Microsoft agrees to change UAC in Windows 7

By on February 6, 2009, 1:48 PM
Microsoft is doing some backtracking today. After initially downplaying the risks and defending its choices around the User Account Control feature in Windows 7, the company has now bowed to pressure and said it will make some modifications to the upcoming release candidate in response to the outcry.


For those who haven’t been following this story, the problem stems from a more permissive UAC default setting in Windows 7 compared to Vista, which has been blasted by users as being too intrusive regarding these security measures. The change resulted in a by far less annoying Windows 7, but it also introduced a gaping security hole in which the feature could easily be turned off altogether, using pre-approved Microsoft applications to fool Windows 7 into granting malicious code full access rights.

Microsoft refused to acknowledge this as a flaw but rather claimed it constituted a feature created “by design.” However, in a reassuring sign that the Windows beta process isn’t just for show, the company has now vowed to make some seemingly straightforward changes in the upcoming release candidate to address this concern. Namely that changing the level of the UAC will prompt for confirmation.




User Comments: 28

Got something to say? Post a comment
dark.reaper.hx said:
wow people whine to Microsoft to lower the UAC so it can be less annoying now that Microsoft does what the people want they want it back cuss its a security hole well people quit whining
MichaelLS said:
In other words, this product remains very vulnerable and terribly frustrating to use when it is operating in a mode that the average end user is not prepared to deal with on a regular daily basis. Otherwise, when comfortable to use, tolerable to use, it remains very vulnerable. How nice!Design Flaw? No - inherently and critically flawed by poor design, period!Enough! Time for a rewrite Micro$oft! Not some painted and patched up remake of what has already proven to be terribly flawed.Stop this garbage! No more patches on the already patched to death Vista which was a patched to death XP. Painting lipstick on the failed Vista brand name is not going to make this already failed product design a success people.
Kage Goomba said:
UAC - Ultimately Absolutely Corruptible/Convoluted/Combustible/Crackable
yukka said:
Does anyone on this page actually understand what it does?By prompting the user when system changes are being requested and using the secure desktop which locks down everything except the prompt, it makes it more difficult to spoof the user into making system changes without knowing it.The problem was that they made it possible to turn it off so well that it didnt prompt users when they made changes to the UAC level once you turned it down to a certain level. By making it prompt whenever UAC changes are made, it just makes sense. There are only 4 options on the slider. You wont make a change on that more than once or twice once you find your level. It will just be more difficult for an external program to change it since it will now trigger the secure desktop.I think you just want any excuse to write colorful exciting words with exclamation marks and dollar signs..
tengeta said:
Whats UAC? I've been using Vista for almost two years now and haven't had it bother me once.OH RIGHT I TURNED IT OFF. Stop whining you morons and get a clue, you probably haven't touched Vista for more than two seconds and even that was just so you could "justify" your clueless bitching about it for the rest of your lives. Whatever, I'm done proving people wrong about Vista. Go use your SLOWER and LAGGIER XP, and yes I SAID THAT. Or just use your disaster of Windows 7, it crapped on any and every nice thing Vista did, but you never used Vista long enough to discover any of it did you?
Per Hansson said:
yukka; Agree with you fully!tengeta; Kinda harsh writeup but may I ask what is wrong with Win7?It's just a small rewrite of Vista and for me it's running great, even in it's current beta form! (Granted I have some driver issues but that is to be expected, heck, not even all driver issues have been solved for me when using Vista itself!)
windmill007 said:
Tengeta I think Windows 7 is what Vista should of been. I tried Vista many times and still don't like it. I tried Windows 7 and fell in love right away. Sorry but Vista is not a good OS no matter what you tell yourself. It is just another ME. And BTW ..XP is not laggy...If you think it was you have something wrong with your computer.
MichaelLS said:
Well said WindMill007!Fact is: Windows 7 is a reworked Vista. A very desperate attempt to save the work invested in a failed product. Get over it children.Everyone here understands the UAC perfectly well. That's not the problem!Anyone who has ever spent any amount of time 'on later builds of Vista' is just entirely frustrated with it. As they very well should be! End Users cannot productively work with all that crap in their face. That's all the Support Desk needs is double / triple the phone calls due to End User ignorance regarding security. "Gee, Duh, What do I do now? How do I answer the question? I have a project to work on! My reports are due!"What ever possessed Micro$oft into thinking that the End User was able to deal with all that? Ahhhh, gee, to infect, or not to infect? That is the real question? Why are they asking in the first place?Too bad the real problem underneath was never properly addressed - rather it was horribly patched to death. Three build iterations now.I am starting to think that Micro$oft is so out of control management wise that the engineering level work is never properly evaluated nor reviewed today. The Product Evaluation Dept was eliminated to save operating costs. Rather some foreign visiting VISA is now setting there trying to desperately learn / understand the current builds coding and then in turn making a desperate attempt to patch the code in order to make it functionally work as it should have in the first place. Which at that point is a very futile effort.Dig down in the OS - it really shows. Carefully look back at previous builds. It's so very obvious!Oh, and all of us - we are now the Product Evaluation Department!!! Fun Huh? As if we have time for this crap!Micro$oft is going through some very difficult growing pains. Then - oops - the economy drops out from underneath. ROR is down. 'Gee, what do we do now?'Vista is a failure for those of us who work for a living.Go home children and play your bloody FPS games. Your parents have work to do.Its so frustrating to have some child tell you all about what he or she really and truly has no clue about nor understands. Go home children! There is a much bigger picture here just outside of the grasp of your maturity level! FACT!
JDoors said:
The best news here is the Microsoft listened and immediately responded, whether they agree with the demands or not. Unlike a competitor with their take-it-or-leave it attitude. I agree they're between a rock and a hard place; make it safer but more difficult to use on a day-to-day basis and one set of people whine, make it less safe but easier to use on a day-to-day basis and another set of people whine. Frankly I'm surprised they backed off from safety in the first place, people would get used to it, eventually. No one gives a second tthought to their software having to ask the manufacturer's permission to keep running, and I thought that would be a deal-breaker. People got used to it.
Kage Goomba said:
UAC (VISTA): "Are you sure you want to do that?" (Prompts with Yes No question which can be scripted to respond so any nasties can slip past)WinXP: (Nothing..... just absolutely nothing)Win2k: (Nothing)Win2k3: (Nothing for the most part)UNIX/LINUX: "You do not have sufficient privileges for this function" (You have to have a higher user account permission than you currently have... effectively locked out)MAC OS-X: "You must authorize before you can do this" (Prompts for password which can't be scripted due to the fact you need the password)This is by no means a fix.... this is a joke.And an insult to security period.UAC either drives you crazy or you end up shutting it off... its just a pile of styrofoam bricks that can easily be knocked over.Windows 7 is nothing more than Windows Vista SP 3 or possibly 4. There is nothing new about it... there is nothing innovative about it....Vista at best was an Alpha release... Windows 7 is the Beta.At least with Linux/UNIX platforms you have absolute control over your environment... and the Mac's are pretty much locked down effectively enough unless your a total ***** in which case your likely deserving of such a breech.The fact Windows is giving the user control to effect UAC is nothing short of laughable.They need to rewrite the security aspect if not the whole bloody system... never mind shutting down UAC.... UAC is a joke... much like Windows Firewall... Windows Defender... and etc...etc...etc.If Microshaft wanted to improve security they should copy the Unix User Account structure... even Apple admits there user account controls are laughable... when it comes to enterprise networking.... top that off with the fact UNIX/Linux systems use a very rigid approach to that system... the same of which macs use today with some minor differences (ACL's and the likes).When will they start being original and stop copying others?Oh and before you start yammering... I got 20 reasons [PC towers] behind me that clearly tell you that Windows Security is a joke... and all of them have severe virus infections.I fix the bloody things for a living... don't tell me that windows "vista" UAC is secure.... I'll end up laughing at you.If anything its going to improve business for us! Because they keep coming in!So yeah.. thanks Microsoft for job security! Keep it coming!X O (
Rick said:
[b]Originally posted by Kage Goomba:[/b][quote]UAC (VISTA): "Are you sure you want to do that?" (Prompts with Yes No question which can be scripted to respond so any nasties can slip past) [/quote]No, it can't be 'scripted' around. Windows disables the ability to manipulate the Cancel/Allow prompt by use of another program. It HAS to be done by the user. Now, you may be able to simulate actual user input using a special mouse/keyboard driver, but if you're able to root a Windows sytem like that, then why the hell would you be messing around with writing drivers etc.. to work past the UAC in the first place? You obviously already have elevated privileges or found a huge security hole...
yukka said:
[b]Originally posted by Kage Goomba:[/b][quote]UNIX/LINUX: "You do not have sufficient privileges for this function" (You have to have a higher user account permission than you currently have... effectively locked out)MAC OS-X: "You must authorize before you can do this" (Prompts for password which can't be scripted due to the fact you need the password)[/quote]You can make Vista do both of these options.
Kage Goomba said:
[b]Originally posted by Rick:[/b][quote][b]Originally posted by Kage Goomba:[/b][quote]UAC (VISTA): "Are you sure you want to do that?" (Prompts with Yes No question which can be scripted to respond so any nasties can slip past) [/quote]No, it can't be 'scripted' around. Windows disables the ability to manipulate the Cancel/Allow prompt by use of another program. It HAS to be done by the user. Now, you may be able to simulate actual user input using a special mouse/keyboard driver, but if you're able to root a Windows sytem like that, then why the hell would you be messing around with writing drivers etc.. to work past the UAC in the first place? You obviously already have elevated privileges or found a huge security hole...[/quote]HAHAHAHAHA please.... leave your delusional state behind.Obviously you don't have these skills or the experience short of making conjecture.Keyboard strokes are frequently simulated and scripted.It's no different then hitting the return key to say "OK"What's to stop the virus writers from doing the exact same thing? (Oh wait... they already did... oops)You can't do that with a password field without knowing the password.Linux would just stick its nose in the air because your not the "Root" or "Administrator"Vista/WinXP/Win2k3/Win2k has no such feature.. nor Win7(coughVistaBetacough)[Edited by Kage Goomba on 2009-02-08 17:13:03]
Kage Goomba said:
[b]Originally posted by yukka:[/b][quote][b]Originally posted by Kage Goomba:[/b][quote]UNIX/LINUX: "You do not have sufficient privileges for this function" (You have to have a higher user account permission than you currently have... effectively locked out)MAC OS-X: "You must authorize before you can do this" (Prompts for password which can't be scripted due to the fact you need the password)[/quote]You can make Vista do both of these options.[/quote]Prove it.
Rick said:
[quote]HAHAHAHAHA please.... leave your delusional state behind.Obviously you don't have these skills or the experience short of making conjecture.Keyboard strokes are frequently simulated and scripted.It's no different then hitting the return key to say "OK"[/quote]Well, you've made it obvious YOU don't understand, because as you SHOULD know, the UAC prompt is 'special'. But you're ignorant of this, so allow me to reiterate.Windows does NOT allow any scripts or programs to interact with the UAC prompt. Take VNC for example - VNC cannot interact with the prompt. Scripts that that call APIs to interact with the prompt suffer the same shortcoming.The only proven solution is a special driver which emulates a real mouse or keyboard (requires root access) or (maybe) running the program/script as an elevated user (requires root access). There have also been exploits which disable UAC (among some other 'creative' exploits), but those too, also require root access or don't specifically address cancel/allow operations via UAC.Read more security stuff before you 'conjecture' us to death.
MichaelLS said:
'Special' ??? I'd really like to hear your explanation on this Rick.Actually Rick, he's right for the most part. Sad but true! Look at the latest IE exploit. Check it out carefully! Very amusing... and not so good for the faithful UAC user! Somebody(s), those wonderful Comrades, have found a way to walk right around all this 'special' UAC patch code with just a very carefully crafted web site. And, please note, with this type of OS design, this will always be the case. Just look at the demonstrated history to date - and all this after the implementation of UAC.So why deal with the UAC at all? Turn it off! Install a good third party Firewall / Scanner / etc. And no End User intervention is required. As any XP Pro SP3 with ZAP Suite installed clearly demonstrates! Hello? Why do you think industry still won't accept Vista on the floor?Yes, yes, children, I hear you, your company uses Vista and its just fine! Right, and you use the free copy of AVG too/also and have no problems! Oh, please!Yes, Rick, you're right for the most part, but in only the most basic and straight forward approach. And as you eluded too, an installed anything in Windows, any version, carefully crafted, has the ability to open all doors wide and invite the Devil inside! Not so in [X]nix based platforms as is easily demonstrated. That's really his whole point!Sorry, but that caged angry little brown mushroom is right! Nobody else's OS is suffering these simple exploits nor requires this kind of End User frustration level.Why won't Micro$oft go back to the drawing board and fix all this at the most basic level of the OS design?But no, sigh, another set of Black Tuesday patches to the patches that patched the last set of patches. Oh, please!So... this is why we don't allow the use of IE in the Enterprise! Right?Lets get this under control fellows! Sheeeeish!Time for a completely new approach Micro$oft! Please, no more of the same old patched up Head for Tail OS releases. An actual working, independent Kernel, might be a good idea at this point!!! Hint! Hint! E'llo? Anybody home!What's that I hear - mosquitoes? Billy!!!
Kage Goomba said:
Hey... thats Mr. Caged Angry Brown little Mushroom to you!X O DBut yes... well said!
Per Hansson said:
MichaelLS; Oh pleaseYou do realize that a rewrite of the user mode in Windows would make ALL software EVER made for it incompatible?Microsoft made a design flaw from the beginning, that "normal" users where admin all the way up to XP, this changed (almost) in VistaThe prompts you see is for stuff that requires admin rights, now if you did it the way you feel all those apps would fail, or worse, require the user to enter the "root" password like "sudo" which of course would drive the users totally utterly insane!There is a way to fix it, but if they did you would whine so much more because nothing works so it's just catch 22 for them
MichaelLS said:
[b]Originally posted by Per Hansson:[/b][quote]MichaelLS; Oh pleaseYou do realize that a rewrite of the user mode in Windows would make ALL software EVER made for it incompatible?[quote]User Mode??? What exactly are you even talking about or referring to here?...Microsoft made a design flaw from the beginning, that "normal" users where admin all the way up to XP, this changed (almost) in Vista'where'??? 'almost'???Okay, if I am following you, that's is just not true. You don't understand this... Yes... It all depended on how the User Account was set up. Yes, if the User was set as / with Admin privileges - all application boundary aspect layers were in trouble from the start.But... there is so more to this....What you and so many others don't seem to understand or perceive here is that this OS, by design, by flaw, ==> a Head for Tail design <== OS is never going to be safe. Thus this giant easily distractible loop, if you will, this OS we call Windows can be compromised anywhere along the path / loop. And when compromised, even by a poorly written hardware driver, or poorly written application program, we are done / finished even with or without the User's intervention. DUH, thus the Blue Screen of Death???? Surely you see this? Thus the uselessness of this poor patch called the UAC. Look at the vulnerability history. Its very obvious....The prompts you see is for stuff that requires admin rights, now if you did it the way you feel all those apps would fail, or worse, require the user to enter the "root" password like "sudo" which of course would drive the users totally utterly insane!Again - your missing the point! The point is... that this... the UAC... is not at all necessary. Look at other OS designs. This is terribly wrong, by flawed design, and thus terribly vulnerable - UAC or not.Yes, in the beginning - no one at Micro$oft expected this - still - with success & growth comes trouble. Micro$oft desperately needs to follow the rest of the industry and crawl out of this deep hole they have dug.A real Kernel could be put in place without too much effort. Man hours of programming - yes!Backwards Compatibility would be very easy to accomplish. And for the very first time - a safe and reliable OS would emerge!!!!...There is a way to fix it, but if they did you would whine so much more because nothing works so it's just catch 22 for them[/quote]Sigh! I don't see what you are seeing. No one is whining! For most of us, with the exception of those who are lowly children, End Users, Home Users, we are all really hopeful to have a voice to Micro$oft / Industry / Press / others in Business / that would impact and change this wreaked / bloated / patched to death OS called Windows.Knock it off with the emotional defense! I am no fan boy of any OS. I am Enterprise based IT / MIS / Admin with 35 years in Product Evaluation and Environmental Design & Test. Thank you very much! I don't have time to play games.Frankly, Home Users and End Users have no business even approaching this topic - beyond voicing their well understood frustrations. Rattling your mouth off with no real experience / understanding is really just very frustrating the people who work with this OS and who very well know better from years of first hand experience on the engineering / manufacturing / business / administrative floors.Want to talk about the flaws in BSD? Unix? Linux? OS-X? SUN? I'll wager we can very quickly step right over your head, I suspect. And no offense intended!Whining??? The time has come for Micro$oft to do right by the millions / billions / they have extracted from the users / victims / established client base. We need a good OS from these people. Not something hacked up and patched to death from the days of Windows 95. They have got to stop this re-painted the same old OS Loop - bloating it up even further - and then trying to sell all of the world on the idea that this is something new. Fact! This is so easily demonstrated. Please!And... I suspect the mood on the floor at Micro$oft is quickly approaching panic level. This design has met its end. Bloating the same old flawed OS Loop is not going to cut it any more.Blessings!
Per Hansson said:
Erm, my post pretty much agrees with what you just saidI said that "You do realize that a rewrite of the user mode in Windows would make ALL software EVER made for it incompatible?"With this I meant that if users really where made users by default in Windows, and not Admins, almost all programs in existance today would require a rewrite, because they where written with the logic that the "user" always has admin rightsI said; "Microsoft made a design flaw from the beginning, that "normal" users where admin all the way up to XP"Here I confirm that Windows is by design flawed (for the reasons explained above)I said; " this changed (almost) in Vista"With this I mean that new users are "really" users by defaultThe "administrator" account you create is really a normal "user" accountBut it has the power to "sudo" itself into an admin account by just throwing up an UAC prompt (which is not the proper fix)The real admin account which is equal to root in Unix has been disabled by default, it can be found under the Local Security policy (secpol.msc) under Local Policies > Security Options > Accounts: Administrative Account Status (Disabled)The rest of my post I feel is pretty much answered in the above comments, because if Windows Vista really made users only users, and not users with the ability to sudo everything into admin by just clicking a simple UAC promptThen they would instead be required to, just like for sudo in Unix to type the admin/root password, which would drive them crazy because yes, Windows is as I said flawed by design and can't really be fixedThing is all this (maybe my word whining was too strong?) about it wont really solve thatThere are frankly much easier alternatives, just run operating systems which are not flawed by design, like MAC OS X or any Linux distributionBut face exactly the same problem as you would in a Microsoft OS that was built both the same way you and I seem to agree it should be; total application incompability with all programs ever written for Windows up to and including NT v6.1 (aka Windows 7)I will also adress two messages by you; "Not something hacked up and patched to death from the days of Windows 95."It's been hacked up from Windows NT v3.1, not Win95 which is the DOS architecture that thankfully died very ungracefully together with Windows ME"Want to talk about the flaws in BSD? Unix? Linux? OS-X? SUN? I'll wager we can very quickly step right over your head, I suspect. And no offense intended!"Sure, you can make all the assumptions you want, but excluding OS-X I have extensive experience with all those systems, in paticular Linux but also BSD
maclaire said:
I have installed Windows 7 Beta and it seems thus far a better product than Vista. I am still toying with it a bit.
Kage Goomba said:
Per Hansson I would like you to fire up your *nix computer and type in the following commnad...MAN SUDOOh... for those who dont have one... check this out:[url]http://www.gratisoft.us/sudo/man/sudo.html[/url]---
----Excerpt for MAN page for SUDO:"sudo allows a permitted user to execute a command as the superuser or another user, as specified in the sudoers file. The real and effective uid and gid are set to match those of the target user as specified in the passwd file and the group vector is initialized based on the group file (unless the -P option was specified). If the invoking user is root or if the target user is the same as the invoking user, no password is required. Otherwise, sudo requires that users authenticate themselves with a password by default (NOTE: in the default configuration this is the user's password, not the root password). Once a user has been authenticated, a timestamp is updated and the user may then use sudo without a password for a short period of time (5 minutes unless overridden in sudoers)."Per Hansson... I thought you said you where very experienced in UNIX and Linux. Guess not eh?Oh... for people who don't like walls of text... allow me to highlight the importaint bit."(NOTE: in the default configuration this is the user's password, not the root password)"Per Hansson: "The rest of my post I feel is pretty much answered in the above comments, because if Windows Vista really made users only users, and not users with the ability to sudo everything into admin by just clicking a simple UAC prompt Then they would instead be required to, just like for sudo in Unix to type the admin/root password, which would drive them crazy "Uh.... oops?Did you mean SU? Thought you knew this stuff....#: SUPassword: ROOT:_Per Hansson: "The real admin account which is equal to root in Unix has been disabled by default, it can be found under the Local Security policy (secpol.msc) under Local Policies > Security Options > Accounts: Administrative Account Status (Disabled) "Which leads to problems in windows systems of course... but thats a different story.Oops... BSOD strikes again.. I better get back to work....[Edited by Kage Goomba on 2009-02-11 12:59:56]
Per Hansson said:
Kage Goomba; Ehh, and exactly where do you find secpol.msc in *nix?You not realizing I am talking about Vista in this sentence is very very laughableAnd you do realize that using sudo if you are not a trused user will not give you root access at all, or did you think that any user could just type sudo and their own password and thus become root?What a great security feature that would have been!And yea, you are correct, I did mixup su and sudoI can also tell you something else, I sometimes mix up left and right, and two towns close to where I live even tho their names are differentQuite the coincidence eh?You can imagine the joy of the LASER machine I run now, where the axis direction for Z- has been named as Y+ in the new machine[Edited by Per Hansson on 2009-02-11 13:19:52]
Kage Goomba said:
[b]Originally posted by Per Hansson:[/b][quote]Kage Goomba; Ehh, and exactly where do you find secpol.msc in *nix?You not realizing I am talking about Vista in this sentence is very very laughableAnd you do realize that using sudo if you are not a trused user will not give you root access at all, or did you think that any user could just type sudo and their own password and thus become root?What a great security feature that would have been!And yea, you are correct, I did mixup su and sudoI can also tell you something else, I sometimes mix up left and right, and two towns close to where I live even tho their names are differentQuite the coincidence eh?You can imagine the joy of the LASER machine I run now, where the axis direction for Z- has been named as Y+ in the new machine[Edited by Per Hansson on 2009-02-11 13:19:52][/quote]What the heck are you talking about now? Secpol.msc?Lasers??? What?? Where? Pew pew pew pew???Laser Machine? What? Huh?I'm talking about your totally inappropriate use of SUDO!And for your information I happen to have a minor case of Dyslexcia here... and I'm sorry... your poor excuse of confusing SU with SUDO is a joke....Spelling... yes.... digits... yes...Its not teh most appropriaet thing I can tlel you taht much.The only thing I see you have is you don't speak perfect english.But confusing SUDO and SU is a bit hard to swallow.doing a SUDO alone gets you nothing.But fine..... lets assume you meant SU then.After all you where passionate enough about your description...So lets play with SU shall we?[url]http://unixhelp.ed.ac.uk/CGI/man-cgi?su[/url]" su is used to become another user during a login session. Invoked without a username, su defaults to becoming the super user. The optional argument - may be used to provide an environment similar to what the user would expect had the user logged in directly."SU is Substitute USER.... or sometimes known as "Switch User".Commonly used to switch to an alterante user account when used explicitly or to the root which is just flat SU and then it prompts you for the password.To entertain the crowd..... lets say your saying SU is the same function as UAC.... well... so what your telling me is every time UAC comes up it's switching into the admin account?Still not prompting for a password! SU demands a password...whether there is one or not!Each movement is logged... something that UAC never does unless its some hidden dark abysmal function that can be changed.SU is a quick and dirty way of logging in into an another account until you "Exit" or close down the terminal.Speaking of which... it completely leaves your previous state behind in a suspended state until you return... what you do in SU is unique to the session in which you started it in.In fact people who do SU all the time should be advised its really foolish and stupid as you could be leaving yourself open to attack or a mistype keystroke which could destroy your system.SUDO... if you bothered to read the bloodly manual... as clearly stated on that site and in the MAN page i told you to read.... is completely different.SUDO is a proxy method of executing commands not available to the user account in question. Via the SUDOERS Config file and associated files of course.SUDO doesn't grant root privlages to the user either... like you said earlier.SUDO only grants limited access to commands specifically reserved for admins and yes even root.If SUDO granted root access... there would be no point to it.... anyone and everyone on the bloody planet would be able to hack the servers.... so your little "quip" is insulting at best.It even goes so far as to prevent you from operating in certain contexts such as the path of root to prevent damage to the system. (May have to tweak that to prevent other exploits but the point is it can and will do so upon command)SUDO by its default configuraiton isn't exactly polite and takes a bit of time and effort to refine.... some people get lazy and ignore it and just SU into ROOT. SysAdmins however do not... and they make sure its propperly configured.In short SUDO is great for those moments where you need an admin command or a root command without the root access... that is why it's there.SU leaves you logged in for the duration of the session... SUDO does not... although its polite enough to remember your password... to a specified length of time by the sysadmin.It will not grant you root access unless you tell it too... and by default it typically won't... at least in the definition of what I consider to be dangerous.But you really don't care do you.... your too busy defending your lack of knowledge on the matter and comparing a completely different system to UAC.Thats called equivocation... its a fallacy at best... and its not even appropriate in this discussion.So I would appreicate if you keep your ignorance and aragonce on the subject strictly free of making assumptions about a system you obivously have no bloody idea what your talking about.Mixing 2 very powerful tools that are totally different is not what I call a excusable thing. Try explaining that to your boss if your in charge of an enterprise network. Some how I don't think he/she will be so forgiving.I live in the real world where security is critical... and maintaining enterprise systems are important. Yes I'm very serious.... should show in my attitude here.I take my work seriously.... very seriously.Leave the world of linux and UNIX to the people who know what they are doing thank you very much.I'm done here... its obvious the people who run this dog and pony show don't know there stuff..... and just play around.So yes.. rejoice... the angry mushroom is leaving.Not that it will matter in the end... ban me... block me.Won't change the facts. If I need advise on fixing something to do with mechanics ill ask you.... but forgive me if I refuse to send people to you or respect your so called opinion on the subject of computers.Yes I respect the fact your a hobbyist... but that doesn't give you the right to spout off things just because you "Dabbled"I eat breath sleep this stuff for a living....You obviously don't...Farewell.. and good luck on your UNIX endeavors... you'll be happier in Windows 7 for sure.
MichaelLS said:
[b]Originally posted by Per Hansson:[/b][quote]Kage Goomba; Ehh, and exactly where do you find secpol.msc in *nix?You not realizing I am talking about Vista in this sentence is very very laughable[/quote]Laughable? I checked into who you really are and what your past work experience has really been. Why don't you just admit, to everyone, the truth, in that you are a fake and a phony! You have little if no experience whatsoever with the Windows OS, any version, except at the mere End User level. Its very obvious! You are nothing more than a fanatical hobbyist Micro$oft Fan Boy at best who loves to pretend that he knows what he is talking about.Stick to being a Mechanic with computers as your hobby interest. As your Bio reveals. "You not realizing", quote, apparently, how you have terribly exposed yourself as a fraud several times now in these recent forum discussions and all over the web. Google yourself sometime!Yes, you have built one computer in one of the worst possible Lion cases. Wow, I guess this makes you an experienced builder of Windows hardware???? And please, I have to ask, do you still use that old 3Comm modem setting on your desk. You are a complete and total fruad! Time for you to be quiet and stop pretending to be this so called OS expert. Leave the technical discussions to those who know the OS from years of experience. You are not qualified to speak on these matters.[b]Originally posted by Per Hansson:[/b][quote]And you do realize that using sudo if you are not a trused user will not give you root access at all, or did you think that any user could just type sudo and their own password and thus become root?What a great security feature that would have been![/quote]Again, you obviously have no experience at all. Do you? Again, you reveal yourself to be a fake. Nothing more than a Hobbyist.[b]Originally posted by Per Hansson:[/b][quote]And yea, you are correct, I did mixup su and sudoI can also tell you something else, I sometimes mix up left and right, and two towns close to where I live even tho their names are differentQuite the coincidence eh?[/quote]Again! You obviously have no real experience at all. Stop trying to deceive everyone about what you don't know and have no experience with in the field.[b]Originally posted by Per Hansson:[/b][quote]You can imagine the joy of the LASER machine I run now, where the axis direction for Z- has been named as Y+ in the new machine[/quote]So... again, you reveal that you are just a lowly operator and a hobbyist. And nothing more. There is very good reason for the Y+ axis control which obviously completely eludes you. Right? Knock it off Fan Boy!You have no right to be misleading people like this!
Per Hansson said:
Wow, thank you MichaelLSSo you are able to use google and find out my entire work experienceGood for you, I hope you also found out that I have gone a 2 year IT Technician school, where I learned much of what I know todayAnd FYI the direction I took was not Microsofts Active Directory but Novell's NDS, with some Linux knowledge (but this was only a small course of it, the main was NDS)I guess it also showed the place I did my practice at, the Goverment for Gnosjö Municipal in Sweden, and I suppose you called them and they informed you what a poor job I did at it?And when I wrote that Windows is flawed by design and can't be fixed I guess I am also a " fanatical hobbyist Micro$oft"Thank you very much for those nice wordsAlso I have to admit that I only post pictures etc of my main rig, I usually don't post pictures of computers at work etc that I build or maintainAnd I also have to admit to using a US Robotics Courier V Everything Modem, this due to the fact that broadband was not available at my home 5 or so years ago (I do not remember the exact date I am sorry)And because I sometime mixup sudo and su, and left and right and two towns I live near I of course "have no real experience at all."For this I am very sorry, I will straight away try to better myself, I also have trouble remembering peoples names, this I also apologize forAnd I am so so sorry that the naming of the axis on two machines, in the direction Up and Down, is on one of them named Z- for down, and on the other Y+ for down (i.e. the same direction)I don't know how to respond to this, but as you say I obviously must have no idea at all, you can call Adige Italy because I just finnished the acceptance setup procedure with them, so they can inform you that the controls "obviously completely eludes you"EDIT; Sorry for this late addition, but I thought a link to this site I am also a member of (sadly more active at than this site, sorry Julio :() might be of interest to you;[url]http://www.badcaps.net/forum/showthread.php?t=5974&
ighlight=Dell[/url][Edited by Per Hansson on 2009-02-12 12:48:25]
Per Hansson said:
Kage Goomba;I am so sorry that I am not allowed to mix up two so totally different words as sudo and su, yes I agree, there really is no reason for thisThey are so different, almost like left and right"To entertain the crowd..... lets say your saying SU is the same function as UAC.... well... so what your telling me is every time UAC comes up it's switching into the admin account?"Yes, that is actually exactly what it does (which of course also means that if you disable UAC everything is run as Admin, just like if you are always logged in as root on a Linux system"Still not prompting for a password! SU demands a password...whether there is one or not!"That is correct"Each movement is logged... something that UAC never does unless its some hidden dark abysmal function that can be changed."No, as far as I know nothing is logged with UAC, you are correct"SU is a quick and dirty way of logging in into an another account until you "Exit" or close down the terminal."Yes, I agree, this is how I use it too"Speaking of which... it completely leaves your previous state behind in a suspended state until you return... what you do in SU is unique to the session in which you started it in"Yes I know, this is by it's design"In fact people who do SU all the time should be advised its really foolish and stupid as you could be leaving yourself open to attack or a mistype keystroke which could destroy your system."Yes I agree, it's just the same thing as always being logged in as rootOr in Windows to do the comparsion to always be logged in as Admin (as was default up to Vista) or as with Vista to disable UAC so everything is run as AdminVery easy for a virus or trojan to kill the system then as you no doubt have witnessed in the Windows world"SUDO... if you bothered to read the bloodly manual... as clearly stated on that site and in the MAN page i told you to read.... is completely different."Yes, I agree to all your comments on SUDO, I know what it is and how it works, I rarley use it tho, but I did mix up it's name with su as I told you"SUDO... if you bothered to read the bloodly manual... as clearly stated on that site and in the MAN page i told you to read.... is completely different."Yes, I agree to all your comments on SUDO, I know what it is and how it works, I rarley use it tho, but I did mix up it's name with su as I told you"SUDO by its default configuraiton isn't exactly polite and takes a bit of time and effort to refine.... some people get lazy and ignore it and just SU into ROOT. SysAdmins however do not... and they make sure its propperly configured."I am guilty of this, however the systems I setup are mostly webservers etc where no "normal" users ever need to use the system, so sudo is not needed for that reason, that is why I pretty much never configure it up, because for the system I setup it's not requested or needed"But you really don't care do you.... your too busy defending your lack of knowledge on the matter and comparing a completely different system to UAC."How the system in Linux to gain root access and the system in Windows to gain Admin access can not be related I do not understand, so obviously my lack of experience shows now... (so this is why I don't answer your next two paragraphs)"Mixing 2 very powerful tools that are totally different is not what I call a excusable thing. Try explaining that to your boss if your in charge of an enterprise network. Some how I don't think he/she will be so forgiving"I never do, if I am uncertain I check first what the command does by typing --h or whatever is appropriate for the command in question (obviously this is not possible to do for a linux command in Windows so there I would need to ask google and I do admit I was too lazy to do that in this case r.e. sudo vs su)"I live in the real world where security is critical... and maintaining enterprise systems are important. Yes I'm very serious.... should show in my attitude here."Yes it does show."I take my work seriously.... very seriously."I take your word for it, I also take my work very seriously"Leave the world of linux and UNIX to the people who know what they are doing thank you very much."I am sorry but this I can not do, you could for example ask Julio in this case to stop me being the system administrator for this site, Techspot.comBut untill you do I am afraid I will need to maintain this system, plus others for relatives and friends and some companies"I'm done here... its obvious the people who run this dog and pony show don't know there stuff..... and just play around. "Who are the others, other than me?"So yes.. rejoice... the angry mushroom is leaving."Why would I rejoice? Communication is how humans learn things, I can appreciate that"Not that it will matter in the end... ban me... block me."No, I will not ban you, I only ban people that do not follow the T.O.S for Techspot (why would I want to ban you?)"Won't change the facts. If I need advise on fixing something to do with mechanics ill ask you.... but forgive me if I refuse to send people to you or respect your so called opinion on the subject of computers."Sure, that is no problem, I have all the work I need as it is, and you are of course free to contract whoever you want"Yes I respect the fact your a hobbyist... but that doesn't give you the right to spout off things just because you "Dabbled""Sorry, what does the word "Dabbled" mean? (yea, I am to lazy to google it) anyway, I think both Sweden and the US still honors free speech? If not then yes, you are right..."I eat breath sleep this stuff for a living...." "You obviously don't..."I also earn my living off this"Farewell.. and good luck on your UNIX endeavors... you'll be happier in Windows 7 for sure."I prefer Windows 2000 actually, it's much cleaner than XP and Vista, it should show in these articles;[url]http://www.techspot.com/vb/topic85224.html[/ur
][url]http://www.techspot.com/vb/topic90831.html[/url]I recently upgraded to XP x64 however, as you can see here;[url]http://www.techspot.com/blog/224/slow-system-perfo
mance-when-copying-large-files-in-xp-x64-server-2003-x64/[
url]As for my opinion yes, Windows7 is much better than Vista, I think I voiced this already howeverIt is also interesting how we agree on pretty much everythingIt is just that you are trying to very hard hate me for some reasonOf course this is a free site so you are free to do soAs long as you give me the liberty to defend myselfI will end this with a link to a LASER video of a machine I previously operated, note the marks for axis directions written with a black pencil, that was by me :)[url]http://www.techspot.com/files/Pers_Stuff/3DCutting55d
gT=5mm.divx.avi[/url]You can find some more info and pics here;[url]http://www.badcaps.net/forum/showthread.php?t=1956
/url][Edited by Per Hansson on 2009-02-12 12:13:51][Edited by Per Hansson on 2009-02-12 12:23:48]
MichaelLS said:
Thanks for confirming all that we learned about you.Now, again, I suggest you stop deceiving people by talking as though you know these topics. Knock it off!Two years in a little known IT Technician school. Give me a break. You are barely trained in IT - let alone - some OS expert.Nice stack of books. Too bad you never retained what is written within.When you have worked in this industry for 35 years or more then we might respect what you have to say here. Until then, Fan Boy, do everyone a favor and stick to playing FPS games on your home built computer.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.