Originally posted by: Cerb
...and I get a dialog asking me what to do, and telling it is an executable. If my grandmother, who needs me just to hook up her new DVD player, can figure out not to open executable files, anybody can.
Windows relies on the application to send out a warning to the user. If the application implements no warning, or the user just breezes through the dialog without reading it, much harm can be done. Mac OS X does these dialogs at a lower level and is consequently more effective. A subtle, but important difference. Why did MS choose the "I'll warn you but you know this might be bad" type of dialog? Because it was easier and cheaper to do than the proper way. I wonder if this will change in SP2.
You didn't answer...if it is just an inconvinience, then why did bother to make this feature and disable it, instead of never including it to begin with? It must do *something* useful.
Well, I think I did answer but I'll rephrase it. Mac OS X inconveniences the user in order to gain privileges to do what he/she wants to do. Windows does not in general, and in the case of MS e-mail clients, they merely ask whether something should be done. You'd think this would be enough to stop people, but the prevalence of e-mail worms says otherwise. The difference between Apple and Microsoft's approach, is like the difference between a friend that will hold you back from a fight until you push him out of the way, and a friend that merely sits there when you're all hyped up and says "I wouldn't do that if I were you". The lack of viruses on operating systems that implement the former approach indicates it is probably a more effective means of stopping this method of infection.
No, they should not be admins. If I can help it, those I don't trust messing with settings aren't.
But even without a root password, just an extra dialog box here and there would make such a huge difference in actual security for dumb users...but then the users would bitch about it being harder than it was before.
That is one of the things Apple has going for them: they can tell you how it is, tell you why it is, and you believe it (even when they are BSing). M$ gets nothing but critizism from home users, and then critizism from enthusiasts and business users for fixing the home user's problem. Yet they seem to refuse to sit down and decide that one's gripes are more important for the desktop OS, and that does irk me.
And herein lies the problem. It doesn't lie with Windows users. The clued-in want to lessen their exposure to vulnerabilities. But you know as well as I that despite best intentions, it's more difficult to get the same things done on Windows as a Power User or lesser status, than on a Mac as a user capable of administration after being authenticated.
Microsoft could refine and enhance the runas command, but they don't. In fact, it doesn't even work properly with some applications. Not to mention it is simply clunky. So in a MS environment, many choose to simply have inherent privileges that you don't, and shouldn't need all the time. In an Apple Mac OS X or other modern UNIX, you have a much more restricted set of inherent privileges and then an easy mechanism to provide for on-the-fly privilege escalation.
I shouldn't need full administrative privileges just because I like to play a videogame now and then, that writes to C:\Program Files and for which I would need full administrative privileges to write to. In this respect, the fix is you force video game makers to respect user profiles for any save games and what not. And on the other hand, if I have some application I use daily but infrequently that makes a system-wide change (hence requiring administrative privileges), I shouldn't have to choose between roaming around as administrator all the time, or logging out as a restricted user and back in as an administrator, just to run it conveniently. The application should be able to simply communicate with an API that does the authentication on the fly, and when the program is done doing the system-wide changes, it should give up the privileges it has been granted or risk losing them after a certain period of time.