• DrGunjah@lemmy.world
    link
    fedilink
    arrow-up
    65
    ·
    8 months ago

    It’s not like I want to defend windows, but If it needs admin permission you usually can’t start it without confirmation.

    • r00ty@kbin.life
      link
      fedilink
      arrow-up
      84
      arrow-down
      1
      ·
      8 months ago

      Here’s the problem. So many legitimate things need elevation, and often multiple times in a single install. Guess what most Windows users do, when they see an elevation prompt. What do you reckon?

      • DrGunjah@lemmy.world
        link
        fedilink
        arrow-up
        41
        arrow-down
        1
        ·
        8 months ago

        Honestly I don’t think it’s that bad. I have to use sudo just as often on linux as I have to accept the elevation box on win. Win11 has some serious issues but UAC is harmless.

        • r00ty@kbin.life
          link
          fedilink
          arrow-up
          13
          arrow-down
          18
          ·
          8 months ago

          Sudo is very different. You need to explicity enter your password. It may be cached for a short time and I’d argue that’s actually better.

          If I’m installing something, it asks for my password once but can then raise to root multiple times that’s fine.

          If I’m installing something and it asks for elevation three times, for example it needs to Install multiple drivers. It generates an automatic click when installing for many unexperienced users. It’s dangerous imo.

          It can’t really be compared to Sudo.

          • glitchdx@lemmy.world
            link
            fedilink
            arrow-up
            25
            arrow-down
            1
            ·
            8 months ago

            Sudo is just clicking “ok” with extra steps, thus making adding and removing programs more annoying, thus meaning the common user will probably just be logged in as root all the time. I challenge you to change my mind.

            • Sonotsugipaa@lemmy.dbzer0.com
              link
              fedilink
              English
              arrow-up
              4
              ·
              8 months ago

              That’s exactely what happened in my mind when I was getting started with Linux (kind of), although it’s arguably a habit that comes from using Windows where people don’t really think about OS users and permissions

            • Burninator05@lemmy.world
              link
              fedilink
              arrow-up
              4
              ·
              8 months ago

              As a Linux beginner who has a couple of false starts into it being my daily driver I’ll say that there are two stumbling blocks left for me. Permissions “issues” is the bigger problem and some programs not being as fleshed out is the other.

          • DrGunjah@lemmy.world
            link
            fedilink
            arrow-up
            15
            arrow-down
            2
            ·
            8 months ago

            So you think a person that would turn off UAC wouldn’t just put NOPASSWD in the sudoers? I doubt that. And even if they had to enter their pwd… Wouldn’t that just be annoying for the casual user instead of increasing security? I doubt they would be like “Oh I have to enter my pwd now, that really makes me think twice about whatever I was going to do with sudo.”

      • ReveredOxygen
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        8 months ago

        if you give elevated permission to movie.mp4.exe, that’s natural selection

        • r00ty@kbin.life
          link
          fedilink
          arrow-up
          10
          ·
          8 months ago

          I feel like there’s a lot of misunderstanding about what I’m trying to say.

          I’m saying the average windows user will begin to get fatigue when some installers ask for elevation 3 times (maybe more). They’ll end up just pavlovian clicking OK whenever that prompt appears. Which ends up circumventing the whole reason the prompt exists.

        • deaf_fish@lemm.ee
          link
          fedilink
          arrow-up
          6
          ·
          8 months ago

          I don’t know. Not everyone who uses a computer should be an expert. Not everyone is 100% alert all the time. I know there has to be a line somewhere.

          I feel like it would be really easy to have the OS check if the exe is appended to some other extension and force the user to rename it before allowing it to be executed.

          • Captain Aggravated
            link
            fedilink
            English
            arrow-up
            3
            ·
            8 months ago

            There has to be a level of “competently trained user” in there we can strive for. I think we were getting there about the time I was in high school circa 2003, where every last one of us could format an MLA essay in MS Word and do an autosum in Excel.

            Something that put me off of Microsoft products for a decade before I switched to Linux was their constant rearranging of the UI, requiring users to re-learn how to do basic tasks that worked just fine.

      • brygphilomena@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        Often they don’t. If more granular permissions were to be used. Hklm/programdata needing admin to do anything in it for example. Putting permissions on hklm/software/package to write is enough to make a lot of software work without opening up the whole system.

    • ExfilBravo@lemmy.world
      link
      fedilink
      arrow-up
      23
      arrow-down
      9
      ·
      8 months ago

      Everyone knows most people turn UAC completely off after it nags them for the 10th time and they get frustrated and dump it.

      • lightnegative@lemmy.world
        link
        fedilink
        arrow-up
        22
        arrow-down
        4
        ·
        8 months ago

        I turn UAC off before it nags me for the 10th time.

        The only nag I want to see is the one right before it gets turned off.

        I hate things that just throw up nag screens that users get desensitized to and just click through anyway. It hasn’t increased security at all.

        Looking at you “do you trust the authors of the code in this workspace folder” VSCode. Yes I effing do, that’s why I opened it to begin with!

        • DrGunjah@lemmy.world
          link
          fedilink
          arrow-up
          6
          arrow-down
          1
          ·
          8 months ago

          Fair enough but then you shouldn’t complain about the lack of confirmation (like the meme does)

          • Eager Eagle@lemmy.world
            link
            fedilink
            English
            arrow-up
            9
            arrow-down
            1
            ·
            8 months ago

            It’s still a valid complain, but the problem is not exactly the presence or absence of a confirmation IMO, it’s a deeper matter.

            What causes user desensitization (I guess that’s a word) is a direct result of how Windows users traditionally install software - from untrusted sources or by downloading them directly from a vendor’s website then manually installing it.

            UAC would be just fine if it was a rare thing to see, but because of this “download a .exe > double click > install” flow users see it all the time, which defeats the purpose of the warning. It became just another half-measure Windows has implemented.

            • Buddahriffic@lemmy.world
              link
              fedilink
              arrow-up
              2
              ·
              8 months ago

              And it’s unhelpful because it doesn’t give any details about what it wants to do with that admin access and also treats permission for one action as permission for all actions (not that you can tell what they first action you’re permitting is).

              I like the way android does it, where you can grant or revoke special permissions by category of action.

              Though the system I’d like to see is one where each program is sandboxed and then even you close the program (or it prompts for an elevation), then you get a list of system differences between the sandbox and your system and can choose whether and which changes to push from the sandbox env into the main env. Or to combine sandboxes so that programs can interact with each other.

      • DrGunjah@lemmy.world
        link
        fedilink
        arrow-up
        10
        arrow-down
        1
        ·
        8 months ago

        Yeah maybe, but if that exact same people would use linux they would sudo or 777 everything which wouldn’t be much better security wise

        • ulterno@lemmy.kde.social
          link
          fedilink
          English
          arrow-up
          13
          ·
          8 months ago

          Let me introduce you to a plethora of industry RedHat users who log into GUI as root for 8 whole hours, everyday.

          • letsgo@lemm.ee
            link
            fedilink
            arrow-up
            1
            ·
            8 months ago

            Sure but if you’re doing rooty stuff all day then sudo you’re sudo not sudo going sudo to sudo type sudo sudo sudo every sudo fucking sudo time sudo you sudo want sudo to sudo do sudo something. And yeah it sudo caches it for sudo a bit but sudo it’s still too sudo much.

            • ulterno@lemmy.kde.social
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              8 months ago

              #: I’m just going to write some memos in WPS Office and send it to the networked ftp server running on Binbos. Oh and while I’m at it, I’ll just ssh into a few other computers as root, using Nautilus (as root of course) and keep them all open until I shutdown, just because I want to copy their docx files.

      • Jakeroxs
        link
        fedilink
        arrow-up
        2
        ·
        8 months ago

        I leave it on, only really need it for installing programs, even them a lot of them go into app data these days by default