Symantec: UAC is better than no UAC
In a blog entry by Symantec today, entitled - An Example of Why UAC Prompts in Vista Can’t Always Be Trusted, they demonstrated the UAC works and what they discovered.
So while Microsoft may use the word trust when in relation to UAC in some of their documentation with statements such as – "The following illustration details the elevation prompt logic for corresponding levels of trust." – in actual fact, even the data these UAC prompts provide you with can’t be trusted.
Unfortunately, this particular issue I discovered also has an unintended consequence on a security policy which may be used by enterprises. There is a security policy item called "User Account Control: Only elevate executables that are signed and validated," which is designed to ensure that only trusted code can be elevated. Well, unfortunately due to the same reasons the UAC prompt can be fooled, this security policy can as well.
In summary, Microsoft in some quarters talks about UAC and trust, in others about the users making a decision before it’s too late. Hopefully from this write-up, you can see that it becomes a chicken and egg situation when the user is making a decision based on a false sense of trust.
Do I think some UAC is better than no UAC? Yes. Do I think UAC that presents information that can not be relied upon is good for user confidence? No.
Read the complete entry at http://www.symantec.com/enterprise/security_response/weblog/2007/02/an_example_of_why_uac_prompts.html