If you think that's bad check this problem out that I had. So I installed Synaptics's touchpad drivers for Vista on my test setup of Vista Ultimate. (Keep in mind that these drivers/touchpad app was written for Vista.) Well, on EVERY startup of Windows I get a prompt to allow syntpenh.exe to run. It's part of the driver that runs at startup in a registry entry under run. Anyway, I though it was a little anoying (It wasn't a UAC prompt, but rather one of those "This application comes from another computer and cannot be trusted) so I decided to take a look at the file properties. Sure enough, it was not MS Certified, but it did have the normal place in file properties at the bottom where you can "unlock" the file so that Windows will not think it's "unsafe and from the internet". So I made the change and restarted... got no errors when I made the change mind you. I restart and get the same prompt... I'm like WTF? So I check the file properties again and it's back to locked. I open explorer on that directory (Yep, it's in Program Files) and run Explorer as administrator this time thinking it may have been rights that wouldn't allow me to change the file properties (but then agian, I never got the permission denied error). So I change the file properties again and recheck them after changing them. It's changed... I reboot and the prompt comes back on. I check the file properties and it's back to blocked. That's about the time I decided to put my other drive back in with XP on it after emailing Synaptics about the problem.

Now excuse me while I go to Best Buy and yell at the idiots selling Vista Home Basic/Premium to business users that need to have access to a domain server (with full login support).

What you are saying is make the UAC like Windows Firewall right? I think it is the dumbest thing ever invented.

People don't need UAC if the firewall and Windows spyware/malware tool is not good enough then screw it. UAC is total useless. Suppose to stop viruses but it really just pissed off people.

Microsoft UAC is just another thing to tick off users like downloading a WGA update every time you need to download software from Microsoft isn't enough!

THAT I have to agree with.

And, concerning the original topic, I really don't think Stardock should mess with the UAC - that is Microsoft's business. What I think Stardock should do, however, since it appears to have some 'weight' with Microsoft, is to pressure them into fixing, as fast as possible, all that is wrong with the current UAC implementation.

So why do you need to fix it ??

I see it like this ..

frogboy dislikes the UAC alarm when opening SD Central , AHH !! we'll fix UAC so our program doesn't raise the alarm .
Maybe your programming needs to be looked and not the UAC

Nice One

People need to get their heads out of the sand. UAC is useless. It does work - of course it works, but it works in such a way as to make even normal daily functions almost impossible.

Unless or until Microsoft (or someone else) makes UAC useable mine will be staying permanently off.

TweakUI is not by Stardock...

Frogboy:


Microsoft's reasoning for not doing this is that if this was possible (and lets call it 'blessing an application') and the user blessed, say, the Command Prompt, then a malware application could in theory launch the Command Prompt (which would then run with admin privileges WITHOUT displaying a UAC prompt) and use it to lauch a copy of itself. Because privilege is inherited, the malware launched by the 'blessed' Command Prompt would in turn run with admin privileges and have full access to the whole system.

Even if I do understand the reasoning behind this, there are two things I would like to point out: first, how would the malware know which applications have been 'blessed' and which not, so it knows which ones to 'abuse'? Second, it's still the user's responsability to reply Yes or No to an UAC prompt. Why trust the user for this and not for 'blessing' applications, then?! Doesn't make sense to me.



Unfortunately we, software developers, still have to change our applications so they work with the minority(?) that doesn't turn the UAC off. No less burden there for us.

Jan71:


How about drag & dropping stuff from one window to another? Would you not think of this as 'normal daily function'? It so happens that, as I previously stated, a by-product of the UAC is that you are NOT able to do this if the target application is running with higher privileges than the source application. And I could give you a hundred different examples of little things that are not working properly, or at all, because of the current UAC implementation.

Also, you are here because you like to play with customization software. Customization software is NOT a 'spreadsheet' or 'word processor' type of application. For customization software to work properly, it needs to do things that normal applications do not. So, how would you like if, in the name of security, suddenly all you would be able to run were 'word processing' type of applications?



Agreed 100%. The current lack of information on the part of Microsoft on how to get around these limitations is appalling!



Altough apparently a good idea, because it is up to the application itself to request an elevation of privilege (unless it has 'setup', 'install', etc..., in the filename, in which case Windows will automatically assume it needs admin privileges to install *something*), Windows has no way of knowing what an application requiring admin privileges wants them for. If an application does not explicitily request an elevation of privilege via its manifest, then no UAC prompt will be displayed, the application will run with normal privileges and any function it calls that requires admin privileges will fail. It would thus be up to the applications themselves to give Windows the reason WHY they need to be elevated, not to the OS itself.

Maybe Microsoft can copy the way ZoneAlarm did with their OS Firewall function in ZoneAlarm Internet Security Suite. It remembers your choice. Furthermore, if some software really require bypass, you can set it to ignore that particular application - kind of give it a superuser privilige. If you are not sure, then it can also check with some kind of online database for some default options. Really cool. I allow all those that need privilege and still get informed when some malicious stuff try to write to the OS.
I think it's just better if MS buys off ZoneAlarm, and integrate the whole stuff: you get good firewall, good 'UAC' like implementation, plus spyware defence and some basic antivirus. If you can't integrate the code, at least integrate the design.
I turned off UAC and now wait for maybe ZoneAlarm to update for Vista.

Not if Microsoft has hard-coded into the UAC that SDCentral.exe is an installer and should be flagged. There's nothing we can do on our end to make UAC not come up.  Is that intelligent behavior on Microsoft's part?