Vista Build 5365 / UAC Notes

Recently Microsoft made available to select TAP/Beta testing groups a new build (5365) which I just finished installing.  All in all, I've say that things have progressed nicely from my pervious build (5348) and the previous public release (5342).  I'm running Vista smoothly on a Compaq NC6000 laptop with 1GB or RAM.  There are definite performance improvements that have been integrated as Vista is now running almost as quickly as XP.  With the rate things are going, I imagine that by Beta 2 parity will be achieved, and in the RC timeframe, it might actually be faster!

My only immediate complaints stem from the in-box audio driver (AC '97) not shutting off my speakers when I plug in a set of headphones.  This worked on early builds, but as of the February CTP has not.  I tried installing the driver posted on RealTek's webpage, but this very promptly blue-screened my box -- guess there is some sort of driver compatibility issue there.  Booting to safe mode and removing the device quickly solved the issue.

The second complaint is with the over-zealous elevation dialogs.  They appear with reasonable regularity to the point that I don't think end-users will actually read them, and will instead continually approve the elevation.  The thing that really drives me nuts though is that the dialogs now demand immediate attention before allowing you to proceed with doing anything on the system.  Fortunately (or maybe unfortunately) a visit to secpol.msc allows this behavior to be disabled or curtailed.  I'm sure though that much attention will be given to this prior to shipping, to determine what the right amount of user interaction is for granting consent.

I've seen some posts where people want all locally installed programs to run without consent.  This I do not agree with.  While I find the current state of the prompts obnoxious, disabling this security feature opens up a large attack vector on the system.  Presently installation programs that spawn new processes for rider program installations (read spyware/malware/rootkits/etc.) causes the prompt to occur.  A simple click of the cancel button quickly resolves the issue.  By providing this level of security, users gain much control over what enters and runs on their machines.

The true solution for all these issues is the redesign of applications to not require administrative privileges to run.  There has been a lot of work put into the operating system to help along legacy applications in this space, but until appdevs start writing applications with least privilege in mind, we'll be continually granting applications administrative consent.  For those that would say this is unrealistic, I merely point to the Linux/UNIX world where this has been done for years (design of applications with two-token authentication in mind).  Not all legacy applications will be ported, nor should they, but future applications can and should definitely be written with this in mind.

-Z