Welcome Guest ( Log In | Register ) | Resend Validation Email |
kyonpalm | Posted: Jun 11 2013, 05:54 PM | ||||
Professional Amateur Group: ADMINISTRATOR Posts: 10,568 Member No.: 30,882 Joined: Oct 16th 2008 Location: Laniakea |
>2011+2 >not disabling UA--
| ||||
Proud Contributor of the Music Section Revival Project |
Lebon14 | Posted: Jun 11 2013, 06:33 PM |
🎧 Group: Advanced Members Posts: 6,594 Member No.: 18,005 Joined: May 25th 2006 Location: Canada | @kyon See, at the normal level, it doesn't even annoy me. UAC bothers in if... - Software that needs admin powers (Software install, Hardware-monitoring software, legacy software, etc) - File manipulation that are in the system folders. - Running as admin (duh) - Opening Regedit So, if you don't install much software or doesn't do much special customization, you shouldn't even run into UAC that much. Legacy software may need admin powers and those triggers UAC. However, those are incredibly rare. Only two comes to my mind: Adobe audition v1.5 and v2. Because it needs Aero off and need Admin power to do so. Also, I don't see why a picture viewer would need, in any shape or form, some kind of admin power to view a simple GIF file. However, UAC offers me a layer of security and disabling that to remove said layer for a single nagging program, I don't think it's worth it. UAC saved my ass in the past, so, no. |
Proud Contributor of IDW Forums and the Music Section Revival Project |
kyonpalm | Posted: Jun 11 2013, 06:38 PM | ||
Professional Amateur Group: ADMINISTRATOR Posts: 10,568 Member No.: 30,882 Joined: Oct 16th 2008 Location: Laniakea |
Out of curiosity, can you describe that event? | ||
Proud Contributor of the Music Section Revival Project |
Lebon14 | Posted: Jun 11 2013, 07:05 PM | ||||
🎧 Group: Advanced Members Posts: 6,594 Member No.: 18,005 Joined: May 25th 2006 Location: Canada |
Well, I installed a software but then, said software, when trying to update, wanted to install more than it should and the "more" part is adware/spyware kind of thing. A UAC popup alerted me that a certain software tries to run with admin power in the background, the kind of software that was NOT initiated by me. Also, most power users I met online, especially in computer help, recommanded to let UAC on at the normal level. Now, if that was Windows Vista, I would say "YES, disable UAC for christ sake!" since that the single setting is to turn on or off and nag you the moment you want to change the smallest setting. But, on Windows 7, leaving it as-is, for normal usage, you shouldn't encounter it unless you are installing some software. You can change as many things in Control Panel and unless it affects the whole system, you shouldn't see UAC in action. Try it out for a single week at default level.
Also. I found my alternative. XnView. Plays GIF, no admin power needed and does exactly what the Windows' Picture Viewer has been doing and more. This post has been edited by Lebon14 on Jun 11 2013, 07:07 PM | ||||
Proud Contributor of IDW Forums and the Music Section Revival Project |
Sensation! | Posted: Jun 11 2013, 07:15 PM | ||
As expected of country grown vegetables Group: Special Snowflake Posts: 2,330 Member No.: 19,520 Joined: Aug 14th 2006 Location: Redondo Beach, CA. |
No, really, do it. And once that is done, Consider this for your next purchase if you still want a powerful machine. Image size reduced, original size: 800 x 633. Click here to view the image in its original dimension. I really don't mean to sound like an ass when I say this; but if you need UAC to prevent you from doing stupid shit, turn off your computer. Get a Mac. Everything works great out of the box and you can prod yourself into believing that it's more secure than windows with UAC enabled, because it probably is. Common Sense Security 2013 edition works wonders and has never failed me. And don't say you visit shady Eastern European sites often and that it requires you to have UAC on to not get malwared, because it doesn't. Knowing where you are and what you're clicking on are the rules of the road man.... | ||
Lebon14 | Posted: Jun 11 2013, 08:04 PM | ||
🎧 Group: Advanced Members Posts: 6,594 Member No.: 18,005 Joined: May 25th 2006 Location: Canada |
UAC + Antivirus + Common Sense 2013 edition = best practice ever. End. UAC doesn't bother me when it appears in the right places for the right reasons. End of discussion. Mac? NEVER. Better be in Jail than use a Mac. | ||
Proud Contributor of IDW Forums and the Music Section Revival Project |
Nomake Wan | Posted: Jun 11 2013, 10:53 PM |
ShiMACHaze Group: Advanced Members Posts: 19,542 Member No.: 5,394 Joined: Feb 5th 2005 Location: Drydock | I'm sorry Lebonbon, but you're wrong. The reason UAC is 'less annoying' in Windows 7 is two-fold. For one, Microsoft caved to customer complaints and artificially reduced the number of notifications (thus decreasing security). For another, perhaps on some level they realized that since Vista had hit the market the actual effectiveness of UAC had falled to a level where only people like you would think it's still effective. Bottom line? It's not. The only thing UAC can help you with is if you have a defective copy of Common Sense Security 2013...and even then there are still times when it will fail to do anything. While I understand having an antivirus program active--which will notify you of CSS2013 failures, not might--I personally don't run one. The only thing that gets onto my computer is what I put there. I've been running CSS for over a decade and it works great. If you're not confident, however, then by all means run antivirus. I find it funny that your mom's machine has UAC disabled and you don't. I suppose that means her version of CSS2013 is more up-to-date than yours? If you're still not convinced, I'll give you a technical explanation. The fact of the matter is, UAC's operation has been well-known ever since Vista. There are legitimate applications that have the power to suppress UAC dialogs, for instance--take CCleaner for example. Now, if UAC were effective, there would be no way for a program--something in user space--to suppress a UAC dialog. The fact that a user space application can alter the operation of UAC is proof that it's wholly ineffective. On top of that, most common malware packages and exploits now ignore UAC completely. For instance, the Java exploit that had been so widespread on the net earlier this year--widespread enough that one of my machines got hit with it--did not trigger UAC. It was running within the Java sandbox then used a priviledged elevation to gain access to the file system...none of which caused Windows to think anything was the matter. Now, antivirus would likely have picked this up...but I found that uninstalling Java completely was a much better solution. The fact of the matter is, Lebonbon, if you use common sense then there's no need for UAC. If you don't have complete confidence in your common sense, then by all means run antivirus...but get rid of UAC. It's not doing you any favors, it's only giving you headaches. P.S. I agree with Sensation! when he tells you to turn your computer off and get a Mac. It was quite clear from your posts both here and in the 'Post Your Rig' thread that you don't know anything about how to manage a Windows machine properly. If you did, you wouldn't be running an SSD in Legacy IDE mode with UAC enabled. This post has been edited by Nomake Wan on Jun 11 2013, 10:53 PM |
Proud Contributor of IDW Forums and the Music Section Revival Project |
Tessou | Posted: Jun 12 2013, 09:30 AM |
More NEGATIVE than a black hole Group: ADMINISTRATOR Posts: 19,345 Member No.: 12,263 Joined: Sep 12th 2005 Location: Update Profile | This thread makes me laugh. Borderline trolling, and it's truly laughable. |
Proud Contributor of IDW Forums and the Music Section Revival Project |
Lebon14 | Posted: Jun 12 2013, 10:53 AM |
🎧 Group: Advanced Members Posts: 6,594 Member No.: 18,005 Joined: May 25th 2006 Location: Canada | @Nomake Where to start...? 1. Stop calling me Lebonbon. Next time, I'll slap you a warning for it because I bet you wouldn't like to be called "the candy". For me, it's an insult. 2. I never said my mom wasn't running UAC, in fact, she is like I do. And, your solution on her computer did trigger UAC because said solution was asking for admin rights. 3. I know that a good virus will just bypass UAC outright but its job is to make you know if something is trying to install without letting you know (but said if said "something" is not programmed to bypass it). 4. CCleaner just lost a lot of credibility in what you said. Uninstalling that crap. 5. I still stand by Common sense+UAC+Anti-virus+Up-to-date Windows+Up-to-date browser as a very good recipe. But, I urge you to read those threads below. Going from the oldest to the most recent (the most recent being posted YESTERDAY). The age curve of this forum is posted below. Now, if you don't believe in users where 47% of the users are 30 years old and more... Well, you are a lost cause. http://www.sevenforums.com/system-security...d-disabled.html http://www.sevenforums.com/system-security...ve-uac-off.html http://www.sevenforums.com/system-security...nt-control.html Age curve: http://www.sevenforums.com/chillout-room/1...ou-fall-34.html P.S Yes, I remember running my SSD in IDE mode... but that's been years since then. I've once formated Windows and rectified the problem. It's now in AHCI like all my HDDs. |
Proud Contributor of IDW Forums and the Music Section Revival Project |
Nomake Wan | Posted: Jun 12 2013, 11:16 AM | ||
ShiMACHaze Group: Advanced Members Posts: 19,542 Member No.: 5,394 Joined: Feb 5th 2005 Location: Drydock |
Oh yay, numbered responses! My favorite. 1. Please do call me The Candy. I'm totally okay with that if it means I can continue to use Lebonbon. We can be a comedy duo! 2. Sorry, you said that it worked perfectly on her computer and didn't work at all on yours...then said that the reason was UAC. This implied that your machine had UAC enabled and hers did not. I see that such an implication was not intended and was instead a result of you not being clear. Noted. 3. This doesn't make any sense. I'm shocked that you didn't notice it while typing. You just said that stuff bypasses UAC...then said that UAC does prevent stuff from installing without you knowing. Uh...no. UAC has been broken. 4. HAHAHAHAHAHA OH GOD MY SIDES!!! Oh man see #3. CCleaner isn't a virus, it's a legitimate program with the option to bypass UAC. If you're getting rid of it for that...oh holy shit... oh my god I can't breathe. You're a riot. 5. I'm not sure what you're trying to prove, here. Are you trying to prove that older users leave UAC on for a false sense of security? I would agree with that. I would also expect that you, a younger person, would know better and disable it. P.S. If it was so long ago, why is your HDD score that you posted recently so low? Why does your device manager screenshot which you posted recently show you as using IDE mode? | ||
Proud Contributor of IDW Forums and the Music Section Revival Project |
Tessou | Posted: Jun 12 2013, 11:21 AM |
More NEGATIVE than a black hole Group: ADMINISTRATOR Posts: 19,345 Member No.: 12,263 Joined: Sep 12th 2005 Location: Update Profile | It's not like N1 has the ability to warn Lebon for calling him The Candy. |
Proud Contributor of IDW Forums and the Music Section Revival Project |
Lebon14 | Posted: Jun 12 2013, 04:23 PM | ||
🎧 Group: Advanced Members Posts: 6,594 Member No.: 18,005 Joined: May 25th 2006 Location: Canada |
2. I badly explained then. In both cases, mine and her, triggers UAC for admin powers. 5. What I'm trying to prove is to give you a look on what actual expert think of UAC (the people who have "badges" mainly). There are a lot of elders on that forum that thinks, even if it's not the most efficient security measure, that it can help prevent some mistakes in case Common Sense failed or a software that looks normal on top, tries to do something nasty behind your back (but not nasty enough to bypass UAC). Finally, I never said it was the most efficient security measure ever. Because it's not and I'm aware. I have common sense, too, and I'm able to apply it. I know that, if I'm going to crack software, that is always the possibility to get malware (youdontsay.jpg). I'm using Intel's AHCI driver (Intel Rapid Storage) with Intel's SATA II Chipset. Of course, Windows will think it's IDE only because it doesn't use its on driver. And, it's still a SATA II SSD, so it's capped to 230MB/s read&write. WEI : 7.4 It's my last post on this subject. This post has been edited by Lebon14 on Jun 12 2013, 05:28 PM | ||
Proud Contributor of IDW Forums and the Music Section Revival Project |
Nerubian | Posted: Jun 12 2013, 04:45 PM |
Living in the woods when it's raining in the dark. Group: Advanced Members Posts: 1,500 Member No.: 36,931 Joined: Jan 25th 2011 Location: Update Profile | Call me a bonbon too, I also use UAC. Mainly to abort the start of programs that I accidentally started. Did you know there are viruses that try to install itself using the command prompt? Most of the people wouldn't assume something evil from it, so they wouldn't even check the additional details to see what launched the command prompt. Of course, you probably only would caught viruses by using cracked software or visiting harmful websites but I just wanted to say this... |
Nomake Wan | Posted: Jun 12 2013, 05:20 PM | ||
ShiMACHaze Group: Advanced Members Posts: 19,542 Member No.: 5,394 Joined: Feb 5th 2005 Location: Drydock |
5. You call them 'experts' but... those are polls of generic users. They don't mean anything. Besides, the few people there whose opinions you could argue are worth a damn are the same few people who help out with tech problems and read from a script that tells them to tell others to uninstall programs like uTorrent because 'P2P software is inherently dangerous'. Your links prove very little. If you had actual data to back some of this nonsense up that would be different, but you have yet to come at this from a technical perspective and instead have chosen to go with 'so-and-so says and he has a badge on this other forum so there' which...isn't really sufficient for intelligent debate. The fact of the matter is, as it stands, UAC is completely useless and if you need a safety net for your common sense it's a proper active-scanning antivirus program. As this was your last post on the subject, however, I assume I will not be getting a satisfactory response. That's okay, I'll still sleep well tonight. 6. Dear me. I was unable to confirm this functionality since I actually am running in Legacy/IDE mode (AMD 6-series chipset AHCI bug), but after consulting with a few friends with custom rigs as well as a little Google searching it is indeed possible to have a machine that is working perfectly fine in AHCI yet still displays 'Standard Dual Channel PCI IDE Controller' and lists separate ATA Channels. In fact, this happens even while using the Microsoft AHCI driver. Now, that being said, there are still two problems with your setup. For one, a correct AHCI configuration will result in only one 'Standard Dual Channel PCI IDE Controller' entry, not three, and should result in separate ATA channel listings, i.e. '0, 0, 1, 1, 2, 3, 4, 5'. Your layout would suggest three SATA controllers running in Legacy mode...or I suppose it could be that you actually have three ATA controllers on your motherboard and your Intel SATA controller isn't exposing any channels to the Device Manager? I'm honestly not sure what to make of it, so I will poll some other people I know who run Windows 7 and try to get a consensus going. However, your cap figure on the SSD is incorrect. That drive on SATA II should be hitting an average of 280 MB/s read/write, not 230. Something else is definitely up and you should look into it for peak performance's sake. EDIT: @Nerubian: You say 'via the command prompt' but you didn't list the actual infection vector. The way you phrased it, someone would have to manually open the command prompt then manually run a program to install said virus. If you were more specific about the infection vector I could come up with a more precise response, but your comment is much too generic to be relevant to this discussion. You are in fact silly for keeping UAC enabled, but know that I will not call you 'bonbon' because your name is Nerubian, not Lebonbon. This post has been edited by Nomake Wan on Jun 12 2013, 05:23 PM | ||
Proud Contributor of IDW Forums and the Music Section Revival Project |
Lebon14 | Posted: Jun 12 2013, 05:37 PM |
🎧 Group: Advanced Members Posts: 6,594 Member No.: 18,005 Joined: May 25th 2006 Location: Canada | I have a Marvel SATA III chip which is still in IDE in BIOS(there's nothing plugged into it anyway). Since I only use the Intel one, I didn't bother with the Marvel and it created me problems in the past so... yeah. By the way, my SSD is far from being at its peak... Seq. Read was like 140MB last time I checked. Last time I went in my BIOS, SATA II was in AHCI. Heck each time my PC boot, I see AHCI sequence thing with the drives being numerated. I really need to do a secure wipe and get windows re-installed. Just too damn lazy because I just don't have any bugs whatsoever. My system is still pretty darn reactive too. P.S I said 230MB about SATA II peak speed... I knew it was in the 200s but didn't bother to double check. |
Proud Contributor of IDW Forums and the Music Section Revival Project |
Nomake Wan | Posted: Jun 12 2013, 06:46 PM |
ShiMACHaze Group: Advanced Members Posts: 19,542 Member No.: 5,394 Joined: Feb 5th 2005 Location: Drydock | Fair enough, that explains why there are multiple entries. Do you have any PATA ports on your motherboard? This post has been edited by Lebon14 on Jun 12 2013, 07:07 PM |
Proud Contributor of IDW Forums and the Music Section Revival Project |
Lebon14 | Posted: Jun 12 2013, 07:07 PM |
🎧 Group: Advanced Members Posts: 6,594 Member No.: 18,005 Joined: May 25th 2006 Location: Canada | IDE? I think I do... let me check. Whoops, wrong button. Didn't mean to edit your post. >_< EDIT I do have one. Unused. This post has been edited by Lebon14 on Jun 12 2013, 07:08 PM |
Proud Contributor of IDW Forums and the Music Section Revival Project |
Nomake Wan | Posted: Jun 12 2013, 07:19 PM | ||
ShiMACHaze Group: Advanced Members Posts: 19,542 Member No.: 5,394 Joined: Feb 5th 2005 Location: Drydock |
That explains it, then. You have a PATA controller (IDE), a SATAIII controller (set to IDE mode) and a SATAII controller (set to AHCI but for whatever reason showing up as both AHCI and IDE). Still odd about the channel listings, but at least that's why there are three controllers in the list. Best of luck sorting that SSD thing out. | ||
Proud Contributor of IDW Forums and the Music Section Revival Project |
Nerubian | Posted: Jun 13 2013, 04:25 AM |
Living in the woods when it's raining in the dark. Group: Advanced Members Posts: 1,500 Member No.: 36,931 Joined: Jan 25th 2011 Location: Update Profile | I should've posted a link. Well, "Beta Bot" runs the command prompt. You can read about it here: http://www.technewsdaily.com/18225-beta-bo...s-security.html |
Nomake Wan | Posted: Jun 13 2013, 06:13 AM | ||||
ShiMACHaze Group: Advanced Members Posts: 19,542 Member No.: 5,394 Joined: Feb 5th 2005 Location: Drydock |
Wholly irrelevant. If it asks for permission to run and you grant it, it already has priviledged access to your system regardless of the state of UAC. The vector in this case is a website visited by a browser, not the command prompt. It only looks like the command prompt and UAC are involved. Please see the following article from the RSA, who specialize in this sort of analysis:
It fakes a UAC prompt asking for command prompt access. This would make it more obvious as a fake if you had UAC disabled! On top of that, the vector is a browser and the payload is a C++ program, not a script or command function to run within a command prompt. Please do more research next time. | ||||
Proud Contributor of IDW Forums and the Music Section Revival Project |
khat17 | Posted: Jun 15 2013, 11:00 AM |
IDW SIMPLETON Group: Advanced Members Posts: 1,168 Member No.: 17,668 Joined: May 7th 2006 Location: Mandeville, Jamaica | Too.......long.........to........read.......all....... Personally I disable UAC because I dislike the nags. I have a backup of my system that I use if I need to suddenly restore from some garbage. For the most part things are either virtualized for testing or I decide to install and screw my system then restore from the backup. While UAC may work in some areas I personally don't see the need to use it for myself. |