Security vs Usability (again)

Posted on by Walt Turnes

This from BetaNews (link opens in new window):

Giving a nod to developers who’ve apparently given a lot of feedback, as well as “certain commercials,” Microsoft’s platform chief Steven Sinofsky acknowledged that perhaps User Account Control in Windows Vista may have been…a little annoying. In turn, Windows 7 has additional UAC settings.

Fortunately for my own sanity, I haven’t had to jump through any hoops with UAC to get my code working, but that’s mostly because I deal with server-side code now.  While the developer perspective is interesting, it’s really the user perspective that’s important to me, as someone who is concerned with the overall state of desktop security.  Developers are not only in the minority, we also don’t have the option of just turning UAC off on client machines…we have to deal with it or simply not write software for Vista.  In the current incarnation of Vista, however, UAC is so obtrusive that many users opt to disable it entirely to get the warnings to stop.

Sinofsky said that with UAC, Microsoft had what he described as “the best intentions” in mind. But its attention to informing the user about what’s going on and getting consent “possibly went too far.”

For now, in the Pre-Beta version of Windows 7, there are now four settings for configuring how intrusive UAC will be: Never notify me, Only notify me when programs try to make changes, Always notify, and Notify and wait for my approval.

I think this is the right approach.  UAC doesn’t really bother me too much as an end user, but then again, I know what it means and what it’s actually doing.  I think that Microsoft took a big step in the right direction security-wise with UAC, but those pop up windows can be a real turn-off.  I’m glad to see that rather than abandoning the model and starting over from scratch, they’re trying to make the “security vs. usability” tradeoff for users less of an all-or-nothing proposition.