While this isn’t wholly surprising, it was disappointing to have it confirmed. In a recent interview, David Cross, a program manager responsible for UAC made some seemingly tongue-in-cheek comments about the rationale behind UAC and its current impact on the average Vista user.
The reason we put UAC into the platform was to annoy users. I’m serious…UAC is not a perfect security boundary, but it [has helped us] move from ‘zero click’ exploits to ‘one click’ defense, said Cross.
Essentially, his position is that having a UAC prompt has made users aware of the dangers that they face in a connected world. In addition, those users have a better defense against exploits. This position was based, at least in part, on internal research that claimed that the vast majority of Vista users have UAC enabled and don’t receive prompts on a regular basis.
I wonder how much actual in-home observation time was included in that research. It has been my experience that UAC leaves non-technical consumers, think about your Mom, in essentially the same position they were in before. A UAC prompt basically gives the user a choice between allowing or disallowing an action which they don’t completely understand and almost certainly believe is happing at their request. In my limited observations, most people click “Allow” without carefully reading the prompt. Same risk as before, just more inane clicking around. It is the usability equivalent of your car asking you if you would like the engine to burn several chemical compounds, that you certainly don’t recognize, as they might be harmful to your car.
Mr. Cross would have us believe that the solution to Windows’ vulnerable code base is to force users to act as police for their computer’s activities. Isn’t this what software is supposed to be really good at? While I agree that there is no perfect solution yet, I think turning the human behind the keyboard into a filter for the “bad” things that are likely to happen on their computer sorely misses the mark. At the very least, more work on tightening down the core Windows code that is consistently exploited would be a good start.
0 Responses to “UAC designed to annoy people: Microsoft misses the point”