LG monitor software quietly kills UAC, dev says German developer Christopher Bachner has alleged LG monitor software is quietly disabling User Account Control (UAC), putting Windows punters at risk of malware infection. Introduced with Windows Vista and available on higher Microsoft platforms, UAC boosts security by restricting applications to standard user privileges …
LG's pretty terrible at anything IT-related.
This is the same company that released CD burners re-implementing the ATAPI "flush" command as an "erase firmware".
We also have a LG laptop, a LG P1 Express. Great machine, until you try to upgrade its stock 100GB HDD. Instant BIOS boot-loop. No BIOS update on website, and their telephone support don't seem to know anything about LG laptops.
If you disable UAC on Windows 8, the OS won't let you run any of the TIFKAM apps.
And nothing of value was lost.
On Windows 10 it's more annoying though - even the TIFKAM Settings apps are disabled. So it's hobson's choice; disable UAC and have control of your own PC, or retain the ability to change basic system parameters. Thanks, Microsoft, for treating us like infants.
UAC at least in Windows 7 works as advertised though.
Windows NT and Windows 2000 were a pain in the bum for doing administrative tasks, you had to log out completely then log in as an Administrator. Thus people got into the bad habit of always running as Administrator.
Windows 2000 had a hack that if you renamed something to 'setup.exe', it'd ask if you wanted to run the program under another account.
Windows XP extended that so you could right-click on any shortcut or .exe file and select "Run as", it still wasn't anything complete. A plus though, you could at least switch user.
Then UAC came along: and it had the smarts to prompt you for an administrator log-in. No more having to log out or switch user. In Windows 7 I've set up two machines like this: the normal user account is a "Power User", and for administrative tasks, there is a separate "Administrator" account. Even my mother can figure it out. It Just Works.
It's basically the 'su' feature that Unix has had for decades. Finally Microsoft has caught up on that front, now if only they'd pull their finger out and fix up the rest of the mess.
RunAs was implemented in XP
As for NT4 and earlier, yep that was a problem, but possible to overcome by using services to kick-off console sessions as other accounts and then work from there. I think there were tools you could also use (primarily from the good old resource kit, mainly from SysInternals). Aahhh, the good old days.
Which is a known and recognised security hole in a system which was created by stripping the multi-user security out of multix.
Anyway, UAC sucks. If I'm not using an account which has the permission to do the action, then all I want or need is a clear fail, not more prompts.
"Gotta say, disabling UAC's the first (maybe second) thing I do on any new Windows machine."
Fine, but that's your choice. You make a deliberate choice and if/when things go wrong, you know who to blame. Nothing wrong with that.
This malware fine monitoring software OTOH, decides for you and doesn't even tell you. Quite a different thing.
Seriously WTF is wrong with you? The number of Windows users that say/do this nonsense, you never get Linux people saying "oh yeah I just run as root all the time, I know it's terrible for security, but man, that sudo crap annoys the hell out of me". Did you forget what a malware magnet XP was? Personally I run all my Windows boxes (except my keyboardless tablet) as standard user and put my full admin password in each time I see a UAC prompt, which on a fully configured box isn't very often anyway.
And have Windows updates disable the LG monitor software so that it comes up with a warning about it being disabled due to security issues and advising users to contact LG for further information, along with re-enabling UAC. That's the only way companies that screw with basic OS security practices will learn their lesson.
"And why would either need to disable UAC?"
Because whatever the software's purpose, it probably writes data back into its folder in Program Files, or something stupid like that*.
Making the installer disable UAC is obviously SO much easier than writing the software properly in the first place (or fixing it if necessary).
* Not that anything I wrote on Windows millions of years ago does anything like that, oh no, definitely not. Ahem.
I know - I was just expressing my general annoyance at such software in general.
I have one item which until last year had instructions to turn off UAC because of the problem - but there's now a new version, which is designed to play nice compatible with UAC.
How does it play nice with UAC? The installer now defaults to installing it in C:\Progname\ instead of a subdirectory of C:\Program Files\
UAC should not be disable-able from anywhere other than the Control Panel setting. Why are applications/installers provided an API or the ability to disable it?
It is there to protect the user from dodgy applications, if dodgy applications can disable it, it kind of defeats the point.
Only the user should be able to disable it.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
