G
GO
I think we're sort of on the same wave length now. Windows can be a secure
OS when you have the proper mind-set/practices, but your average user does
not. And you can't fault them for that as they just want a "box" that
works, so ultimately it's Windows/MS's responsibility to provide a
safe/secure environment.
And you're right, switching back and forth is a PITA. MS should have made
better use of and a more robust "runas" feature. The OS/applications also
needs to be more limited account friendly too. Things have improved
considerably but there is still room for improvment; games come to mind, as
there shouldn't be any reason you need to run as admin to play a game.
As to what MS can do? An "in-your-face" greeting with a
tutorial/explaination about admin vs limited accounts would be a good idea.
It liekly wouldn't solve all the problems but I'm sure it would help. UAC
(in Vista) is a step in the right direction although I think it's
fundamentally flawed. From what I've seen (so far) it pops up far too often
and it's likely to create an environment where "Joe user" will blindly start
pressing "Ok / Allow" to everything or just shut it off altogether. This is
seen now with a lot of virus/malware infections. A lot of the time the user
is actually prompted in IE, or has to physically double-click and
install/run something, before getting infected.
Gary S. Terhune wrote:
> So you basically agree that it's not the OS that is faulty, it's bad
> practices and the fact that Windows is so friendly to apps that
> themselves are faulty. I'm always hearing people complain that
> Windows doesn't do this or that natively, and one of those things is
> malware protection. If Windows did all those things, MS would be hit
> with more anti-trust litigation than they already have been. I would
> think that even making Windows do some kind of quality control of
> apps would have similar results.
>
> As for the default admin account, I'm of two minds. Especially during
> initial setup, admin permissions are frequently required. I certainly
> wouldn't want the default to be a limited user account, but that's me
> -- I run as an admin all the time and don't have any resulting
> problems because I'm diligent about other good practices. With the
> way I use Windows, it would be a royal PITA to be switching back &
> forth. Only thing I can think of is to make a very strong,
> in-your-face greeting that would push you to create a limited user
> account and explain in detail why this is good practice, but not
> force it.
>
OS when you have the proper mind-set/practices, but your average user does
not. And you can't fault them for that as they just want a "box" that
works, so ultimately it's Windows/MS's responsibility to provide a
safe/secure environment.
And you're right, switching back and forth is a PITA. MS should have made
better use of and a more robust "runas" feature. The OS/applications also
needs to be more limited account friendly too. Things have improved
considerably but there is still room for improvment; games come to mind, as
there shouldn't be any reason you need to run as admin to play a game.
As to what MS can do? An "in-your-face" greeting with a
tutorial/explaination about admin vs limited accounts would be a good idea.
It liekly wouldn't solve all the problems but I'm sure it would help. UAC
(in Vista) is a step in the right direction although I think it's
fundamentally flawed. From what I've seen (so far) it pops up far too often
and it's likely to create an environment where "Joe user" will blindly start
pressing "Ok / Allow" to everything or just shut it off altogether. This is
seen now with a lot of virus/malware infections. A lot of the time the user
is actually prompted in IE, or has to physically double-click and
install/run something, before getting infected.
Gary S. Terhune wrote:
> So you basically agree that it's not the OS that is faulty, it's bad
> practices and the fact that Windows is so friendly to apps that
> themselves are faulty. I'm always hearing people complain that
> Windows doesn't do this or that natively, and one of those things is
> malware protection. If Windows did all those things, MS would be hit
> with more anti-trust litigation than they already have been. I would
> think that even making Windows do some kind of quality control of
> apps would have similar results.
>
> As for the default admin account, I'm of two minds. Especially during
> initial setup, admin permissions are frequently required. I certainly
> wouldn't want the default to be a limited user account, but that's me
> -- I run as an admin all the time and don't have any resulting
> problems because I'm diligent about other good practices. With the
> way I use Windows, it would be a royal PITA to be switching back &
> forth. Only thing I can think of is to make a very strong,
> in-your-face greeting that would push you to create a limited user
> account and explain in detail why this is good practice, but not
> force it.
>