[cookiecaper]

>It is true that it's a security risk, but instead of forcing something that people clearly do not want, why not make something that they do want. Make a product they want to upgrade to.

Two things. First, people want their computers to be secure. Most users do not seem to understand that keeping your system patched is a prerequisite to remaining secure, and those people have to be dragged kicking and screaming into running updates, which is why Windows 10 has gotten so aggressive about enforcing it. If someone gets exploited through a hole in Windows, it comes back to haunt MS; they learned that well and good in the Windows 98 days, and they learned that users will never install updates without being forced to do so in the XP days.

Second, the kind of people who are afraid to install security patches cannot be enticed by any new program or UI modification. They have an defensive dislike of computers. They just want it to stay the same forever, and even if you release new versions that are identical at the UI level, people still won't upgrade to them because they're afraid it'll "break shit", as you succinctly put it.

End users may not like MS's aggression about updates but it is actually sensible for 99% of the userbase out there. MS's problems are unique among desktop OS vendors because of the wide and varied audience that relies on them to provide a good general-purpose OS.

It's reasonable that power users would resent MS's update policies, but MS does not have the luxury of tuning their release policy for the power user. Power users should be using not-Windows.

[khedoros]

> Power users should be using not-Windows.

Except that even power users like having large libraries of available software, including things that may not be available on "not-Windows".

I'm fine with aggressive defaults and sensible settings for the 99%, but I'm accustomed to being able to disable things that cause me problems or get in the way of doing what I want to do. If a system doesn't get out of my way, it's possible for it to become more of an impediment than a tool.

[cookiecaper]

The problem with making it toggleable is that a lot of people are going to flip that switch by accident, no matter how deep you bury it (even if you bury it in the registry only, someone will write spyware to flip it so that the computer becomes exploitable at a future date).

Most non-game software works on WINE, or, worst case, within a virtual machine. At Windows scale, your software must permanently operate in idiot-proof mode. If you don't need that protection, I believe you should use a different OS as your primary.

[khedoros]

> The problem with making it toggleable is that a lot of people are going to flip that switch by accident

I think that's a smaller problem than not being able to flip the switch at all.

> someone will write spyware to flip it so that the computer becomes exploitable at a future date

...And I think that's inevitable, whether or not there's an official way to do it.

> Most non-game software works on WINE, or, worst case, within a virtual machine.

Wine's a wonderful piece of software and a great work-around in many situations, but I wouldn't want to rely on it as my only option.

[makecheck]

Even if they had that goal, there are other ways to do it.

When OS X came along, it shipped with an entire virtual machine for its previous OS. And while some low-level things didn’t work there, a surprising number of things did work. It gave people a path forward without requiring instant-OSX-ification of things.

[5ilv3r]

"keeping your system patched is a prerequisite to remaining secure" Completely false. This will 100% NEVER be a sane security model. The one true way is to have verified secure software installed in the first place. That is not impossible. It is just more expensive than releasing patches as flaws are exposed. Do not be fooled by the general flow indicating correctness.

The type that are afraid of patches are often also afraid of the network, which is quite prudent. You judge them unfairly.

"Power users should be using not-Windows." Well then...

[cookiecaper]

>"keeping your system patched is a prerequisite to remaining secure" Completely false. This will 100% NEVER be a sane security model. The one true way is to have verified secure software installed in the first place. That is not impossible. It is just more expensive than releasing patches as flaws are exposed. Do not be fooled by the general flow indicating correctness.

While theoretically possible, it is not currently reasonable to employ this model for modern general-purpose operating systems. We're going to have to live with requisite patching and updates for a long time yet.

[CaptSpify]

so it's OK to keep breaking shit "for their own good"?

[cookiecaper]

It's rare that something actually breaks, but yes, if the exploit is serious it's better to break something with a security patch than leave a known attack vector unpatched.

[CaptSpify]

So, since all OS currently have un-patched exploits out there, we should just shut everything down?

k

[cookiecaper]

That's not what I said, obviously.