Microsoft says yes, will augment UAC in the next Win7 RC
In a stunning and maybe unprecedented accedence to public opinion this morning, Microsoft has announced it will take the emotion out of its discussion, and simply do something its users are asking for.
Perhaps taking a cue from President Obama himself -- who on Wednesday evening after the failure of two of his cabinet nominees told the American public, "I screwed up" -- Microsoft's Steven Sinofsky and Jon DeVaan yesterday took a blow for the team. In a contrite and euphemism-free blog post this morning, the two senior vice presidents in charge of Windows cited excerpts from their own critics who demanded that the adjustable User Account Control dial in Windows 7 not be exempt from User Account Control itself, and then essentially responded, "Okay."
"When we started the [Engineering Windows 7] blog we were both excited and also a bit uneasy," their post began. "The excitement is obvious. The unease is because at some point we knew we would mess up. We weren't sure if we would mess up because we were blogging about a poorly designed feature or mess up because we were blogging poorly about a well-designed feature. To some it appears as though with the topic of UAC we've managed to do both."
The two things they have to improve, they jointly admitted, were the UAC feature in the next version of Windows, and the way they represent it -- or defend it -- to the public. With regard to point one, they announced that the first Release Candidate for Windows 7 will alter the privilege given to the process that enables users to change privilege levels, such that privilege cannot be elevated by something as stupid as, say, the SendKeys method from VBScript.
"We are going to deliver two changes to the Release Candidate that we'll all see. First, the UAC control panel will run in a high integrity process, which requires elevation. That was already in the works before this discussion and doing this prevents all the mechanics around SendKeys and the like from working. Second, changing the level of the UAC will also prompt for confirmation," Sinofsky and DeVaan wrote.
As for the communications problem: Yesterday, DeVaan presented an opinion that made clear his perspective that anyone who would bother trying to pry open UAC was clearly in the minority, and that the majority would rather their operating system just shut up. It was a taste of Old Microsoft, and this morning, DeVaan and Sinofsky recognized it, and spat it back out.
"We want to continue the dialog and hopefully everyone recognizes that engineering, perhaps especially engineering Windows 7, is sometimes going to be a lively discussion with a broad spectrum of viewpoints expressed," they wrote. "We don't want the discussion to stop being so lively or the viewpoints to stop being expressed, but we do want the chance to learn and to be honest about what we learned and hope for the same in return."
In fairness, the SVPs did say they would reject any arguments about proof-of-concept that essentially begin with the idea that first malware gets onto the machine. A PoC should go through the entire scenario, they wrote, because their job is to ensure that such malware cannot get onto the machine -- you can't just assume that you can automatically jump through the first hoop.
For his part, Rafael Rivera -- one of the independent bloggers whose uproar over the UAC auto-elevation discovery helped trigger this whole discussion -- has yet to issue a response as of Friday morning.