uap ugh

Excerpts from http://www.schneier.com/blog/archives/2006/04/microsoft_vista.html
Modern operating systems like Linux and Mac OS X operate under a security model where even administrative users don't get full access to certain features unless they provide an in-place logon before performing any task that might harm the system. This type of security model protects users from themselves, and it is something that Microsoft should have added to Windows years ago.
Here's the good news. In Windows Vista, Microsoft is indeed moving to this kind of security model. The feature is called User Account Protection (UAP) and, as you might expect, it prevents even administrative users from performing potentially dangerous tasks without first providing security credentials, thus ensuring that the user understands what they're doing before making a critical mistake. It sounds like a good system. But this is Microsoft we're talking about. They completely botched UAP.
The bad news is that UAP is a sad joke. It's the most annoying feature that Microsoft has ever added to any software product. The problem with UAP is that it throws up warning dialogs for even the simplest of tasks.
The dialogs stack up, one after the other, in a seemingly never-ending display of stupidity. Sometimes you'll find yourself unable to do certain things for no good reason, and you click Allow buttons until you're blue in the face.
The problem with the Security Through Endless Warning Dialogs school of thought is that it doesn't work. All those earnest warning dialogs blend together into a giant "click here to get work done" button that nobody bothers to read any more. The operating system cries wolf so much that when a real wolf rolls around, you'll mindlessly allow it access to whatever it wants, just out of habit.
These dialog boxes are not security for the user, they're CYA security from the user. When some piece of malware trashes your system, Microsoft can say: "You gave the program permission to do that, it's not our fault."
Warning dialog boxes are only effective if the user has the ability to make intelligent decisions about the warnings. If the user cannot do that, they're just annoyances. And they're annoyances that don't improve security.

--
The wages of sin are death, but by the time taxes are taken out, it's just sort of a tired feeling.
....Paula Poundstone

That looks it's based on the earliest betas. My experience with current CTPs has been nothing like that. I have to escalate privileges where appropriate, sure. And once in a while I have to click an Allow box. But nothing that even comes close to the criticisms in those mindless rants.



"Steve" wrote in message

Excerpts from http://www.schneier.com/blog/archives/2006/04/microsoft_vista.html
Modern operating systems like Linux and Mac OS X operate under a security model where even administrative users don't get full access to certain features unless they provide an in-place logon before performing any task that might harm the system. This type of security model protects users from themselves, and it is something that Microsoft should have added to Windows years ago.
Here's the good news. In Windows Vista, Microsoft is indeed moving to this kind of security model. The feature is called User Account Protection (UAP) and, as you might expect, it prevents even administrative users from performing potentially dangerous tasks without first providing security credentials, thus ensuring that the user understands what they're doing before making a critical mistake. It sounds like a good system. But this is Microsoft we're talking about. They completely botched UAP.
The bad news is that UAP is a sad joke. It's the most annoying feature that Microsoft has ever added to any software product. The problem with UAP is that it throws up warning dialogs for even the simplest of tasks.
The dialogs stack up, one after the other, in a seemingly never-ending display of stupidity. Sometimes you'll find yourself unable to do certain things for no good reason, and you click Allow buttons until you're blue in the face.
The problem with the Security Through Endless Warning Dialogs school of thought is that it doesn't work. All those earnest warning dialogs blend together into a giant "click here to get work done" button that nobody bothers to read any more. The operating system cries wolf so much that when a real wolf rolls around, you'll mindlessly allow it access to whatever it wants, just out of habit.
These dialog boxes are not security for the user, they're CYA security from the user. When some piece of malware trashes your system, Microsoft can say: "You gave the program permission to do that, it's not our fault."
Warning dialog boxes are only effective if the user has the ability to make intelligent decisions about the warnings. If the user cannot do that, they're just annoyances. And they're annoyances that don't improve security.

--
The wages of sin are death, but by the time taxes are taken out, it's just sort of a tired feeling.
...Paula Poundstone

I think it's OK - yeh it needs some tweaking in a few (maybe a few more than few...) places, but it's OK.
-- Zack Whittaker » ZackNET Enterprises: www.zacknet.co.uk » MSBlog on ResDev: www.msblog.org » Vista Knowledge Base: www.vistabase.co.uk » This mailing is provided "as is" with no warranties, and confers no rights. All opinions expressed are those of myself unless stated so, and not of my employer, best friend, Ghandi, my mother or my cat. Glad we cleared that up!
--: Original message follows :-- "Puppy Breath" wrote in message

That looks it's based on the earliest betas. My experience with current CTPs has been nothing like that. I have to escalate privileges where appropriate, sure. And once in a while I have to click an Allow box. But nothing that even comes close to the criticisms in those mindless rants.



"Steve" wrote in message
Excerpts from http://www.schneier.com/blog/archives/2006/04/microsoft_vista.html
Modern operating systems like Linux and Mac OS X operate under a security model where even administrative users don't get full access to certain features unless they provide an in-place logon before performing any task that might harm the system. This type of security model protects users from themselves, and it is something that Microsoft should have added to Windows years ago.
Here's the good news. In Windows Vista, Microsoft is indeed moving to this kind of security model. The feature is called User Account Protection (UAP) and, as you might expect, it prevents even administrative users from performing potentially dangerous tasks without first providing security credentials, thus ensuring that the user understands what they're doing before making a critical mistake. It sounds like a good system. But this is Microsoft we're talking about. They completely botched UAP.
The bad news is that UAP is a sad joke. It's the most annoying feature that Microsoft has ever added to any software product. The problem with UAP is that it throws up warning dialogs for even the simplest of tasks.
The dialogs stack up, one after the other, in a seemingly never-ending display of stupidity. Sometimes you'll find yourself unable to do certain things for no good reason, and you click Allow buttons until you're blue in the face.
The problem with the Security Through Endless Warning Dialogs school of thought is that it doesn't work. All those earnest warning dialogs blend together into a giant "click here to get work done" button that nobody bothers to read any more. The operating system cries wolf so much that when a real wolf rolls around, you'll mindlessly allow it access to whatever it wants, just out of habit.
These dialog boxes are not security for the user, they're CYA security from the user. When some piece of malware trashes your system, Microsoft can say: "You gave the program permission to do that, it's not our fault."
Warning dialog boxes are only effective if the user has the ability to make intelligent decisions about the warnings. If the user cannot do that, they're just annoyances. And they're annoyances that don't improve security.

--
The wages of sin are death, but by the time taxes are taken out, it's just sort of a tired feeling.
...Paula Poundstone

Well we've got several months of tweaking before there is an actual product. By the time the product is released I bet most of the complaints will be the hardware requirements and the fact that the interface is so different from the Win 95-to-XP string of products.
"Zack Whittaker" wrote in message

I think it's OK - yeh it needs some tweaking in a few (maybe a few more than few...) places, but it's OK.
-- Zack Whittaker » ZackNET Enterprises: www.zacknet.co.uk » MSBlog on ResDev: www.msblog.org » Vista Knowledge Base: www.vistabase.co.uk » This mailing is provided "as is" with no warranties, and confers no rights. All opinions expressed are those of myself unless stated so, and not of my employer, best friend, Ghandi, my mother or my cat. Glad we cleared that up!
--: Original message follows :-- "Puppy Breath" wrote in message That looks it's based on the earliest betas. My experience with current CTPs has been nothing like that. I have to escalate privileges where appropriate, sure. And once in a while I have to click an Allow box. But nothing that even comes close to the criticisms in those mindless rants.



"Steve" wrote in message
Excerpts from http://www.schneier.com/blog/archives/2006/04/microsoft_vista.html
Modern operating systems like Linux and Mac OS X operate under a security model where even administrative users don't get full access to certain features unless they provide an in-place logon before performing any task that might harm the system. This type of security model protects users from themselves, and it is something that Microsoft should have added to Windows years ago.
Here's the good news. In Windows Vista, Microsoft is indeed moving to this kind of security model. The feature is called User Account Protection (UAP) and, as you might expect, it prevents even administrative users from performing potentially dangerous tasks without first providing security credentials, thus ensuring that the user understands what they're doing before making a critical mistake. It sounds like a good system. But this is Microsoft we're talking about. They completely botched UAP.
The bad news is that UAP is a sad joke. It's the most annoying feature that Microsoft has ever added to any software product. The problem with UAP is that it throws up warning dialogs for even the simplest of tasks.
The dialogs stack up, one after the other, in a seemingly never-ending display of stupidity. Sometimes you'll find yourself unable to do certain things for no good reason, and you click Allow buttons until you're blue in the face.
The problem with the Security Through Endless Warning Dialogs school of thought is that it doesn't work. All those earnest warning dialogs blend together into a giant "click here to get work done" button that nobody bothers to read any more. The operating system cries wolf so much that when a real wolf rolls around, you'll mindlessly allow it access to whatever it wants, just out of habit.
These dialog boxes are not security for the user, they're CYA security from the user. When some piece of malware trashes your system, Microsoft can say: "You gave the program permission to do that, it's not our fault."
Warning dialog boxes are only effective if the user has the ability to make intelligent decisions about the warnings. If the user cannot do that, they're just annoyances. And they're annoyances that don't improve security.

--
The wages of sin are death, but by the time taxes are taken out, it's just sort of a tired feeling.
...Paula Poundstone

You bet. And of course, there will be Vista updates and patches for our favourite applications. I just hope BVPR in the UK updates Mobile Phone Tools to support Vista, the driver currently crashes. I have contacted the, maybe Zack can help me out. :) -- -- Andre Windows Connected | http://www.windowsconnected.com Extended64 | http://www.extended64.com Blog | http://www.extended64.com/blogs/andre http://spaces.msn.com/members/adacosta
"Puppy Breath" wrote in message

Well we've got several months of tweaking before there is an actual product. By the time the product is released I bet most of the complaints will be the hardware requirements and the fact that the interface is so different from the Win 95-to-XP string of products.
"Zack Whittaker" wrote in message I think it's OK - yeh it needs some tweaking in a few (maybe a few more than few...) places, but it's OK.
-- Zack Whittaker » ZackNET Enterprises: www.zacknet.co.uk » MSBlog on ResDev: www.msblog.org » Vista Knowledge Base: www.vistabase.co.uk » This mailing is provided "as is" with no warranties, and confers no rights. All opinions expressed are those of myself unless stated so, and not of my employer, best friend, Ghandi, my mother or my cat. Glad we cleared that up!
--: Original message follows :-- "Puppy Breath" wrote in message That looks it's based on the earliest betas. My experience with current CTPs has been nothing like that. I have to escalate privileges where appropriate, sure. And once in a while I have to click an Allow box. But nothing that even comes close to the criticisms in those mindless rants.



"Steve" wrote in message
Excerpts from http://www.schneier.com/blog/archives/2006/04/microsoft_vista.html
Modern operating systems like Linux and Mac OS X operate under a security model where even administrative users don't get full access to certain features unless they provide an in-place logon before performing any task that might harm the system. This type of security model protects users from themselves, and it is something that Microsoft should have added to Windows years ago.
Here's the good news. In Windows Vista, Microsoft is indeed moving to this kind of security model. The feature is called User Account Protection (UAP) and, as you might expect, it prevents even administrative users from performing potentially dangerous tasks without first providing security credentials, thus ensuring that the user understands what they're doing before making a critical mistake. It sounds like a good system. But this is Microsoft we're talking about. They completely botched UAP.
The bad news is that UAP is a sad joke. It's the most annoying feature that Microsoft has ever added to any software product. The problem with UAP is that it throws up warning dialogs for even the simplest of tasks.
The dialogs stack up, one after the other, in a seemingly never-ending display of stupidity. Sometimes you'll find yourself unable to do certain things for no good reason, and you click Allow buttons until you're blue in the face.
The problem with the Security Through Endless Warning Dialogs school of thought is that it doesn't work. All those earnest warning dialogs blend together into a giant "click here to get work done" button that nobody bothers to read any more. The operating system cries wolf so much that when a real wolf rolls around, you'll mindlessly allow it access to whatever it wants, just out of habit.
These dialog boxes are not security for the user, they're CYA security from the user. When some piece of malware trashes your system, Microsoft can say: "You gave the program permission to do that, it's not our fault."
Warning dialog boxes are only effective if the user has the ability to make intelligent decisions about the warnings. If the user cannot do that, they're just annoyances. And they're annoyances that don't improve security.

--
The wages of sin are death, but by the time taxes are taken out, it's just sort of a tired feeling.
...Paula Poundstone

people learn to automate the motion of pressing OK without thinking thus it is extreamly dangerous...
they have to change it somehow. I dont like the way you have to enter a password in linux either.....
Xp had non administrator accounts... I dont understand the need for this.... they could ask you in the start if you want to be administrator or not and have an explaination of the dangers, and then let the user decide....
-- "What concerns me is not the way things are, but rather the way people think things are." - Epictetus 55-135
"Steve" wrote in message

Excerpts from http://www.schneier.com/blog/archives/2006/04/microsoft_vista.html
Modern operating systems like Linux and Mac OS X operate under a security model where even administrative users don't get full access to certain features unless they provide an in-place logon before performing any task that might harm the system. This type of security model protects users from themselves, and it is something that Microsoft should have added to Windows years ago.
Here's the good news. In Windows Vista, Microsoft is indeed moving to this kind of security model. The feature is called User Account Protection (UAP) and, as you might expect, it prevents even administrative users from performing potentially dangerous tasks without first providing security credentials, thus ensuring that the user understands what they're doing before making a critical mistake. It sounds like a good system. But this is Microsoft we're talking about. They completely botched UAP.
The bad news is that UAP is a sad joke. It's the most annoying feature that Microsoft has ever added to any software product. The problem with UAP is that it throws up warning dialogs for even the simplest of tasks.
The dialogs stack up, one after the other, in a seemingly never-ending display of stupidity. Sometimes you'll find yourself unable to do certain things for no good reason, and you click Allow buttons until you're blue in the face.
The problem with the Security Through Endless Warning Dialogs school of thought is that it doesn't work. All those earnest warning dialogs blend together into a giant "click here to get work done" button that nobody bothers to read any more. The operating system cries wolf so much that when a real wolf rolls around, you'll mindlessly allow it access to whatever it wants, just out of habit.
These dialog boxes are not security for the user, they're CYA security from the user. When some piece of malware trashes your system, Microsoft can say: "You gave the program permission to do that, it's not our fault."
Warning dialog boxes are only effective if the user has the ability to make intelligent decisions about the warnings. If the user cannot do that, they're just annoyances. And they're annoyances that don't improve security.

--
The wages of sin are death, but by the time taxes are taken out, it's just sort of a tired feeling.
...Paula Poundstone

I can't help but agree with the general idea. Putting myself in a typical end-user's shoes, I can see the most blatant and overlooked security failing in Windows, from NT through Vista: when you install the system, you need to create one user account (in fact, up to Win2k, you didn't have to do even that), which is an administrator by default. Do the MS people imagine, even one second, that the end-user will bother to create another, limited, account for his/her day-to-day usage? If they do, they're sadly disconnected from reality (I just can't suppose they're *all* that stupid). There's still time, I think, to correct it: when you install Vista (RTM), force the user to create both an administrator and a standard account, and make the latter the default login. And *explain* why this is necessary. The various self-congratulation screens one sees during the setup process are quite superfluous. Explaining why the end-user mustn't use an admin account for ordinary tasks is much more important. And since it's mandatory to use an admin account to run the system management tasks, then the numerous "allow" dialogs are just a ridiculous nuisance, very much like the "validation" process for Microsoft downloads. -- Pierre Szwarc Paris, France PGP key ID 0x75B5779B ------------------------------------------------ Multitasking: Reading in the bathroom ! ------------------------------------------------
"Steve" a écrit dans le message de news: bq8552prmbd6rmtkd1gtbg5vasmncasjlc@4ax.com... | | Excerpts from | http://www.schneier.com/blog/archives/2006/04/microsoft_vista.html | [snip]

Needs a new driver - I'm not gonna write one for yer! I've got enough to do as it is!! Just save yourself time, money, and a lot of effort, and just buy yourself a Windows Mobile 2003/5.0 phone instead, because then you can sync it up with anything and everything :o)
-- Zack Whittaker » ZackNET Enterprises: www.zacknet.co.uk » MSBlog on ResDev: www.msblog.org » Vista Knowledge Base: www.vistabase.co.uk » This mailing is provided "as is" with no warranties, and confers no rights. All opinions expressed are those of myself unless stated so, and not of my employer, best friend, Ghandi, my mother or my cat. Glad we cleared that up!
--: Original message follows :-- "Andre Da Costa [Extended64]" wrote in message

You bet. And of course, there will be Vista updates and patches for our favourite applications. I just hope BVPR in the UK updates Mobile Phone Tools to support Vista, the driver currently crashes. I have contacted the, maybe Zack can help me out. :) -- -- Andre Windows Connected | http://www.windowsconnected.com Extended64 | http://www.extended64.com Blog | http://www.extended64.com/blogs/andre http://spaces.msn.com/members/adacosta
"Puppy Breath" wrote in message Well we've got several months of tweaking before there is an actual product. By the time the product is released I bet most of the complaints will be the hardware requirements and the fact that the interface is so different from the Win 95-to-XP string of products.
"Zack Whittaker" wrote in message I think it's OK - yeh it needs some tweaking in a few (maybe a few more than few...) places, but it's OK.
-- Zack Whittaker » ZackNET Enterprises: www.zacknet.co.uk » MSBlog on ResDev: www.msblog.org » Vista Knowledge Base: www.vistabase.co.uk » This mailing is provided "as is" with no warranties, and confers no rights. All opinions expressed are those of myself unless stated so, and not of my employer, best friend, Ghandi, my mother or my cat. Glad we cleared that up!
--: Original message follows :-- "Puppy Breath" wrote in message That looks it's based on the earliest betas. My experience with current CTPs has been nothing like that. I have to escalate privileges where appropriate, sure. And once in a while I have to click an Allow box. But nothing that even comes close to the criticisms in those mindless rants.



"Steve" wrote in message
Excerpts from http://www.schneier.com/blog/archives/2006/04/microsoft_vista.html
Modern operating systems like Linux and Mac OS X operate under a security model where even administrative users don't get full access to certain features unless they provide an in-place logon before performing any task that might harm the system. This type of security model protects users from themselves, and it is something that Microsoft should have added to Windows years ago.
Here's the good news. In Windows Vista, Microsoft is indeed moving to this kind of security model. The feature is called User Account Protection (UAP) and, as you might expect, it prevents even administrative users from performing potentially dangerous tasks without first providing security credentials, thus ensuring that the user understands what they're doing before making a critical mistake. It sounds like a good system. But this is Microsoft we're talking about. They completely botched UAP.
The bad news is that UAP is a sad joke. It's the most annoying feature that Microsoft has ever added to any software product. The problem with UAP is that it throws up warning dialogs for even the simplest of tasks.
The dialogs stack up, one after the other, in a seemingly never-ending display of stupidity. Sometimes you'll find yourself unable to do certain things for no good reason, and you click Allow buttons until you're blue in the face.
The problem with the Security Through Endless Warning Dialogs school of thought is that it doesn't work. All those earnest warning dialogs blend together into a giant "click here to get work done" button that nobody bothers to read any more. The operating system cries wolf so much that when a real wolf rolls around, you'll mindlessly allow it access to whatever it wants, just out of habit.
These dialog boxes are not security for the user, they're CYA security from the user. When some piece of malware trashes your system, Microsoft can say: "You gave the program permission to do that, it's not our fault."
Warning dialog boxes are only effective if the user has the ability to make intelligent decisions about the warnings. If the user cannot do that, they're just annoyances. And they're annoyances that don't improve security.

--
The wages of sin are death, but by the time taxes are taken out, it's just sort of a tired feeling.
...Paula Poundstone

No, I use my phone as a USB Modem at times. -- -- Andre Windows Connected | http://www.windowsconnected.com Extended64 | http://www.extended64.com Blog | http://www.extended64.com/blogs/andre http://spaces.msn.com/members/adacosta
"Zack Whittaker" wrote in message

Needs a new driver - I'm not gonna write one for yer! I've got enough to do as it is!! Just save yourself time, money, and a lot of effort, and just buy yourself a Windows Mobile 2003/5.0 phone instead, because then you can sync it up with anything and everything :o)
-- Zack Whittaker » ZackNET Enterprises: www.zacknet.co.uk » MSBlog on ResDev: www.msblog.org » Vista Knowledge Base: www.vistabase.co.uk » This mailing is provided "as is" with no warranties, and confers no rights. All opinions expressed are those of myself unless stated so, and not of my employer, best friend, Ghandi, my mother or my cat. Glad we cleared that up!
--: Original message follows :-- "Andre Da Costa [Extended64]" wrote in message You bet. And of course, there will be Vista updates and patches for our favourite applications. I just hope BVPR in the UK updates Mobile Phone Tools to support Vista, the driver currently crashes. I have contacted the, maybe Zack can help me out. :) -- -- Andre Windows Connected | http://www.windowsconnected.com Extended64 | http://www.extended64.com Blog | http://www.extended64.com/blogs/andre http://spaces.msn.com/members/adacosta
"Puppy Breath" wrote in message Well we've got several months of tweaking before there is an actual product. By the time the product is released I bet most of the complaints will be the hardware requirements and the fact that the interface is so different from the Win 95-to-XP string of products.
"Zack Whittaker" wrote in message I think it's OK - yeh it needs some tweaking in a few (maybe a few more than few...) places, but it's OK.
-- Zack Whittaker » ZackNET Enterprises: www.zacknet.co.uk » MSBlog on ResDev: www.msblog.org » Vista Knowledge Base: www.vistabase.co.uk » This mailing is provided "as is" with no warranties, and confers no rights. All opinions expressed are those of myself unless stated so, and not of my employer, best friend, Ghandi, my mother or my cat. Glad we cleared that up!
--: Original message follows :-- "Puppy Breath" wrote in message That looks it's based on the earliest betas. My experience with current CTPs has been nothing like that. I have to escalate privileges where appropriate, sure. And once in a while I have to click an Allow box. But nothing that even comes close to the criticisms in those mindless rants.



"Steve" wrote in message
Excerpts from http://www.schneier.com/blog/archives/2006/04/microsoft_vista.html
Modern operating systems like Linux and Mac OS X operate under a security model where even administrative users don't get full access to certain features unless they provide an in-place logon before performing any task that might harm the system. This type of security model protects users from themselves, and it is something that Microsoft should have added to Windows years ago.
Here's the good news. In Windows Vista, Microsoft is indeed moving to this kind of security model. The feature is called User Account Protection (UAP) and, as you might expect, it prevents even administrative users from performing potentially dangerous tasks without first providing security credentials, thus ensuring that the user understands what they're doing before making a critical mistake. It sounds like a good system. But this is Microsoft we're talking about. They completely botched UAP.
The bad news is that UAP is a sad joke. It's the most annoying feature that Microsoft has ever added to any software product. The problem with UAP is that it throws up warning dialogs for even the simplest of tasks.
The dialogs stack up, one after the other, in a seemingly never-ending display of stupidity. Sometimes you'll find yourself unable to do certain things for no good reason, and you click Allow buttons until you're blue in the face.
The problem with the Security Through Endless Warning Dialogs school of thought is that it doesn't work. All those earnest warning dialogs blend together into a giant "click here to get work done" button that nobody bothers to read any more. The operating system cries wolf so much that when a real wolf rolls around, you'll mindlessly allow it access to whatever it wants, just out of habit.
These dialog boxes are not security for the user, they're CYA security from the user. When some piece of malware trashes your system, Microsoft can say: "You gave the program permission to do that, it's not our fault."
Warning dialog boxes are only effective if the user has the ability to make intelligent decisions about the warnings. If the user cannot do that, they're just annoyances. And they're annoyances that don't improve security.

--
The wages of sin are death, but by the time taxes are taken out, it's just sort of a tired feeling.
...Paula Poundstone

"Puppy Breath" wrote in message

That looks it's based on the earliest betas. My experience with current CTPs has been nothing like that. I have to escalate privileges where appropriate, sure. And once in a while I have to click an Allow box. But nothing that even comes close to the criticisms in those mindless rants.

Does 5308 fix this problem? I downloaded it last night from MSDN but haven't installed it yet.

There's not doubt that the whole concept of bringing the "typical" corporate security model into the home environment is going to throw people for a loop. After all, nobody has the job title "system administrator" in a household. After the stiff hardware requirements and new interface, this is likely to be the #3 main reason for slow adoption of Vista.
"Pierre Szwarc" wrote in message

I can't help but agree with the general idea. Putting myself in a typical end-user's shoes, I can see the most blatant and overlooked security failing in Windows, from NT through Vista: when you install the system, you need to create one user account (in fact, up to Win2k, you didn't have to do even that), which is an administrator by default. Do the MS people imagine, even one second, that the end-user will bother to create another, limited, account for his/her day-to-day usage? If they do, they're sadly disconnected from reality (I just can't suppose they're *all* that stupid). There's still time, I think, to correct it: when you install Vista (RTM), force the user to create both an administrator and a standard account, and make the latter the default login. And *explain* why this is necessary. The various self-congratulation screens one sees during the setup process are quite superfluous. Explaining why the end-user mustn't use an admin account for ordinary tasks is much more important. And since it's mandatory to use an admin account to run the system management tasks, then the numerous "allow" dialogs are just a ridiculous nuisance, very much like the "validation" process for Microsoft downloads. -- Pierre Szwarc Paris, France PGP key ID 0x75B5779B ------------------------------------------------ Multitasking: Reading in the bathroom ! ------------------------------------------------
"Steve" a écrit dans le message de news: bq8552prmbd6rmtkd1gtbg5vasmncasjlc@4ax.com... | | Excerpts from | http://www.schneier.com/blog/archives/2006/04/microsoft_vista.html | [snip]

5308 is OK on the privilege escalation and Allow boxes. At least, I'm not getting an extreme number of them and they're not piling up at all. I stay in my Standard account all the time except for a few high-level security things.
"michael e dziatkowicz" wrote in message

"Puppy Breath" wrote in message That looks it's based on the earliest betas. My experience with current CTPs has been nothing like that. I have to escalate privileges where appropriate, sure. And once in a while I have to click an Allow box. But nothing that even comes close to the criticisms in those mindless rants.
Does 5308 fix this problem? I downloaded it last night from MSDN but haven't installed it yet.

I don't know about that. I mean, it didn't stop the adoption of XP, did it? It just delayed it a bit, but after a while XP went into homes like a hot knife into butter. -- Pierre Szwarc Paris, France PGP key ID 0x75B5779B ------------------------------------------------ Multitasking: Reading in the bathroom ! ------------------------------------------------
"Puppy Breath" a écrit dans le message de news: 584A556F-D370-4417-8A20-557A611922E0@microsoft.com... | There's not doubt that the whole concept of bringing the "typical" corporate | security model into the home environment is going to throw people for a | loop. After all, nobody has the job title "system administrator" in a | household. After the stiff hardware requirements and new interface, this is | likely to be the #3 main reason for slow adoption of Vista.

So will Vista. It'll probably just take a little longer because it's a more radical change. More like the change from DOS to Windows than the change from ME/2000/98 or whatever to XP.
"Pierre Szwarc" wrote in message

I don't know about that. I mean, it didn't stop the adoption of XP, did it? It just delayed it a bit, but after a while XP went into homes like a hot knife into butter. -- Pierre Szwarc Paris, France PGP key ID 0x75B5779B ------------------------------------------------ Multitasking: Reading in the bathroom ! ------------------------------------------------
"Puppy Breath" a écrit dans le message de news: 584A556F-D370-4417-8A20-557A611922E0@microsoft.com... | There's not doubt that the whole concept of bringing the "typical" corporate | security model into the home environment is going to throw people for a | loop. After all, nobody has the job title "system administrator" in a | household. After the stiff hardware requirements and new interface, this is | likely to be the #3 main reason for slow adoption of Vista.

It will go into homes because PCs will be sold with only Vista. The better measure is purchased upgrades.
A fair percentage of corporate users have not even moved to XP. Many are still running the OS that came with their PC, which is true of a large percentage of users, regardless of category or location.
Ed
"Puppy Breath" wrote in message

So will Vista. It'll probably just take a little longer because it's a more radical change. More like the change from DOS to Windows than the change from ME/2000/98 or whatever to XP.
"Pierre Szwarc" wrote in message I don't know about that. I mean, it didn't stop the adoption of XP, did it? It just delayed it a bit, but after a while XP went into homes like a hot knife into butter. -- Pierre Szwarc Paris, France PGP key ID 0x75B5779B ------------------------------------------------ Multitasking: Reading in the bathroom ! ------------------------------------------------
"Puppy Breath" a écrit dans le message de news: 584A556F-D370-4417-8A20-557A611922E0@microsoft.com... | There's not doubt that the whole concept of bringing the "typical" corporate | security model into the home environment is going to throw people for a | loop. After all, nobody has the job title "system administrator" in a | household. After the stiff hardware requirements and new interface, this is | likely to be the #3 main reason for slow adoption of Vista.