Proper security requires some level of intrusiveness if you want functionality as well. It’s not possible to meet varying levels of required tradeoffs for different use cases without asking for informed consent to access restricted information or functionality with some regularity.
Granularity is a good thing. Making users notice privacy violations is a good thing. Windows giving a generic “can this program make changes?” dialogue to every installation whether it’s extremely simple or basically a rootkit monitoring every process and memory access is a terrible, extremely insecure approach.
Proper security requires some level of intrusiveness if you want functionality as well. It’s not possible to meet varying levels of required tradeoffs for different use cases without asking for informed consent to access restricted information or functionality with some regularity.
Granularity is a good thing. Making users notice privacy violations is a good thing. Windows giving a generic “can this program make changes?” dialogue to every installation whether it’s extremely simple or basically a rootkit monitoring every process and memory access is a terrible, extremely insecure approach.