- May 10, 2008
- Reaction score
- Dallas, TX
This is not the correct behavior, because then the user never reboots and therefore doesn't get the critical patch, and now their machine is part of a botnet or their extensive collection of cat pictures is being held by ransomware.
Yes it *is* the correct behavior, because the smart user will reboot, and, even given the lamentable state of your average router firmware, nothing malicious is likely to make it onto the user's network without being invited. The smart user will be careful what parts of the Web he visits, and, if he must visit that part of the Web, will treat every link as a live bomb, while the stupid user will go straight to www.shadybootlegdownloads.com and click the "I'm a trojan, download me!" link. It is pretty much impossible to prevent the dumb user from trojaning if he has admin rights on his own machine, and not granting the end user admin rights on hardware he's bought and paid for is something that the smart user will view as compromising his machine as thoroughly as if he had gone and downloaded the trojan. If property rights have any moral meaning where computers are concerned, denying the end user root on hardware he has bought and paid for is *morally wrong*, equivalent to trespassing or theft. So if the OS vendor is acting morally, then trying to secure the stupid user is a lost cause, and in that case you may as well design for the smart user's requirements.