I still can't understand why they added the "feature" in first place. Sure, automatic execution of setups and the like is very convenient, but even a small "are you sure you want to run this" dialog would have closed the security hole most times.
> I still can't understand why they added the "feature" in first place.
I imagine, in the early 1990s, that the user experience seemed extremely natural. Put a tape into a VCR and it starts playing. Put a LaserDisc into a player and it starts playing. Put a cartridge into a game console and it starts playing. Put a CD into a stereo and it starts playing. Why shouldn't a CD you put in your computer start playing?
Well, when you insert a tape into a VCR you still have to hit PLAY before it does anything. Not that there's anything wrong setting your computer to automatically play a CD.
But it's not about audio, it's about software.
Starting with Windows 3.0, Microsoft's approach to Windows OS usability involved hiding the file system from the user. Autorun is merely an extension of that philosophy. It allows Microsoft to hide a CD-ROM's ugly MS-DOS file system from the user.
An alternate approach is to make the file system less ugly.
Most VCRs I used would automatically play tapes that had the anti-erase tab removed (such as commercially prerecorded movies), but would require pressing play if the anti-erase tab was present to avoid losing position on a tape with recording in progress (e.g. one used for time shifting multiple episodes).
Because you don't store personal documents and credentials in your VCR or stereo. Traps for future data collection are also not possible, as far as I know.
