Thanks Sampy. I really Know MS is taking security seriously. I also Know people deploy code based on your samples. They hop over the wizard they see an MS demo hop over.
My plea is to deal with the security where ever it is encountered in demos. In time it will become second nature, requiring no comment or explanation.
In the mean time I'll go back to educating my devteams and consulting groups on why not to use SQL sa , why not to store secrets in plaintext with everyone read ACLs , and all the other things they learned in the bad old days.
Doesn't sound like the security message is sticking. That, sir, is lip service to security. Demonstrate real world examples.
The more Microsoft folks "whatever" security and use demo/dev behavior the more the folks who only watch and copy will get it wrong or not value the security bits and wizards and what they were designed to do. I realize security wasn't the purpose of the demonstation
but the "whatever" hurts the cause.