It would be nice if defence+ could emulate a software restriction policy

I think the software restriction policy coupled with UAC or a non-administrator account is a really good simple protection that is relatively (compared to defence+) easy for non-technical people to understand. However, it is not available on home versions of windows and needs to be made easier to use and more configurable for experts. Defence+ comes close to doing the same thing with a bit of setting up but setting it up to too complicated and dangerous for an average user. If defence+ could do the same thing easily it would be a big plus. Unwanted software (including dlls) could then be stopped from running.

One of the problems with the Windows SRP is that it can be hard to make exceptions for some software. Games can be problematic as they often save a temporary file to the temp directory and then try to execute it. This could be made easy by adding a rule based on any violations of the policy. This introduces the problems of pop-ups. I would like password protected pop-ups or (better) an option to turn off pop-ups so only I could allow them (I don’t want the children running whatever they want). I think the questions could be simpler and easier to understand than all the defence+ messages. The main question would be “do you want to run application XXX” (with a description if possible) rather than some obscure COM interface or registry setting. In practice there are very few applications that need special rules (compared to defence+).

One important thing is that it can be set to only affect applications running as limited users and this means it does not cause problems with software installations and the operating system.

If there were no pop-ups then a thorough log of all things stopped by it would be needed and preferable a better (compared to defence+) error message when an application fails to execute.