“If you try to find instructions for copying a user profile from an admin account to a standard user account in Vista - you won’t.”
Actually, last I tried (granted, in 2000 and XP) it was just a matter of going to the user account in the administrator console and removing him from the “Admin” group. Has that changed in Vista? Does this not do what I think it does in 2k/XP?
“This is partially the fault of Windows software developers who fail to test as standard user.”
I disagree. If “run as admin” (right-click on the installer and do so, or get prompted for the admin prompt when you just run it, however Vista does it) behave differently than logging out, logging in as an admin, and then running it: there’s a bug in Window’s prompted privilege escalation.
Yes, I would love for most software to be able to install without admin access. Perhaps that’s what you meant. However, it is definitely Microsoft’s fault that full-login and “sudo” logins behave differently in some (relatively large) percentage of installers.
“I think virtualization is the only rational way to protect users from themselves-- and that’s why virtualization is the next great frontier for computer security.”
I think, were “sudo” to work properly in Windows, and standard user to be fully effective (I have no evidence that it is not; however, like OS X, it is such a severe minority of the universe that we won’t know how secure it really is until it gains more traction), that you’d have a lot easier time getting users to use that effectively than to get them to use a VM properly.
As you noted, the “safety” of the VM is that your important data is not exposed in it. So, you can download and install an application, try it out, and decide if it’s useful. This works great if you don’t want to “try out” this application using any of your “real” data. But, that’s what a large number of people will want to do. So, their “real” data goes on a “shared” drive which is then available to the “walled” VM and the standard OS (which might itself be a VM), and, suddenly, there’s no data security. Then, the only “security” the VM allows is the granularity of applications installed in it (only install a few apps in the VM and the virus can only spread to a few apps and you have less to reinstall afterward), but your data is just as likely to be published for credit card number sifting or encrypted and held ransom.
All of which is to say: no matter what you put in front of users, they will find a way to foil it.