UAC resources:- Engineering 7: User Account Control. Ben Fathi talks about UAC. "Technical details aside, UAC is really about informing you before any “system-level” change is made to your computer"
- In What Every Software Engineer Must Know About Windows Vista, Márton Anka gives a great explanation of how it works at a technical level.
- The Long-Term Impact of User Account Control, Sep 2007, Jesper Johansson, Technet Magazine. Good stuff on what UAC is, and is not.
- Inside Windows Vista User Account Control, June 2007, Mark Russinovich, Technet Magazine.
- What triggers User Account Control prompts? Ed Bott, Feb 2007
- User Account Control Prompts on the Secure Desktop - UACblog, May 2006.
- Understanding and Configuring User Account Control in Windows Vista - Technet. Detailed technical information, including setup of Group Policies. Includes the flowchart graphic used below.
Presentation points.
- Why users hate it.
- Still accustomed to the 'everyone is an Admin' philosophy handed down from Win3.1/Win95 era.
- It's just a delay box. (image: caveman playing whack-a-mole with dialogs)
- Screen flashes black and dims. Scary.
- How to decide? Yes always seems safe! No criteria for saying no. As shown below, the advice given in the dialog is usually right - but who reads dialogs?
- Not my problem. You bulging-brain sysadmins and OS/app coders should solve this!
- Apple ridicules it. image - video
- Stats on disablement.
- Benefits
- How it works
- Strategies
- When can or should I turn UAC off?
- What about using policies to change UAC behavior?
- What about UAC tweaking utilities?
- Understand that you see a lot of UAC in the first few weeks of a new computer or OS install - but once you have all your programs installed and preferences set, the UAC prompt is fairly rare.
- What should a user think about when UAC pops up? (decide in 3 minutes or less)
- Did I initiate an action?
- Do I know what will happen?
- Who makes the app that wants elevation?
- What color is the UAC dialog?
Blue/green background: The application is a Windows Vista administrative application, such as a control panel. You can trust the application.
Gray background and gold shield icon: The application is Authenticode signed and trusted by the local computer. You can be sure the application comes from who it says it came from. You should still decide whether you trust it or them.
Yellow background and red shield icon: The application is unsigned or signed but not yet trusted by the local computer. You cannot be sure who produced or altered the application. You should tend towards NOT trusting it, but do your research.
Red background and red shield icon: The application is from a blocked publisher or is blocked by Group Policy. You cannot elevate the process; no decision needed.
- Do I trust the app and its maker?
- Have I heard of them?
- Do they have a verifiable name, address, and phone number?
- Will I be able to complain to someone? Will they help me fix it?
- What happens to their reputation if they distribute malware?
- Is there a EULA? Have I read it? (examples of bad ones - Claria?)
- How have they handled security incidents in the past?
- What do others say about the app - or its maker? (google them!)
- Just trust my antivirus software.
.gif)
Fanciful versions of the (currently beta) Win7 yellow UAC box:
quux's mexican jumping wiki 
