[noyoudumbdolt]

Almost all the bad things you’re worried about don’t require an elevated token. I’m much more worried about someone stealing my data, installing a trojan, etc. (none of which require elevation) than installing a device driver (which does).

This obsession with not running as root/using UAC is just cargo cult security for single user systems.

[sumtechguy]

Having seen the horror shows that some people did to their computers. It is much better. Least priv is a decent thing to strive for. You want to reduce the attack surface. By giving people root you basically make the attack surface your entire computer. I am not going to make the trojan writers job easier.

Also as I have gotten older I also realized that I make mistakes too. Running as least privs reduces the fallout to 'i have to restore a few files' from 'i get to reinstall the whole computer again'. UAC/notroot are tools to help you. You can discard them. That is fine. Not going to judge. I am saying most people it helps them. Not that it matters much anymore anyway. Most of the people who did these silly things to their own computers have moved onto tablets.

[noyoudumbdolt]

>I am not going to make the trojan writers job easier.

The Trojan writer now targets systems with UAC, since it’s the default and the vast majority of systems, so you’re not gaining anything. And he never needed an elevated token in the first place.