DevilsPGD wrote:[color=blue]
> In message <fggsc7$8tj$1@aioe.org> The poster formerly known as 'The
> Poster Formerly Known as Nina DiBoy' <none@none.not> wrote:
>[color=green]
>> IMO, with vista it seems like they are trying to hoist all of the
>> responsibility for security on the user instead of trying to actually
>> fix the problems. It's like they are using the wrong kind of bandaid
>> fix for it.[/color]
>
> Unfortunately, the user *IS* the problem. Out of the box, XP SP2 is
> more or less fully secure to sit on the internet, and once you turn on
> automatic updates and run as a limited user, you're more or less secure
> as well.
>
> The problem is that users don't do that, they run attachments from
> unknown/untrusted sources, install ActiveX controls at a whim, run as
> full administrator, and then act surprised when their PC gets
> compromised.
>[/color]


Actually even running as Admin full time is nowhere near as dangerous as
claimed IF the user is responsible, however on systems where something
has to run unattended and reliably the advice to fully automate updates
is much more dangerous, since any task not running as a service is often
hosed. UAC has just made it even more likely that folks will try to find
a way around it...