(This is an edit of an email I just wrote to someone. Thought I'd share it here as well, if just to say, "please don't lump all of us in with this stupidness.")
http://www.sophos.com/blogs/chetw/g/2009/11/03/windows-7-vulnerable
^ What a load of rubbish. I cringed when I read it.
Sophos should've just said, "Hey, BTW, just a
reminder, but you still need anti-virus with Windows 7. You shouldn't be
surprised by this. Please consider our product." Instead they're acting as
if someone promised Windows 7 would make malware impossible. (WTF did they get
that idea from?)
It's also frustrating to read reports from people saying
Sophos showed malware "bypassing UAC" when it's just avoiding the
requirement for admin access, something quite different.
The whole UAC debate is frustrating. Whichever position you find yourself in it
seems you end up arguing with people in every direction. There aren't sides to
the debate; it's a mad free-for-all that spawns little useful discussion. So
much time & energy is spent arguing about stupid stuff -- like the notion
that UAC is supposed to stop code from running at all rather than, at best,
limit what running code can do -- that there's no room left to discuss the more
subtle and interesting points. By the time they're raised everyone's too tired and annoyed to do them justice. It's a shame.
It's a strange debate indeed where those who, on the face
of it, are pushing in the same direction frustrate me far more than anyone pushing
the other way.
Music, religion, politics... I think UAC needs to be
added to that list! 
WindowsClient: New WPF Showcase Addition: Enterprise
TechNet Edge: Windows Server 2008 R2 : New Power Management Features
