The Register ran a somewhat vitriolic piece by Guy Kewney on his various bad experiences with our software last week. His first was Windows Update restarting his computer after he'd left it with programs open - despite setting it to ask him when to restart. Oops. I don't know which update this was, but I'm guessing it was security related.
It's a difficult balance to strike between keeping a machine secue and providing a good user experience. We have to remember though that ultimately the computer is there to serve the user, and whilst security is absolutely critical it shouldn't be stupid or obstructive - after all a computer that's encased in concrete and buried a mile underground can be considered fairly secure, but it's not terribly useful. Security is about ensuring availability as well as confidentiality, and being denied service due to the very thing trying to protect your PC is clearly frustrating.
The last thing that I want to suggest is that security is unimportant, but it's all about keeping it proportional and relevant. With the current world climate I think there's an inclination to implement inappropriate security purely to be seen to doing something. Privacy International is awarding gongs for stupid security, such as the Most Egregiously Stupid Award, and the Most Stupidly Counter Productive Award. Certainly when you hear stories of security desks complaining when paramedics rushing to a heart attack victim fail to sign in, it makes you wonder whether people have their priorities quite right.
To return to Guy's pains, dialog boxes that are the equivalent of a train's "dead man's pedal", and force people to keep clicking them else the machine reboots are extremely irritating. Whilst some people may never reboot and update their machine, I'm not sure that this means other people should suffer for this. (Incidentally, the nag reminder can be disabled or the delay period lengthened via Group Policy; if you tend to only reboot when it bugs you though then obviously it's a good idea to leave it on).
Guy ends his article complaining that Microsoft regards itself above criticism and that issues such as his are considered irritating procedural trivia. I honestly don't believe that this is the case (happy users are much more likely to stay with our software than unhappy ones, after all), but we obviously still have work to do in convincing people of this. Anyway, sorry Guy :-(