Comment by _pmf_

It wasn't bad habits, up to Windows XP which introduced user separation on consumer oriented Windows (NT and 2K were meant for businesses and businesses who had networked PCs were really meant to use those) all personal computers were fully controlled by their users without any notion of privilege separation - this is a behavior that traces its lineage back to the original Altair 8800. Computers weren't networked and those who were were either running a different OS (NT, Unix, whatever) and/or controlled entirely by a single entity (a company). Or just didn't care and used Windows 9x.

And honestly i do not think it is bad habit even today. UAC is intrusive, the main reason you do not see it as much as at the past is because applications nowadays work around it: see how Chrome or even VS Code saves the executable files for their updates to your %APPDATA% folder (where normally regular data are going) to avoid the UAC annoyance of going through Program Files (which makes the UAC protection pointless) or how app stores like Steam change the permissions to "everything allowed" to be able to modify the folder contents.

People are using computers to do specific tasks they want to do, anything else is an annoyance and something they'll want to avoid.

Today's security issues come from things a lot of developers and companies simply do not want to acknowledge: trying to put everything online, connect all computers together, trying to have everything controlled by whoever writes the applications users use (putting everything online is a way to do that), trying to come up with monetization schemes where users pay nothing out of their own pockets, trying to make users pay subscriptions instead of one-off fees (the excuse is often that they have to somehow keep their servers going, willfully ignoring that the developers/companies are those who decided to make something run on a server in the first place and that by doing that they are the ones in control).

A lot of security issues would be gone if computers weren't so connected to each other. Sadly i do not see that happening any time soon since no developer wants to give up that sort of control (some developers nowadays do not even know how it is to not have it) and no company wants to get rid of the biggest excuse they have to ask for continuous payments.

Personal computers back in the 80s and 90s were very insecure, but that didn't matter because they weren't so connected as they are today. It isn't surprising that pretty much all famous security issues of the time (like the ILOVEYOU worm) happened exactly as that connectivity started getting widespread.

I think the only hope there is is that the IoT craze will blow up everyone's collective faces and realize that it might not be such a good idea to connect everything after all. Sadly the more cynical side of me thinks that what will happen instead is the introduction of more draconian user hostile measures which end up with the users losing every more control to big companies that control their devices and OSes in the name of security and usability (more like dumbability) and any voice against that would be marginalized as "you are a power user, you do not matter" (ok princess, then what are power users supposed to use after you lock down everything? - i guess the answer is somewhere between "expensive licensed workstations" and "nothing, now piss off").

> Do you really think that would hurt Zoom significantly?

Zoom is a publicly-traded company now, so I am sure that adoption through convenience trumps a lot of other concerns.

This is not even remotely true. We use at everyday at my workplace (Education) - thousands and thousands of employees as well as students . All of our contemporary peer institutions do the same.