There's no question that Microsoft Vista's User Access Control System fails in its principle goal (which is presumably to make users think twice before installing suspicious or unfamiliar software on their computers).

Why it fails isn't quite so obvious. It's not just because the message popup is annoying and a little vague, although those certainly contribute.

No, the real reason this design fails is that it prompts far too often. During program installs I ran today, I was prompted with nearly identical dialogs 5 or 6 times!! You get prompts at the start of every installer script (some applications have many parts, which results in many prompts), then you get prompts every time an application wants to perform new types of protected operations.

By the time I've installed the basic collection of software on my machine, I've clicked Continue so many times that it's a programmed response. I'm likely to hit Continue out of habit every time I see the window. It would be far more secure to present a single information dense dialog (so each one looks unique) that gave the installer free reign once approved.

It may sound absurd that making the thing less restrictive would make it more secure, but I'm confident that that's the case here. The user is the weak link in this process, but pestering and annoying tend to be poor ways to encourage a change in behavior... at least for most people.

Now, in fairness, my issue may be better raised with the installer code developers because the API likely supports multiple privileged operations to be performed after a single UAC prompt. I don't think this sufficiently answers the issue, though. On Mac OSX Leopard, I've never, ever been prompted more than once for Administrator approval during a software installation. Microsoft could learn a lot from Apple on this particular issue. Apple has done an excellent job of creating a developer community that values seamless, friendly user interactions. Microsoft seems to encourage the something entirely different.

Bruce Schneier on the implications of treating the Internet like a hard drive.

As we rely on others to maintain our writings and our relationships, we lose control over their availability. Of course, we also lose control over their security, as MySpace users learned last month when a 17-GB file of half a million supposedly private photos was uploaded to a BitTorrent site.

I was wondering about another aspect of this same topic yesterday. 100 years from now, will my great-grandkids still have access to my Flickr photos? What about this blog?