Poor security is not convenient.
> On a Windows system if I disable plug-and-play and autorun, and force the user to use a limited (non-admin) account it becomes more secure, but the user experience suffers.
If you don't To make systems user-friendly, it is common that some security safeguards need to be scaled back (e.g. the Vista UAC pop-ups).
UAC is not a very effective security measure because of the half-baked way it was designed and implemented, so that's not much of a security concern anyway. It's annoying largely for two reasons:
1. Because it's a superficial feature intended to fake privilege separation, dropped on top of a system with almost no effective privilege separation at all, its interface is necessarily problematic.
2. Because it has to deal with a crapton of automatically executed stuff, UAC is much more active (and thus much more annoying) than it would be if all that automatic execution I mentioned was a security issue wasn't happening.
Sterling made some good points in response to this, too.
