What the fuck are we looking at?

Is Windows UAC actually working? Even when people see this window, they will still click "yes" to see what's on the other side of that wall.

Who cares if some bum fuck idiot gets a virus?

click yes anyway user

doubt smartscreen will let you use it anyway.

click yes for fun

>Is Windows UAC actually working?
Yes.
The purpose of UAC is to prevent random exe's from running without your permission. If you see something you dont recognize attempting to run then you click no.

So Windows is flawed because it leaves running potentially dangerous programs to the discretion of users? Then I guess only iOS is an acceptable operating system, moron. Next thing you know they'll allow disabling updates completely again and you people are gonna bitch about that.

Yes.

EXEs running without your permission are literally how crypolockers/ransomware seize the files on your computer.

Yes, you can't realistically bypass smartscreen as it'll check the certificate of the the file to see if it's missing, invalid, or expired, even when smartscreen is disabled it'll fall back to the legacy way of checking certificate validity, and warn you again. This is still a yes or no prompt, if the user clicks yes to a dangerous unknown file they're stupid. What is the point of your question any way? If it works? Uh, sure, dumbass.

It was invented as a way to avoid lawsuits. So M$ can say "hey we have super duper security. You shouldn't run anything unless you are sure. So we make this fun popup to warn you!"

In reality, no, it doesn't fucking work. People who are intelligent disable it and run what they want to run. Normies just fucking click yes anyway regardless of if it's "firefox.exe" or "this is a virus lolz.exe"

To expand on that, the only way smartscreen would be bypassed is probably due to a security flaw from a non-MS application, when you run a third party application with admin rights, it has access to run whatever the hell it wants. So theoretically lets say Chrome has a flaw where go to a site, and javascript, flash, java, etc, is taken advantage of in a way to execute a command via command prompt or powershell silently, via that it already has admin rights, so you can run a command to disable smartscreen, among other protective features, then go ahead and run that delicious malicious executable without the users notice anything ever happened, but that's one hell of a vulnerability, really.

In the end, it's the fault of the third party application and the user for not keeping it up to date, which it already should by default.

So with UAC cryptolockers are doing this with your permission, that's his point.

What do you suggest that they do instead, smartass?

Also no sane person would disable User Account Control. It's the only thing standing between attack vectors and running random shit on your computer without your knowledge.

You, when getting attacked/spammed by a botnet.

>So with UAC cryptolockers are doing this with your permission

Only if you're fucking retarded and click "Yes" to random executables you find on the internet.

>Linux
>Gotta change the filemode and type its path in a console to run it
>Completely flawless super safe system
>Windows
>Can run executable from graphical UI
>You have to confirm running it if it's not recognized as safe
>OMG FUCKING MICRO$HIT WINKEK IS SO UNSAFE

>So Windows is flawed because it leaves running potentially dangerous programs to the discretion of users?
He's doesn't seem to be arguing that Windows is flawed; rather that UAC is an illusion of safety and is quite useless.

>Only if you're fucking retarded and click "Yes" to random executables you find on the internet.
Congratulations, you've just made the point OP is making, since you've just described 95% normies out there. They need some shit to be done, if OS is asking yes or no of course they will click yes, especially if they don't understand the gibberish on the OP pic.

>since you've just described 95% normies out there.

That's why 95% of normies should be running a decent anti-virus program, which proactively interrupts before the program can even be executed and quarantines it if it's flagged.

This is why these things will be the only thing soon in future Windows OS:

Windows store and UWP - That means everything is examined by Microsoft employees

These things WILL be removed:

Registry and a fuck ton of legacy garbage, like a fuck ton. It'll be all gone, and will be super secure because it's gone.

Normies are going to norm, no AV can stop a determined idiotic user.

>thinking Windows will remove legacy support

Diligently supporting legacy shit is how MS makes most of their money, the registry isn't going anywhere because it would break entirely too many business environments.

It's going away, in the future. Who knows when, but they're mining tons of data to help speed up the process.Windows 10 is just a test, which makes it apparent how much windows is pushing away legacy.

Walled garden isn't the solution either, as you can clearly see with any mobile store. They are subject to the same problem, trash apps just ask for more permissions and users click yes.

>no AV can stop a determined idiotic user
If an AV tells you a file is bad and needed to be quarantined with a big scary popup, most normies won't run the file and will instead try to find a different source for the file.

Users idiotic enough to bypass their own AV without good reason exist, but they're the minority of normies.

They're making a decision, but who knows if it's the right one. I'll retract my statement that it's going away for 100% fact, but they are testing to see how it plays out. It might end up with a Legacy/New split off, but will end up with New as the priority.

>Windows 10 is just a test

What parts of legacy support were abandoned in Windows 10?

I live by all you need is MSE or defender if windows 8 or 10, anything else you should probably be banned from computers because you have no reasonable self control.

Abandoned? I'm pretty sure none, didn't mean for that to come of that way in my statements.

If they didn't abandon legacy support, then how is Windows 10 "pushing away legacy"?

What's wrong with registry? It's an internal NT kernel database which you shouldn't be seeing anyway in your average PC use. NT has a lot of stuff you don't and shouldn't care about. You don't care about unpaged pool tags, DPC or KeBalanceSetManager, why do you care about registry?

Correct me if I'm wrong but isn't the whole UWP basically not touching registry?

Why would these new features even be a thing if legacy isn't being pushed away, perhaps not removed, but pushed to the side.

The apps themselves don't rely on the registry, hovewer the underlying mechanisms use it heavily. UWP itself is just a userspace framework on top of the usual stuff, except for a couple differences (segment heap by default etc).

Introducing a new way of doing something isn't the same as deprecating an old way, especially if that old way sees a lot of use.

For example, Microsoft has its own online store for distributing Windows software, but that doesn't mean they're going to eventually make it the only way to distribute Windows software.

Ransomware doesn't actually require admin privileges to encrypt user files, so it doesn't raise a UAC all the time.

That's why AV is still helpful to have, or at least why people should run files through VirusTotal.

Just a reminder that if you're running Windows without UAC at the highest setting - not default! - then you are a fool:
>The changes to User Account Control on Windows 7 were criticized for being potentially insecure, as an exploit was discovered allowing untrusted software to be launched with elevated privileges by exploiting a trusted component. Peter Bright of Ars Technica argued that "the way that the Windows 7 UAC 'improvements' have been made completely exempts Microsoft's developers from having to do that work themselves. With Windows 7, it's one rule for Redmond, another one for everyone else." Microsoft's Windows kernel engineer Mark Russinovich acknowledged the problem, but noted that malware can also compromise a system when users agree to a prompt.
Running it at the highest setting fixes this issue

I like it for when something pops up that I didn't prompt. (which never happens to me but it could happen).

But the BIGGEST issue is that UAC can be bypassed by hackers. The malicious software that it's designed to alert you about can just work around it.

Unfortunately given a choice between security and a gif of dancing cows, the user will pick dancing cows every time. Why do you think everyone is pushing all the cancerous secure computing and code/firmware signing?