I think I'm starting to side with Microsoft on this issue. The more I look at UAC the more I realize that the entire thing is a waste of time with or without the whitelist. All the whitelist does is draw attention to a large hole that already exists in the way UAC functions. It *might* make automating escalation slightly easier, but I would say it is a relatively easy thing to do either way.

My advice to Windows 7 (and Vista) users now is, don't run as an administrator account. UAC will offer no protection. Run as a user and create an administrator account to login using the UAC prompt. That gives you UAC with real process isolation.