Vista UAC was designed to annoy and teach

It just hasn't quite taught the right thing. Teaching people to turn it off or click blindly every time it appears isn't progress. [Link]

At the RSA 2008 confab in San Francisco, Microsoft admitted that UAC was designed, in fact, to annoy. Microsoft's David Cross came out and said so: "The reason we put UAC into the platform was to annoy users. I'm serious," said Cross.

This isn't a total revelation. UAC was designed to get in your face; it's all about that "hey, you sure about that bauddy?", second-guessing thing. It's a less intimidating, less entertaining version of Clint Eastwood saying, "do you feel lucky, punk?" All this because you wanted to do something unimpressive like view all running processes on your system or install GAIM.

What makes UAC annoying is that it's a half-breed of sorts. UAC is not a security barrier, which is one of the reasons why users hate it: they don't see the point in a process elevation alert box that asks you to click "OK," as opposed to inputting a password when you're an admin.

UAC's real purpose is quite simple: it's meant to trip whenever a routine attempts to elevate security privileges, and get in your face. As we have reported before, this has two goals: a) it give users a chance to approve of the elevation in the off chance that something wrong is happening, and b) it encourages developers to design their software such that privilege elevations aren't needed in the first place. The latter is really the point of UAC, since users have absolutely zero control over the privilege requests their applications make (other than to chose not to install said apps).

The second goal is the important one and the tough one. As developers, we have been writing software that ignores Microsoft's own guidelines of best practices for years. Just one example: user data isn't supposed to go in Program Files. Those folders are read only to a standard user, but how many applications require access? Where I work, I've spent months getting our apps working correctly under Vista. This is a painful process, but a necessary one. Unix machines don't have this problem because these rules have been in place for decades. Vista is the awkward adolescence. Let's hope puberty goes by quickly.