One very significant problem in computer security is the “Dancing Pigs” syndrome [1][2]:

If J. Random Websurfer clicks on a button that promises dancing pigs on his computer monitor, and instead gets a hortatory message describing the potential dangers of the applet — he’s going to choose dancing pigs over computer security any day. If the computer prompts him with a warning screen like: “The applet DANCING PIGS could contain malicious code that might do permanent damage to your computer, steal your life’s savings, and impair your ability to have children,” he’ll click OK without even reading it. Thirty seconds later he won’t even remember that the warning screen even existed.

Today on an internal mailing list, the following brilliant suggestion came up proposing a solution:

From:
Sent: Tuesday, November 08, 2005 12:20 PM
To:
Subject:

Perhaps if we shipped Vista with Dancing Pigs, then users could watch the pre-installed Dancing Pigs instead of being enticed to download/install potentially malicious new Dancing Pigs.

-

-—-Original Message—–
From:
Sent: Tuesday, November 08, 2005 12:14 PM
To:
Subject:

The underlying problem is not the autorun functionality, although it doesn’t help.  Mark Russinovich would have gotten infected with that rootkit no matter what because he wanted to listen to the Dancing Pigs CD.  Running as LUA wouldn’t help if the user were allowed to elevate (using XP RunAs or Vista UAP).  The kids create CDs or carry thumb drives or whatever and then perform whatever actions are needed to listen to or watch the Dancing Pigs.

-–

-—-Original Message—–