That's too bad. You'd think that with good enough firewall at the server and an antivirus that automatically checks downloads and emails, etc., you can get away from UAC. UAC is needed by people who do stupid things. Maybe in a big company you have to assume you have a few of those, but it sure penalizes those who know what they are doing, and, like you mention, doesn't help much anyway, as people get used to clicking no matter what.
> That's too bad. You'd think that with good enough firewall at the server and an antivirus that automatically checks downloads and emails, etc., you can get away from UAC. UAC is needed by people who do stupid things. Maybe in a big company you have to assume you have a few of those, but it sure penalizes those who know what they are doing, and, like you mention, doesn't help much anyway, as people get used to clicking no matter what.
Oh, I've got great protection set up, at the home office LAN.
But the Vista machines travel with their users, and spend a lot of time on unsecured (unencrypted) connections at hotels and customers' installations in Asia and Europe. Naturally we've got AV and software firewalls active, but the "belt AND suspenders" approach is probably a little useful in the remote situations.
Users do stupid things? Wow, who knew?