If you know who/what is Blackviper, you will enjoy the Top 10 tweaks for a faster (and less annoying) Vista PC. While at Blackviper, I was checking out svchost used by Vista. Guess what, this Generic Host Process for Win32 Services can run as many as 100 multiple instances of Svchost.exe at the same time. Enuf of this. Now go there for the supertweaks! BlackViper i_XpUser

The URL in the above link has bad characters. Click on the one below for your visit. http://www.blackviper.com/WinVista/... i_XpUser

He states: "User Account Control or UAC is a new feature in Vista that asks for permission to do system software tasks and also run programs. Unfortunately, this security feature is also annoying. I cannot predict the future of your system or what kind of security vulnerabilities will be used to attack systems, and as such, you need to decide for yourself if you desire to keep UAC active" I can't stress this enough: People need to stop running with full admin credentials, and UAC helps makes this *more* convenient, not less. Leave it enabled unless you absolutely must disable it for some reason. "Enough, enough bowing down to disillusion! Hats off & applause to rogues & evolution! The ripple effect is too good not to mention. If you’re not affected, you’re not paying attention!"

Blackviper isn't the only one that finds Vista UAC annoying The readers of PC World have recently rated UAC as Number 8 in The 20 Most Annoying Tech Products. I've been playing with this little utility called TweakUAC and I like it. It runs as stand-alone executable without doing any installation on the machine. TweakUAC comes with three options: (1) completely turn UAC off (2) switch UAC to the quiet mode that disable the elevation prompts for the administrators, and (3) Leave UAC on. The last option is used to restore the original behavior of UAC. Try it - you may like it. i_XpUser

"Blackviper isn't the only one that finds Vista UAC annoying The readers of PC World have recently rated UAC as Number 8 in The 20 Most Annoying Tech Products." And people also rate malware infestations as probably the biggest weakness of running the Windows platform. People must stop running with admin credentials, period. Running as admin is the reason why most adware/spyware gets installed on a machine. "(2) switch UAC to the quiet mode that disable the elevation prompts for the administrators" The problem with that setting is the default user account created when installing Vista is an admin, which unfortunately is what most people will use for an account. Setting this option therefore will result for most people in running with effectively full admin credentials should any process trigger the need for elevation because the user won't be prompted. It's annoying because we're not used to it. Seriously, if it results in far better security, is clicking continue really that bad, or are people blowing this way out of proportion? I guarantee you I trigger privilege elevation more than most people do, and it's honestly not that bad. I even run with a limited user account and have to type the admin password every time. No complaints because I know my machine is safer. "Enough, enough bowing down to disillusion! Hats off & applause to rogues & evolution! The ripple effect is too good not to mention. If you’re not affected, you’re not paying attention!"

If you make all the changes suggested in the link above, you may as well just run XP.

As far as how authentication is concerned, that's mostly true. The only difference is setting the option to not prompt as admin would allow users not logged in as admin to be prompted for elevation, making it still more convenient to run as a limited user. The whole point of UAC is to help people avoid running as full admin either by making use of the limited user access token when logged in with an admin account, or making it more convenient to elevate privilege when it's required from a non-admin account to an admin account. People who criticize UAC are usually dismissing the dangers of running all the time as a full admin, and their intent is to return to the XP days of running as a full admin all the time. Very rarely do you ever see someone who for security reasons doesn't run as a full admin all the time then slam UAC. Therefore, in the vast majority of cases, criticisms of UAC are actually criticisms of running more securely using a limited user account, and such criticisms are naive because those people assume they are invincible to accidentally opening up a virus in an email, surfing a containing a malicious script with the browser's active scripting enabled, having vulnerabilities in any application be exploited that they run, etc. Running with a limited user account and elevating privilege as needed is one of the basic "must-do's" every computer security professional recommends that every user should do. It blows my mind that people are actually slamming UAC mistakenly for causing the annoyance it allegedly causes without realizing the real issue is running 24/7 as an admin, and without full knowledge and understanding of the dangers that come with running with full administrative privilege for all processes. "Enough, enough bowing down to disillusion! Hats off & applause to rogues & evolution! The ripple effect is too good not to mention. If you’re not affected, you’re not paying attention!"