"Our users are the admins of their machines. They can load whatever software they want on their machines..."
At first this comment might not seem like such a big deal, but it shows a fatal flaw at Microsoft. Users should be able to operate applications without requiring system level access and users should never be able to cause application problems for any other user on the system. Allowing applications to requiring administrator access to the computer you are using is a fatal flaw to all of Microsoft's operating systems. Until that problem is fixed, Microsoft will never be able to capture more of the computer market.
In unix user applications and preferences are not allowed to interact with other users applications or settings. The user "bjohnson" on a Unix system typically will have write permissions to the their home directory /home/bjohnson and to /tmp for temporary storage. /tmp is almost always cleared on boot and sometimes more frequently. Application settings are placed in hidden files (such as .mozilla ) in users home directory. A user can even install applications into their bin/ directory in their home directory (such as /home/bjohnson/bin). On a users desktop no application by default is allowed to run with root privileges (root is Unix's administrator user account). Any tools that helps to configure hardware will prompt the user for the root password and temporarily have root access to make the system changes. Because of this a user can do just about anything without harming other users or the system itself. Users can only hurt themselves, such as accidentally deleting all their files, but the system will prevent them from deleting all the files on the computer.
On a Microsoft operating systems things work a little differently. Only recently have users been given the equivalent of a home directory. User bjohnson's home directory now is located in: C:\Documents and Settings\bjohnson\. But bjohnson isn't limited to having only write access to that directory, but many more. In Microsoft Windows there are a number of different temporary directories. Applications can and often do place files all over the system including the systems library directory under the assumtion that they have access. Unfortunately not every windows application out there works with more then one user. Windows applications save their settings in the system wide registry. If one user sets the system wide settings to an incorrect value then every users has a problem. Because of that users must reley upon applications uninstallers to remove its settings from the registry, but often leave a few behind. This leads to registry that grows and grows over time and the only option is to reinstall the operating system. Too many applications can only be installed in C:\Program Files\. Even if you can install an application into a users home directory the application will still want to place some libraries into a system library directory. Many applications at run time want write access outside of the home and temp directories forcing users to give all their applications access. Some windows application that run in the system tray have administrator access when there is no reason they should, leaving an easy to exploit way for users to crack the system and get administrator access. A good example include some anti-virus software which runs all the time in the system tray. The system-try GUI application should be a client and connect to service which is running with administration rights. GUI applications that have administrator rights are one of the easiest things to crack giving any process administration right and control over the computer. On a Microsoft's system a user can very easily cause harm to the system and other users. Some simple examples include installing thousands of fonts in the system folder or putting millions of entries in the system registry. Both are perfectly allowed as a user, but causes the system and other users harm.
By now it should be clear that a user having only write access to essentially one directory (their home directory) is a good thing. Here are some more advantages:
- When doing a backup in Unix one simply makes a copy of an entire users directory. No hunting around for Microsoft Outlook files somewhere in C:\WINDOWS\, making sure to grab the background that was put in C:\ or grabbing the Adobe plugins from C:\Program Files\Adobe\Plugins\.
- Fixing application that users broke (by messing with the settings or installing a broken plugin) is also much easier. All that is needed is to remove all the settings for that application (in unix that is typically one file) or just removing the plugins. This will revert the application back to its initial state.
- Users love to download little applications, utilities, and games. If users only have write access to one place these applications can't leave junk all over the system and are forced to only clutter up the users home directory. Administrators then have a easier job of maintaining the systems and let the users manage their home directories.
So what does the original quote have to do with all of this? Until Microsoft internally force their own developers to use an user account and not be give administrator access there will always be problems with applications requiring to do whatever they want. If developers have administrator access they wont fix Microsoft's applications, and if Microsoft's applications don't play nicly with multiple users (or access to only one directory) then third party developers will never bother to fix their applications. Much worse is that until users only have access to their home directory they (or much more likely spyware) can corrupt the system. And corrupted systems are expensive to fix.
It can be argued that this problem for Microsoft is good for Linux because it is now known that Vista will not force users to only write to home directories and virus's/bugs/spyware will continue to exists and be permitted to corrupt the rest of the system and user accounts. Even worse, applications will continue to litter the filesystem and registry forcing complete re-installs of Windows every six months to keep the system clean. On enterprise systems for Microsoft Windows to continue to grow it must be able to handle more then one user. Until Microsoft Windows only allows users to write to their home directory Windows can't replace Unix, and its market share can't grow like their sharholdes wish it would.