aka "How to never by annoyed by UAC again"
My last post was a lame April Fool's joke. I wasn't seriously proposing that we replace the UAC prompt with a Captcha. It would kinda sorta make sense in some scenarios, but we've already solved the problem* differently. And captchas are annoying. Necessary evil, but annoying. (Isn't it truly weird that Captchas are the first step to Bladerunner-esque interrogations?)
*What problem? One of the things AUC addresses: If you are an admin user on Vista, your applications (mostly) run in normal user context - that is the core feature of UAC on Vista. If any (potentially) malicious software is running on your computer (in user context), you don't want it to be able to silently elevate to system context and open up firewall ports/reconfigure your system/etc.
(Yes, malware, even in user context, can probably send your credit card details to the other side other planet...malware running in system context is worse though, as it can reconfigure anything on the system to turn your computer into a spam zombie or botnet node/spy on other users/etc.)
If we didn't prompt the user before launching code in system context (from user context), malware could do literally anything to your machine (without you knowing) as soon as you doubleclicked on SeeParisHiltonNaked.exe. (Replace Paris Hilton with whoever you really really want to see in the nude.)
The AUC prompt is displayed on a dark background because it is running in a different screen session - the malware (back in user context) can't see the prompt/automatically click on it/etc. (If we displayed a captcha at this point (instead of an Allow/Cancel prompt) the malware back in user context won't be able to see it, or perform any action on it. The black frame means that only you, the user, and the Windows OS, can see (or interact with) any content on the screen.)
So - UAC prompts: Neccesary evil. Well...Neccesary evil to protect you from true evil.
Unless, of course, you generally know what you are doing.
You can easily configure UAC to never prompt you. You do, of course, need to be careful when downloading and running any software downloaded from the internet - you don't want random code from the internet to be able to get into system context on your machine.
But, if you always go "Hmm, is this a good idea to do this?" when you see the UAC shield on a button/menu...you don't need to see a UAC prompt, do you?
If you are a user with administrator priviledges:
To remove the prompt - run gpedit.msc, go to Local Computer Policy - Computer Configuration - Windows Settings - Security Settings - Local Policies - Security Options.
Look for 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' in the list on the right, and set it to 'Elevate without prompting'
Then, run 'gpupdate' from an elevated command prompt.
And you'll never see any UAC prompts, ever again.
But you have to promise to never run random executables off of the internet - stick to adobe.com or Paint.Net - stuff people trust. Stay away from SeeHarrisonFordNaked.exe.