 256 GB mSATA, Windows Server 2012 R2
...the biggest problems is always the USER. Now I run my computer as an admin account 100% of the time...

Mistakes


how is this a mistake, My account has admin rights, I normally do things that need those rights daily and changing accounts all the time is well time consuming. I take precautions like system restore, weekly full system back ups etc etc I have 20+ years of a secure system minus the issue with my router which really wasn't much of an issue as they didn't access anything since I caught the access before they could reach any files. I even test what virus do to my computer in VPC and not once infected the host. I even stalled software knowing it would get my system infected and couldn't get the results others got with infection.

logicearth, from what i have read in this thread UAC should warn me when software is trying to install somehthing beyond itself, this social networking ad software did just that installed a second program which gave it admin rights, I wasn't able to reproduce the same results on my system (didn't want to leave it infected for 2-3 months) but I do know it wanted internet access and tried to access my email and even changed my default programs. AV software reported the infection as a trojan. Granted after confirming infection etc I used a backup to restore my system.
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64Intel Core i7 2670QM 2.2GHz 3.3GHz Turbo Mode12GB Dual Channel DDR3 at 1333MHz2GB GDDR5 AMD Radeon 6990M
Computer Manufacturer/Model Number
Alienware M17x R3
OS
Windows 7 Ultimate x64
CPU
Intel Core i7 2670QM 2.2GHz 3.3GHz Turbo Mode
Memory
12GB Dual Channel DDR3 at 1333MHz
Graphics Card(s)
2GB GDDR5 AMD Radeon 6990M
Sound Card
Audio Powered by Klipsch
Monitor(s) Displays
17.3-inch WideFHD 1920 x 1080 60Hz WLED
Screen Resolution
1920x1080
Hard Drives
120GB SSD slot 1
1TB HDD slot 2
Case
alienware laptop case
Cooling
Dual heatsink and fans
Keyboard
Alienware multi color keyboard
Mouse
logitech G300 gaming mouse
Other Info
Intel® Centrino Advanced-N 6230 2x2 agn+ Bluetooth

finally got it!!!
...the biggest problems is always the USER. Now I run my computer as an admin account 100% of the time...
Mistakes
how is this a mistake, My account has admin rights, I normally do things that need those rights daily and changing accounts all the time is well time consuming.

The real title of this thread is "Do you use an admin account for daily tasks?" - a practice which is universally condemned by every noteworthy computer security specialist on the planet. UAC is a mere side-effect of that question.

In this context, "security" means having control over the movement of information on your computer. In an ideal world, your own information would never leave without your knowledge, and no code would ever enter your machine without your permission. Relying on an admin account for daily tasks reduces the level of control over the movement of information, and thereby lessens security.

Whenever you execute any code as an admin you are totally and completely entrusting your computer and all its information to the author of that code, as well as the authors of any code dependencies, and their dependencies in turn, and so on. From humble freeware to commercial apps costing thousands, all software is made up of imports and helper libraries whose complexity makes it difficult to discern the real author of a given app, let alone whether all of that imported code is entirely trustworthy and free from unintentional security defects.

Counter-intuitively, it is much harder to spot inadvertent security breaches than purposeful maliciousness. AV utilities aim for the latter - their sole purpose is to detect patterns representing known attack code. Where it gets really hard is when you try to understand how the presence of an app or a given code library and its dependencies may substantially reduce the level of security without intending to do so. That's part of what UAC does.

XP was designed and released before MS fully embraced LUA principles. While it was theoretically possible to stay with a non-admin account for daily use, in practice it was too impractical. There was no app and registry virtualisation, no UAC, and most developers still wrote code which assumed the user is an admin. Elevation had to be done so frequently and pre-emptively that it may as well have been permanent.

In Vista and Win7 the OS is designed to make LUA practical and UAC is a big part of that. By detecting and flagging attempts to use privileged functionality, UAC makes it possible to avoid reliance on admin accounts while still making use of software which assumes an administrative context.

With UAC disabled, you're most of the way back to XP in terms of LUA practicality; that is, it's impractical - you have to use an admin account for daily tasks. Personal testimonials about how through skill and good fortune you've managed to avoid getting pwned for 20 years are frankly neither here nor there. What matters is "best practices" stuff.

Until and unless you manage to find a computer security authority willing to advocate the use of privileged accounts for routine tasks, I'd suggest re-evaluating your stance. It's no accident that every major OS is either moving in that direction (Windows) or has been firmly in that camp from day zero (UNIX, Linux, every mainframe and minicomputer OS,...).
 

My Computer My Computer

At a glance

Win7x64
Computer Manufacturer/Model Number
Multiple machines in various stages of decomposition.
OS
Win7x64
I will have to admit that I have changed my working practice since moving to Vista - With XP and Win200 & NT before them I would never think of running as an admin now I switch UAC on and use the convenience that gives me to run as an admin.

With previous operating systems you ran as a standard user and then logged in as an Admin, (domain or local dependent on needs), to perform admin tasks. The alternative was to run the "runAs" addon, (from the SDK), which involved entering your full username and password, what a relief the UAC was when I first ran Vista.

OK my background may not be the normal user background but I find that others with my type of usage history in secure systems will also not have an issue with UAC.

If a user decides to run with UAC disabled then that is their choice, on their own system, just don't expect to have the option on any system I manage :p

PS one of the first things I install on any XP system I install is Comodo's Defence+ which acts as a similar information source as provided by UAC ;)
 

My Computers My Computers

  • At a glance

    Windows 11 Pro x64 [Latest Release and Releas...Ryzen 9 5950X, 3.8 - 5.2 MHz64GB [2 x 32GB] DDR4 3200MHz4GB NVIDIA GEFORCE GTX 1650 Ti
    Computer type
    PC/Desktop
    Computer Manufacturer/Model Number
    ChillBlast - Custom to my design
    OS
    Windows 11 Pro x64 [Latest Release and Release Preview]
    CPU
    Ryzen 9 5950X, 3.8 - 5.2 MHz
    Motherboard
    Asus Prime X570-Pro
    Memory
    64GB [2 x 32GB] DDR4 3200MHz
    Graphics Card(s)
    4GB NVIDIA GEFORCE GTX 1650 Ti
    Sound Card
    On-board SPDIF to 5.1 System + HDMI [5.1 system]
    Monitor(s) Displays
    32" UHD 32 Bit HDR Monitor + 43" UHD 4K 32Bit HDR TV
    Screen Resolution
    2 x 3840 x 2160 @60Hz
    Hard Drives
    1TB M2 SSD OS, 500GB Fast Access SSD, 2 x 8TB Data + Various Externals from 1TB to 4TB, 10TB NAS
    PSU
    NZXT C750 80 PLUS Gold 750W Modular PSU
    Case
    Workstation Case [Matt Black]
    Cooling
    NZXT Kraken X63 280mm CPU Cooler +2x Quiet Case fans
    Keyboard
    Logitech Wireless MX Keys & K400 + others
    Mouse
    Logitech Wireless MX Master 3S
    Internet Speed
    920 MB Down 50 MB Up
    Antivirus
    BitDefender Total Security Pro
    Browser
    Chrome (always run latest Non-Beta)
    Other Info
    Also run ...
    Laptop - Quad 8GB - Windows 10 Pro x64
    Nexus 7 Android tablet x2
    Samsung 10.2" tablet
    Blackview TAB 8 4G Android Tablet c/w Keyboard
    Wacom Intuos Pro Medium Pen Pad
    Wacom Intuos Pro Small Pen Pad
    Wacom Expresskeys Remote
    Loopdeck+ Graphics Controller
    Shuttle Pro v2 Control
  • At a glance

    Windows 11 Pro x64 Latest RPIntel I7 10750H 5.0GHz32GB [2x16GB] DDR4 2933 MHznVidia GTX1650Ti 4 GB GDDR6
    Computer type
    Laptop
    System Manufacturer/Model Number
    Dell XPS 17 10750H
    OS
    Windows 11 Pro x64 Latest RP
    CPU
    Intel I7 10750H 5.0GHz
    Motherboard
    Dell XPS
    Memory
    32GB [2x16GB] DDR4 2933 MHz
    Graphics Card(s)
    nVidia GTX1650Ti 4 GB GDDR6
    Sound Card
    Stock [Realtek] 4 Speaker
    Monitor(s) Displays
    17" IPS UHD+ Infinity Edge Touchscreen
    Screen Resolution
    3840 x 2400
    Hard Drives
    2TB M2 NVMe, 4TB External + various 500GB & 1TB External NVMe (also have access to spinner HDD from
    PSU
    Stock
    Case
    Stock XPS Aluminium & Carbon Fibre
    Cooling
    Stock - Active Fan Control
    Keyboard
    Backlit + Various Logitech
    Mouse
    Stock Track Pad + Logitech MX Trackball
    Internet Speed
    72 MB Down 18MB Up
    Browser
    Chrome
    Other Info
    Also run ...
    Laptop - Quad 8GB - Windows 10 Pro x64
    Nexus 7 Android tablet x2
    10.2" tablet
    Sony Z3 Android Smartphone
    Wacom Intuos Pro Medium Pen Pad
    Wacom Intuos Pro Small Pen Pad
    Wacom Expresskeys Remote
    Loopdeck+ Graphics Controller
    Shuttle Pro v2 Control Pad
    10TB NAS
One of the first things I did after installing Windows 7, was to turn the UAC completely off to stop getting those annoying messages.
I have just read in this months PCPlus magazine that you should alter the default settings in UAC and slide the thing right to the top to give yourself more protection!
I'm not sure what's best now?
Have you turned yours off?
Yes all the way to the bottom.
 

My Computer My Computer

At a glance

Windows® 8 Pro (64-bit)Intel® Core™ i5 Processor 2467M (1.60GHz, 3MB...6GB DDR3 System Memory at 1,333MHz (on BD 4GB...AMD Radeon™ HD7550M 1GB DDR3 (Ext. Graphic)
Computer Manufacturer/Model Number
Samsung NP530U4B-S02IN
OS
Windows® 8 Pro (64-bit)
CPU
Intel® Core™ i5 Processor 2467M (1.60GHz, 3MB L3 Cache)
Motherboard
Samsung Electronics
Memory
6GB DDR3 System Memory at 1,333MHz (on BD 4GB + 2GB x 1)
Graphics Card(s)
AMD Radeon™ HD7550M 1GB DDR3 (Ext. Graphic)
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
35.56cm (14.0) SuperBright 300nit HD LED Display
Screen Resolution
1366x768
Hard Drives
1TB S-ATA II Hard Drive (5400RPM) with ExpressCache 16GB SSD
Internet Speed
sucks
Antivirus
Microsoft Security Essentials
Browser
Google Chrome (Sync enabled)
I guess my issue is with restricting myself because of security it falls back to what do I want to give up for security and my personal answer is nothing. Granted my virus free stint may just be dumb luck but with a little thought about risk over gain I have been able to keep my personal info on my computer safe. So I guess my point is I am not willing to give up something to have a sense of security. I say sense because I know first hand as others may also that there will always be someone who finds ways around the security put into place, so I am not willing to live in fear of attack and if I have anything on my computer worth losing then no matter what security I have in place doesn't matter because I am still willing to risk it. So if someone wants my MRI scans my personal pictures they can have it, I don't have anything that would risk my money, so basically the only value my laptop has is the laptop itself.

Shoot I saw a news report about software that would allow a user to gain access to cell phones and be able to listen or see what happens with said phone, are we going to find ways to make cell phones more secure and give up ease of use to stop this type of attack? or are we not willing to give up the freedom of cell phones for the just in case of attack.

Security no matter on a computer, cell phone or your home its just a barrier that others can defeat if willing and I personally won't be held hostage to fear.
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64Intel Core i7 2670QM 2.2GHz 3.3GHz Turbo Mode12GB Dual Channel DDR3 at 1333MHz2GB GDDR5 AMD Radeon 6990M
Computer Manufacturer/Model Number
Alienware M17x R3
OS
Windows 7 Ultimate x64
CPU
Intel Core i7 2670QM 2.2GHz 3.3GHz Turbo Mode
Memory
12GB Dual Channel DDR3 at 1333MHz
Graphics Card(s)
2GB GDDR5 AMD Radeon 6990M
Sound Card
Audio Powered by Klipsch
Monitor(s) Displays
17.3-inch WideFHD 1920 x 1080 60Hz WLED
Screen Resolution
1920x1080
Hard Drives
120GB SSD slot 1
1TB HDD slot 2
Case
alienware laptop case
Cooling
Dual heatsink and fans
Keyboard
Alienware multi color keyboard
Mouse
logitech G300 gaming mouse
Other Info
Intel® Centrino Advanced-N 6230 2x2 agn+ Bluetooth

finally got it!!!
I guess my issue is with restricting myself because of security it falls back to what do I want to give up for security and my personal answer is nothing.

Everyone gets to choose to what extent they are willing to trade off short-term convenience for security. If I understand correctly, you're saying that you favour convenience in this context, and that is understandable given the statement below...

So if someone wants my MRI scans my personal pictures they can have it, I don't have anything that would risk my money, so basically the only value my laptop has is the laptop itself.

If the value of the hardware far outweighs the value of the data on a given machine, then it makes perfect sense to move the convenience/security slider a little more towards "convenience".

By extension, disabling UAC is the inappropriate choice when emphasis is placed on the data and/or the time and effort invested in configuring a given software environment.

Thank you for an interesting discussion :)
 

My Computer My Computer

At a glance

Win7x64
Computer Manufacturer/Model Number
Multiple machines in various stages of decomposition.
OS
Win7x64
Single power user = nothing above initial account.
Yes there is. First of all the all powerful user on Windows is SYSTEM. It has even more power then the Administrator account. The Administrator account has more power then those accounts that are part of the Administrators group. And the permissions that are applied to the Administrators group can be revoked very easily because everything in Windows is governed by ACLs and those ACLs are configurable to micro levels.

I do not expect you to know the how deep ACLs really go in Windows or how user accounts are handled.

I played around in XP as SYSTEM. I know more than you think I do, but I'm done with this argument; it's not going anywhere.
 

My Computer My Computer

At a glance

7 Ultimate, Debian Squeeze, #! StatlerAMD 4450e 2.4GHz, Intel P4 3.0GHz, PowerPC 40...
Computer Manufacturer/Model Number
Dell Dimension 3100, iMac G3, Custom built
OS
7 Ultimate, Debian Squeeze, #! Statler
CPU
AMD 4450e 2.4GHz, Intel P4 3.0GHz, PowerPC 400MHz
Single power user = nothing above initial account.
Yes there is. First of all the all powerful user on Windows is SYSTEM. It has even more power then the Administrator account. The Administrator account has more power then those accounts that are part of the Administrators group. And the permissions that are applied to the Administrators group can be revoked very easily because everything in Windows is governed by ACLs and those ACLs are configurable to micro levels.

I do not expect you to know the how deep ACLs really go in Windows or how user accounts are handled.

I played around in XP as SYSTEM. I know more than you think I do, but I'm done with this argument; it's not going anywhere.
...Or you cannot argue to the contrary...:sarc:

Hit and Run I suppose...
 

My Computer My Computer

At a glance

Windows 7 Home Premium x64 - Mac OS X 10.6.4 x64Intel Core 2 Duo T9300 2.5 GHz4GB Kingston DDR2-800NVIDIA Geforce 8600M GT (512MB Model)
Computer Manufacturer/Model Number
Compal JFT02 (Custom Build Laptop)
OS
Windows 7 Home Premium x64 - Mac OS X 10.6.4 x64
CPU
Intel Core 2 Duo T9300 2.5 GHz
Motherboard
JFT02
Memory
4GB Kingston DDR2-800
Graphics Card(s)
NVIDIA Geforce 8600M GT (512MB Model)
Sound Card
Realtek HD Audio
Monitor(s) Displays
WUXGA Standard Laptop Display
Screen Resolution
1680*1050
Hard Drives
Toshiba 320GB 5400RPM Laptop HD
PSU
Standard Laptop Power Supply
Case
Standard Laptop Case
Cooling
Standard Laptop Cooling
Keyboard
Standard Laptop 105 Key-Keyboard
Mouse
Synaptics Touchpad
Internet Speed
Verizion Online DSL 3360/864 kbs (dl/up)
...Or you cannot argue to the contrary...:sarc:

Hit and Run I suppose...

Please don't insult me. I haven't said a thing about you.

This argument derailed a while ago and the thread even moved on. I'm not here to beat my chest. I'm comfortable with my system and how I run it. If you wish, I can let you know next time I get a virus.
 

My Computer My Computer

At a glance

7 Ultimate, Debian Squeeze, #! StatlerAMD 4450e 2.4GHz, Intel P4 3.0GHz, PowerPC 40...
Computer Manufacturer/Model Number
Dell Dimension 3100, iMac G3, Custom built
OS
7 Ultimate, Debian Squeeze, #! Statler
CPU
AMD 4450e 2.4GHz, Intel P4 3.0GHz, PowerPC 400MHz
Back
Top