Windows 9 (And Pandora) appreciation thread



  • Bought a new Win 8.1 laptop after using Vista and Ubuntu for the last 5 years. As any long-time windows user knows, the very first thing you do in a fresh Windows install (even before opening IE for the one and only time ever to download the firefox installer) is to go to the control panel and disable UAC and any other security garbage you can find, since the practical effect of UAC is just to add an "Are you sure?" dialog box onto everything you ever want to do.

    Unfortunately, the new permission restrictions for the Program Files folders aren't disableable. Luckily there's a workaround: create the folder on the desktop first, then move it into Program Files. The permissions seem to persist, though moving the folder spawns one last "Are you sure?" dialog. I guess I could just use a different folder, since arguably a VM doesn't belong in Program Files to begin with (it's a VM with a program inside it, so technically...), but this is my damn computer and I'll save all my porn to c:\windows\syswow64 if I want to.

    Now that that's all up and running, I open up the CentOS VM and the Windows Firefox interface, but oh noes! It uses an unsigned Java applet for part of its core functionality. Java warns me about this and I click through, expecting no more issues, but the nag dialog shows up every single time this applet tries to run. There's no whitelist, and google tells me there is no way to disable the restriction altogether. But I do learn that it was only added after version 7.25, and in the near future Java will disable running unsigned applets completely.

    At this point, I can either write emails to the developers of the program and/or the applet and ask them to fix their shit, or I can downgrade Java to 7.25 and disable updating. Since only one of these two courses of action will likely solve anything, I choose the obvious.

    Cut to the not-too-distant future, when Firefox suddenly decides that Java 7.25 is no longer secure enough to be allowed to run. Ever. Googling leads to many support threads by pissed off people who can't update their plugins for whatever reason, and the response is invariably stubborn pontificating about how Mozilla knows best and you're too stupid to be trusted to decide what's safe. Just before beginning to research which version of Firefox I need to downgrade to (because fuck Chrome), I find the about:config setting I need to toggle to disable plugin blocking altogether (extensions.blocklist.enabled). I double check that automatic updating is disabled in the Firefox settings, and everything is finally good to go, at least for now.

    So to summarize, the net effect of all the added security has been:

    1. Piss me the hell off.
    2. Force me to downgrade to less functional, less secure versions of my applications and plugins.
    3. Force me to disable otherwise useful security precautions simply to avoid clicking the same damn "Are you sure?" dialogs 20 times a day.


  • @dookdook said:

    I open up the CentOS VM and the Windows Firefox interface, but oh noes! It uses an unsigned Java applet for part of its core functionality

    I really don't have any idea of what you're talking about here.

    @dookdook said:

    But I do learn that it was only added after version 7.25

    I guess this has more to do with Firefox than with Java. AFAIR Mozilla disabled (by default) running Java applets.


  • :belt_onion:

    @dookdook said:

    As any long-time windows user knows, the very first thing you do in a fresh Windows install (even before opening IE for the one and only time ever to download the firefox installer) is to go to the control panel and disable UAC and any other security garbage you can find, since the practical effect of UAC is just to add an "Are you sure?" dialog box onto everything you ever want to do.

    I don't do that and I'd consider myself a long-time Windows user...
    UAC enables privilege seperation between things that should have R/W access to everything and all your other programs... In my opinion, turning it off is an incredibly Bad Idea...

    But if you're fine with your web browser running in unrestricted, trash-your-everything mode, that's fine too ;)

    EDIT: I got ya on the Java applet though - that's a pain in the butt. If you have access to the applet's deployment, you could self-sign it and add that key to your trusted keystore, but that may be a bit too much work. On the bright(?) side, soon Chrome won't support Java any more, so this won't even be an issue. It works that way, right? RIGHT?



  • @Eldelshell said:

    I really don't have any idea of what you're talking about here.

    Sorry lol. CentOS VM running a linux application that sets up a local server accessed in Windows through firefox.

    An incredibly clunky solution for Windows users who want to run an application that (for stupid, but valid reasons) can't be ported to native windows, and is too big to run in cygwin without constant fork errors.

    http://www.sagemath.org , btw.



  • @dookdook said:

    the very first thing you do in a fresh Windows install (even before opening IE for the one and only time ever to download the firefox installer) is to go to the control panel and disable UAC and any other security garbage you can find

    This advice may have been useful in the early Vista days before developers realized that they should avoid writing to system directories as part of normal procedure, but nowadays (at least in my experience) the UAC dialog only comes up when there's an actual security concern, like installing something or changing a system setting. The advice of "Turn off UAC" is cargo cult garbage that only causes harm.


  • :belt_onion:

    @hungrier said:

    Now that everyone has ditched Vista for a version of Windows that doesn't suck, the advice of "Turn off UAC" is cargo cult garbage that only causes harm.

    FTFY


  • FoxDev

    So your response to security prompts is to turn off all security.

    I guess your solution to having to unlock your front door to get in is to remove the door. Because turning off UAC and downgrading your programs is just as stupid.


  • :belt_onion:

    UAC is still a pain in the ass because it refuses to let you write to not just system folders, but basically ANY folder outside of the built in "My Documents" type folders, which is a goddamn pain in the ass as a programmer.

    Hell, every time my wife tries to run Diablo3 she has to hit YES to a stupid UAC warning about how Diablo3 is going to take over her computer... when all it wants to do is update an ini file in its own goddamn program files directory. edit: apparently an old bug in DiabloIII that required turning on admin mode, which causes the prompts. Might be fixed now, but we've never turned off admin mode to see!



  • @RaceProUK said:

    I guess your solution to having to unlock your front door to get in is to remove the door.

    If I had to go re-unlock the front door every time I wanted to access a household appliance, I'd probably consider it.


  • :belt_onion:

    @darkmatter said:

    Hell, every time my wife tries to run Diablo3 she has to hit YES to a stupid UAC warning about how Diablo3 is going to take over her computer... when all it wants to do is update an ini file in its own goddamn program files directory.

    About this - there really needs to be a way to tell UAC to allow/whitelist certain things - like updating an INI in the diablo folder.
    As a regular user at home, UAC is annoying but tolerable. As a programmer, it makes work almost impossible because every other time I blink I am having to confirm that I wanted to blink.



  • Diablo3 is Doing It Wrong then. There's a reason %AppData% and %ProgramData% exist. We shouldn't be compromising security because someone else is mentally deficient.


  • :belt_onion:

    @mott555 said:

    Diablo3 is Doing It Wrong then

    tbh - the ini editing is just my guess for what is triggering UAC.
    i don't actually know, because UAC DOESN'T BOTHER TO FCKING TELL YOU.


  • :belt_onion:

    It could be because the launcher tries to update itself from the internet every time it runs. It could be that the launcher turns around and calls a different exe to run. It could be because they are scanning your memory to check for bot/cheat apps running. It could be all of the above. All I know is that it pops up the warning. EVERY. TIME. It's not like we're EVER going to fcking decide randomly one day, hey, no, I don't want that app to have access THIS time! So seriously, why is there no way to whitelist an exe in UAC without having to download some crappy add-on hack app that is more likely to be a virus than the thing you're trying to whitelist?


  • :belt_onion:

    You could change permissions on that file to be R/Wable by "Users". I've had to do that work-around for exactly that reason...

    However,
    @darkmatter said:

    way to whitelist an exe in UAC without having to download some crappy add-on hack app that is more likely to be a virus than the thing you're trying to whitelist?

    That would be a good idea.


  • area_deu

    Soo... one of the several million clicks you do during a Diablo session bothers you? Really? Just pick up one less potion then to make up for it.

    Or you could just change the permissions on the .ini file, as @sloosecannon already suggested.


  • FoxDev

    @dookdook said:

    If I had to go re-unlock the front door every time I wanted to access a household appliance, I'd probably consider it.

    Which [s]begs[/s] prompts the question of why you're locking the appliances behind the door in the first place.

    Seriously, if you don't want to be prompted a million times to update a file, don't put the file in a secure location. Put it somewhere you have full access, like your user folder. That's why it's called the user folder: it's there to be used by the user.


  • ♿ (Parody)

    @RaceProUK said:

    Which begs the question

    NO IT DOESN'T



  • @RaceProUK said:

    begs the question

    It might prompt, summon, refer, motivate, stimulate, advance, proffer, or even ask... but it never begs.

    #######pedantry



  • I don't know, the popular use of the term is "just begs me to ask this additional question". I'd call it a different term with the same wording.



  • @dookdook said:

    As any long-time windows user knows, the very first thing you do in a fresh Windows install (even before opening IE for the one and only time ever to download the firefox installer) is to go to the control panel and disable UAC and any other security garbage you can find, since the practical effect of UAC is just to add an "Are you sure?" dialog box onto everything you ever want to do.

    I don't do that.

    If you're getting UAC dialogs for "everything you ever want to do", then I might suggest you should stop putting your personal data in the /Windows folder, or whatever the fuck is causing that. Because it ain't normal.

    @dookdook said:

    Unfortunately, the new permission restrictions for the Program Files folders aren't disableable.

    Sure they are. There's just two different levels of Administrative User now, and you're the wrong one.

    @dookdook said:

    I guess I could just use a different folder, since arguably a VM doesn't belong in Program Files to begin with (it's a VM with a program inside it, so technically...), but this is my damn computer and I'll save all my porn to c:\windows\syswow64 if I want to.

    Oh wow. I guessed correctly. Which means I've met enough idiots like you that when I hear "turn off UAC" my mind immediately kneejerks to, "oh great, one of those morons again".

    Nobody's denying it's your computer, but you might make your life easier and work WITH the system instead of against it.

    Somehow, I never seem to ever hear anybody say: "it's my own car damnit, and if I want to drive in reverse along I5 at 45 MPH I'll do it!"

    @dookdook said:

    Now that that's all up and running, I open up the CentOS VM and the Windows Firefox interface, but oh noes! It uses an unsigned Java applet for part of its core functionality.

    ... what the fuck decade are you time-podding from? Even Oracle's given up on Java Applets.

    @dookdook said:

    So to summarize, the net effect of all the added security has been:1) Piss me the hell off.

    What security? YOU TURNED IT ALL OFF!

    You turned off UAC. You turned off Firefox's auto-update. You turned off the plugin filter that protects against plugins with security holes. You're putting fucking user data in the Program Files directory with Administrative permissions. You're running fucking Java Applets.

    There is no security on your computer.

    @dookdook said:

    2) Force me to downgrade to less functional, less secure versions of my applications and plugins.

    You were using a fucking Java Applet! How more "downgraded" can you get? Last time I saw one of those was 2002.

    @dookdook said:

    3) Force me to disable otherwise useful security precautions simply to avoid clicking the same damn "Are you sure?" dialogs 20 times a day.

    You wouldn't have to click it 20 times a day if you just put files where they belonged. (And have always belonged, ever since Windows 2000 or so. The rules UAC follows aren't new.)

    I bet when you do get a virus, you're going to be red-faced angry at Microsoft (despite disabling their security), Oracle (despite ignoring their deprecation warnings), and Firefox (despite disabling its blacklist). Because you seem to have the intellectual ability (and probably BO, although I'm just spit-balling there) of a gibbon.


  • kills Dumbledore

    The original meaning of begging the question is basically circular reasoning. Assuming a particular answer to a question before you ask it. It's probably past the point where grammar prescriptivists can reclaim it from the more intuitive "requires the follow up question".


  • :belt_onion:

    @sloosecannon said:

    You could change permissions on that file to be R/Wable by "Users". I've had to do that work-around for exactly that reason...

    I changed everything in the whole folder to be r/w by all, it didn't help.

    @ChrisH said:

    Or you could just change the permissions on the .ini file, as @sloosecannon already suggested.

    Again, tried that. So I must ASSUME it was something else causing the warning. Because UAC WON'T JUST TELL YOU WHAT THE HELL IS ACTUALLY WRONG.


  • ♿ (Parody)

    @jaloopa said:

    It's probably past the point where grammar prescriptivists can reclaim it from the more intuitive "requires the follow up question".

    In a world where dictionaries accept a word's antonym as its definition, I'm sure you're right. But that doesn't mean we should be happy about teh stoopid winning.


  • FoxDev

    @boomzilla said:

    In a world where dictionaries accept a word's antonym as its definition, I'm sure you're right. But that doesn't mean we should be happy about teh stoopid winning.

    this is why i prefer the Descriptivist OED over the prescriptivist Merriam-Webster

    i don't care how the language is supposed to work, i care how people are using it.

    and if that means the "stupid" way wins, well then it wins, because that's how people decided to use the language.



  • @RaceProUK said:

    So your response to security prompts is to turn off all security.

    I guess your solution to having to unlock your front door to get in is to remove the door. Because turning off UAC and downgrading your programs is just as stupid.

    +1 to the purple dragon thing girl with the mysterious water droplet ear

    @darkmatter said:

    Hell, every time my wife tries to run Diablo3 she has to hit YES to a stupid UAC warning about how Diablo3 is going to take over her computer... when all it wants to do is update an ini file in its own goddamn program files directory.

    Then Blizzard fucked-up. That's a bug in their program; the UAC warning is genuine. The .ini file 1) doesn't belong in Program Files, and 2) .ini files have been deprecated since like 1994 what the fuck is WRONG with game devs!

    ... also I played Diablo III and I'm 99% sure it didn't do that. (World of Tanks does if you go through the launcher, but in its defense there is a non-zero chance the launcher will need to run an installer.)

    @darkmatter said:

    i don't actually know, because UAC DOESN'T BOTHER TO FCKING TELL YOU.

    UAC doesn't know.

    @darkmatter said:

    So seriously, why is there no way to whitelist an exe in UAC without having to download some crappy add-on hack app that is more likely to be a virus than the thing you're trying to whitelist?

    It's actually pretty easy if you know how folder permissions work.

    Rub your brain cells together, and consider this: how do you think Steam keeps 47 applications inside its Program Files directory updated with no UAC prompts? Meditate upon this and gain wisdom.

    What Steam does automatically, you could easily do manually. ... but that doesn't change the fact that Diablo III is broken and you shouldn't have to.

    @ChrisH said:

    Soo... one of the several million clicks you do during a Diablo session bothers you? Really? Just pick up one less potion then to make up for it.

    Also a good point. Diablo games are nothing but 57,034,322 mouseclicks in succession. You'd think someone who's a fan of clicking would love another click. It's like a warm-up round.

    @VaelynPhi said:

    It might prompt, summon, refer, motivate, stimulate, advance, proffer, or even ask... but it never begs.

    This is why you can never stop the fight against pedantic dickweeds.

    Did you know what she meant? Yes? Then fuck off and die.


  • kills Dumbledore

    are you referring to Literally?

    informal - Used for emphasis while not being literally true:
    I have received literally thousands of letters

    Where Literally literally means "not literally".

    I'm kind of torn on this front. I accept that language evolves and this enables it to still be relevant, but OTOH IT'S NOT FUCKING HARD TO PICK UP THE FUCKING DIFFERENCE BETWEEN FUCKING LESS AND FUCKING FEWER!

    On a vaguely related note, I think one of my first likes on this forum was when I saw you using "beg the question" in its original sense


  • ♿ (Parody)

    @accalia said:

    and if that means the "stupid" way wins, well then it wins, because that's how people decided to use the language.

    It's true. Sometimes changing usage improves communication, and that's a good thing. As long as we don't do something really stupid like adding a bunch of 'u's to words.



  • @jaloopa said:

    are you referring to Literally?
    Wikipedia has a long list of them; the best is probably "sanction."


  • :belt_onion:

    @blakeyrat said:

    UAC doesn't know.

    UAC doesn't know what it's complaining about? Seriously?

    Here, let me fix this again (FOR THE BILLIONTH TIME YOU FUCKING MORON).
    IT IS NOT COMPLAINING ABOUT THE FUCKING INI FILE THAT WAS JUST A RANDOM GUESS I MADE BECAUSE UAC WONT FUCKING TELL ME.

    What I believe it is complaining about is that DIablo3 likely checks the other active processes for bot/cheat/hack programs running, which I am sure would cause a UAC prompt, right?


  • kills Dumbledore

    @boomzilla said:

    something really stupid like adding a bunch of 'u's to words

    Or indeed removing them out of a misplaced desire to make language work logically.

    If you're interested in differences between British and American English, I can recommend http://separatedbyacommonlanguage.blogspot.co.uk/. It's written by an American linguist who lives in the UK. I've seen her talk on how America saved the English language and it's a pretty interesting subject


  • :belt_onion:



  • @darkmatter said:

    Again, tried that. So I must ASSUME it was something else causing the warning. Because UAC WON'T JUST TELL YOU WHAT THE HELL IS ACTUALLY WRONG.

    I'm 99% sure Diablo III doesn't trigger UAC warnings. If it does-- if-- I'd suspect some anti-cheat code in the product. Or she's installed some kind of mod or graphical enhancement (like ENB) or overlay tool (Raptr, some chat programs have them) or Fraps or something that does require admin because it peeks into another process's memory.

    UAC doesn't tell you what it's blocking because it doesn't know. All it knows is that a permission denied was thrown somewhere. It doesn't even know whether it's in a file or code object.

    It's not a conspiracy against you. Relax.


  • ♿ (Parody)

    @jaloopa said:

    are you referring to Literally?

    Yes. I mean, using the word "Bad" to mean, like, cool or awesome or great or whatever was one thing. Did that come before "badass"?

    The other phrase that comes to mind is "I could care less." Both of these are signs of people who don't understand what the fuck they're saying, but they've heard other people use these words, so they will too, even if they don't remember to use all the right words. Incompetent cargo cult communication.

    Fuck you stupid people. At least you make it easier to identify you by saying shit like that.



  • Why does https://www.hex-rays.com/products/ida/support/download_freeware.shtml need UAC approval when I start it up in Windows XP compatibility mode?



  • @dookdook said:

    As any long-time windows user knows, the very first thing you do in a fresh Windows install (even before opening IE for the one and only time ever to download the firefox installer) is to go to the control panel and disable UAC and any other security garbage you can find, since the practical effect of UAC is just to add an "Are you sure?" dialog box onto everything you ever want to do.

    Much, much less true in Windows 7+ than was the case when that feature was first rolled out in Vista. UAC no longer stands for "User Annoyed Constantly".

    Application vendors have by now had enough years to get used to the idea of not being able to do anything they damn well please without pissing off their users that most of them are on board.

    If I were you, I'd turn UAC back on. Windows Defender I'd turn off; Panda Cloud Antivirus Free works better by itself.


  • kills Dumbledore

    @boomzilla said:

    "I could care less."

    this seems to be a particularly American one. Very few people in the UK say it. Which is good because if I heard it from real people rather than TV or forums I'd probably get an IRL reputation for being a pedantic dickweed by correcting them all the time. I mean, 2 seconds of parsing the statement shows that it doesn't make sense


  • ♿ (Parody)

    @EvanED said:

    Wikipedia has a long list of them; the best is probably "sanction."

    Most of those don't seem to be in the same class as 'literally.' Though maybe that's just because 'literally' is more recent.

    Related: My wife goes nuts every time someone talking about "honing in on" something.



  • @dookdook said:

    create the folder on the desktop first, then move it into Program Files ... this is my damn computer and I'll save all my porn to c:\windows\syswow64 if I want to.

    Sure, you can do that, but don't whine like a bitch when things break.


  • ♿ (Parody)

    @blakeyrat said:

    It's not a conspiracy against you. Relax, it's just a really piss poor design done without thinking about the consequences.

    FTFY



  • @dookdook said:

    stubborn pontificating about how Mozilla knows best and you're too stupid to be trusted to decide what's safe

    By this point in your screed I'm pretty much convinced that they're right. URTRWTF.


  • ♿ (Parody)

    @jaloopa said:

    hich is good because if I heard it from real people rather than TV or forums I'd probably get an IRL reputation for being a pedantic dickweed by correcting them all the time.

    I usually ask, "How much less?" And they have no clue. Here's your sign.



  • @darkmatter said:

    UAC doesn't know what it's complaining about? Seriously?

    Seriously.

    For some basic problems it might have a basic idea: "program tried to open file Program Files/Blah/Blah.txt for writing". But that doesn't:

    1. help the user understand what the program is doing (which is the critical information here), and
    2. it's only one-step of what could potentially be thousands of steps

    Point 1) makes the notification useless for all practical purposes. "Program tried to create new file in User/Startup." Ok, is it installing a harmless install cleanup, or is it installing a horrible virus? UAC don't know. The user don't know. Is the file even executable? Or a shortcut? UAC don't know.

    Point 2) makes the concept of "whitelisting" an operation useless. If you have a badly written program, it could keep 20,000 configuration files in Program Files. To whitelist even one run of this program, you'd have to hit "allow" for every one of those file writes. The next time it runs, the filenames could be completely different (maybe they're timestamped) and now you have to hit "allow" another 20,000 times.

    You can "whitelist" an entire folder by modifying its permissions, but Microsoft hasn't made an easy one-click operation for that. They could. But it wouldn't work at UAC-time, it'd have to be done before or between runs of the program. (The UAC account/alternative desktop doesn't have permissions to change permissions, for obvious reasons.)



  • Disabling UAC, using Firefox, and Java? You sir are the trifecta of WTFs.



  • @boomzilla said:

    Most of those don't seem to be in the same class as 'literally.' Though maybe that's just because 'literally' is more recent.

    "Literally" as an intensifier for a deliberately non-literal expression isn't more recent. I don't have access to the OED any more unfortunately, but my memory is that has citations of that use going back to the late 1800s.

    OK, I guess I can't say it's not more recent, because I don't know when the other autoantonyms were brought into use. The point is the intensifier "literally" is not even close to a new thing. And to a lesser extent, the sloppy dictionaries that just provide "1. [the 'right' def] 2. figuratively" are missing the point about what it's actually doing in this case.



  • @ben_lubar said:

    Why does https://www.hex-rays.com/products/ida/support/download_freeware.shtml need UAC approval when I start it up in Windows XP compatibility mode?

    Maybe it internally launches another EXE that isn't marked as XP Compat? I dunno. There are a few reasons, that's probably the most common.



  • @dookdook said:

    Java warns me about this and I click through, expecting no more issues, but the nag dialog shows up every single time this applet tries to run. There's no whitelist, and google tells me there is no way to disable the restriction altogether.

    Tells me different.

    Sysadmin intern fail.



  • @boomzilla said:

    FTFY

    Read my post. Knowing what specific operation was blocked gives no clues as to what the application was doing, and whitelisting is impossible because the UAC virtual desktop/user doesn't have permissions to change permissions.

    If you have technical solutions to these problems, by all means, go offer your services to Microsoft.

    And hell, UAC works a shitload better than sudo does. At least it doesn't just let things fucking fail, then make the failing program try and message the user as to what went wrong.



  • @darkmatter said:

    Hell, every time my wife tries to run Diablo3 she has to hit YES to a stupid UAC warning about how Diablo3 is going to take over her computer... when all it wants to do is update an ini file in its own goddamn program files directory.

    Has she tried hitting NO instead, which should make Windows redirect the write attempt to a virtual shadow of that ini file inside her own user profile, and cease to nag thereafter?



  • @darkmatter said:

    It could be because the launcher tries to update itself from the internet every time it runs. It could be that the launcher turns around and calls a different exe to run. It could be because they are scanning your memory to check for bot/cheat apps running. It could be all of the above. All I know is that it pops up the warning. EVERY. TIME. It's not like we're EVER going to fcking decide randomly one day, hey, no, I don't want that app to have access THIS time! So seriously, why is there no way to whitelist an exe in UAC without having to download some crappy add-on hack app that is more likely to be a virus than the thing you're trying to whitelist?

    How are you going to feel about this the one day that it pops up, and you know you had just updated it that morning...



  • @boomzilla said:

    As long as we don't do something really stupid like adding a bunch of 'u's to words.

    Right. That would be a completely stupid manoeuvre.


Log in to reply