This is the final part of a three part response to a comment made by Matt in his comment regarding the least privilege model in Windows Vista.
As I mentioned in Part 2 it is possible to override the default UAC behaviour of Windows Vista. We don’t yet know what the default behaviour will be of the equivalent of “XP Home”. I suspect that during system installation the owner of the computer will be asked to enter their name and an administrative account will be created just like it is today in Windows XP Home Edition. Personally I think this is the right approach because (as Matt mentions in his comment) folk do not want to be constantly entering credentials and as there’s unlikely to be a “System Administrator” other than the owner the concept of entering another set of credentials is overtly complicated.
Now I may sound like I’m contradicting my earlier advice given for Windows XP where I stated that two accounts were required to mitigate the risks posed by malware. Windows Vista’s significantly improved privilege model (User Account Control) enables me to do exactly this.
When an administrative task is required the user of the system will simply accept that their privilege is to be used by accepting the request using an interface dialog like that shown below:
As mentioned in Part 2 the point to this interface is that the user is made aware that a privileged operation will take place – it they’re not conciously changing their system configuration (installing software perhaps) then this could signify that malicious software is attempting to infiltrate / compromise their system.
To answer Matt’s question directly: I think the default behaviour of UAC for Windows Vista “Home Edition” will make sense and will ensure that they leave it active.