# Monday, 10 July 2006

Jesper Johansson is a world-reknowned security guy. His talks are always highly rated and people love to hear him tell them how to be safer than they are now. So when he says "please don't turn off UAC", will you listen?

Yes, it's annoying to be constantly authorizing things, especially when you just clicked the button to do whatever it is that needs to be authorized. Some of that is an artifact: it shows up far more often in the early days of a new install because you're busy configuring and administering the system. Some of that is because permission sets may still need tweaking. Changing the time zone was moved into "doesn't need admin privs" while changing the time was not, for example, and there may be actions that are triggering a UAC prompt that shouldn't be. This is what betas are all about, testing developer choices against the behaviour of real users.

The other reason for a lot of UAC prompting is apps that demand privs they shouldn't need, because their developers can't be bothered to use per-user stores, for example. If that's your app, and you're testing it on Vista, you need to change it so it works well on Vista. Not leave it as is so it works fine on Vista-with-UAC-turned-off. That's just "it works on my machine", and my developers aren't allowed to say that. :-)

Kate

Monday, 10 July 2006 09:28:28 (Eastern Daylight Time, UTC-04:00)  #    Comments [1]