[George W. Bush]

OS X's warnings don't come up quite so often, are non-modal, and they clearly explain what's happening.

With OS X, you have to give an administrator password to alter the system and do installations. This is also how you should always run with Windows. If you run as administrator all the time, when (not if) a virus or malware does get in your browser or sneak in via some hole in the firewall or such, then the virus/malware inherits the security permissions of the current user and can then install itself and alter settings permanently.

Most Windows users with puny firewall and a NAT router and free antivirus/antispyware software are pretty safe from attack if they just don't run as administrator all the time. Create a user account and use that for work. Only do a Fast Switch to administrator to alter the system or install software. It's incredible to me that people always switch their Windows machines to administrator mode and leave them there forever. It's like unlocking your door but leaving it closed and then being surprised to find a burglar in the house. Duh! You actually have to keep the door locked! Don't run as administrator!

Beyond the admin/user thing, OS X is like Linux/UNIX/BSD in requiring the most fundamental changes to be done as a root administrator. I would guess that 99% of all Mac users couldn't tell you how to even get root on a Mac. It's just very rare for a user to need that and dangerous to let Grandma run as root.

Microsoft should have gone to a setup like OS X's long ago. It's not even hard to do. And businesses and government certainly lock those machines down. It could be done with Windows in the home just as easily. So many problems with virus/malware could have been avoided with so few simple changes. This policy would also help with a lot of service calls I've made where it's clear they turned Junior loose on the Internet and he downloaded or clicked Ok or installed all kinds of crap from the Internet. If he had to have an administrator password to do that, it would have stopped him.

I try to educate people into having one administrator account and the rest of the bunch being user accounts. Man, does that cut down on the headaches and problems.

[antiRepublicrat]

Only do a Fast Switch to administrator to alter the system or install software.

Or simply use RunAs.

[George W. Bush]

You need to keep it simple. A Fast Switch is easy to explain, easy to remember.

What I find is that I must constantly find the easiest and most memorable way to help people do the right thing to help themselves.

[Golden Eagle]

Most Windows users with puny firewall and a NAT router and free antivirus/antispyware software are pretty safe from attack if they just don't run as administrator all the time.

Which is exactly how I'm configured to run at both work and at home, as a limited user. As a matter of fact as this conversation has continued, your only real gripe of significant merit has turned out to be how Windows is configured by default, to give the default user full admin rights. You should have just said from the beginning "Windows users should not login as admin" and we'd have actually agreed instead of it having to be beaten out of you 150 posts later. ;-)