Microsoft, sucking by design
-
PC World - Business Center: Vista Security Is Annoying by Design
-
Ars picked up this tidbit at the recent RSA 2008 security conference in San Francisco, where David Cross, Microsoft’s product unit manager for Windows security, discussed the company’s security directions post-Vista. "The reason we put UAC into the platform was to annoy users. I’m serious," Cross is quoted as saying.
-
Microsoft reasons that by annoying the users every time a program requires rights that MS thinks it shouldn’t, users will put pressure on developers to fix those programs. This ignores the fact that users will, rightly, blame Microsoft and not the particular program for this misfeature, and that if they get annoyed enough, they’ll turn off the security entirely. Even if the user thought to complain to the vendors of the program, and the vendor jumped right on doing something about it, the lag between the time it first started annoying the user (i.e. as soon as it was installed on Vista) and when a patch would be available to fix the "problem" would encourage the user to just turn the damn security feature off. And then, if you don’t want to be nagged incessantly to turn it back on, you also end up turning off that warning too–which requires telling the Security Control Panel not to warn you about anything. If Microsoft didn’t have the arrogant, overbearing culture that they do, they’d have designed it the way ZoneLabs designed their popup warnings about programs trying to do things that might be dangerous: allow the user to white-list the particular program if they know it’s safe, but re-inquire if something has changed about the program (indicating it might have been tampered with by a virus or trojan), and if you didn’t care about a particular class of warning message, disable just that message.