In its latest "Get a Mac" ad, Apple accurately highlights one of the problems of Windows Vista: its security.

In the ad, a secret service-looking guy stands behind PC, asking him if he wants to "cancel or allow" practically anything he does. Several websites have pointed out that Vista's new "security" is less secure than it is annoying, since it asks you to authorize even normal functions. I can't remember off-hand where those websites are, but I'll bring up a few of the good points they discussed:

• Vista is inconsistent in when it asks for permission to do things. Even opening the Microsoft Management Console requires you to click "continue." As one website pointed out, Mac OS asks for your authorization only for a few things; therefore, you will be trained to understand that when it asks you for your password, you could be doing something dangerous. Microsoft's approach -- parodied excellently in the above-mentioned ad -- is to ask you for approval even for things that aren't system-critical. This trains the user to merely click past the dialogue without thinking about what he or she is doing.
• Vista is also inconsistent in the way it asks for your authorization. Clicking "continue" or "cancel" is one way it asks for permission to do something. An entirely separate dialogue opens when you run an application installer that may make changes to the system; in that dialogue, you must click "allow" or "cancel." If you're not an administrator, there is a third dialogue that can pop up, asking you to actually type in an administrator's name and password. There is still a fourth method of authorization: it's the holdover from Windows XP SP2 that asks you if you want to run the particular program (and includes a checkbox for "don't ask me again" for that program). Mac OS, on the other hand, always asks for your authorization in the same way, so you're never confused about what's going on.
• Clicking "okay" does not make anything secure. The action of clicking a single button may be performed by the user automatically, as I mentioned above, without thinking. It may also be performed by spyware, which can move the mouse or emulate a mouse click. Mac OS requires you to type in a password. The time it takes to remember the password and physically type it in is time that you could use to think about what you're doing. Also, spyware doesn't know your password, so it can't emulate your typing it in.
• In Vista, you can actually turn this protection off. As PC points out in the ad, either you get all the alert dialogues, or you get none of them. In Mac OS, turning off these warnings isn't an option (unless you're the root user, and a root user isn't enabled by default, so the average user will never "accidentally" turn off warning dialogues), even if you're an administrator. This means that you -- or spyware -- can't blow past an installation.

The point is that Windows Vista doesn't encourage good security practices. It actually discourages them in favor of what Microsoft thinks is a happier user experience. Or it poorly implements them for an annoying user experience that makes people just shut the security off.

Interestingly, this is only the third "Get a Mac" ad (of the many ads they've made so far) that mentions Windows (but not Microsoft) by name. The first was the ad that introduced Boot camp; the second was the "surgery" ad that showed PC being prepped for his "upgrade" to Windows Vista.

(Via TUAW.)