> Could you elaborate on the difference kernel vs user as far as the end user is concerned?
* No possibility of a secure experience via strict privilege separation (e.g. strict usage of multiple account, inconvenient but protects against alteration of personal data)
* A ring0 program has unfettered access to the hardware, so the machine itself may be compromised, a breach is not "format & reinstall" let alone "run a bunch of antiviruses" it's possibly "throw the whole machine into the bin and buy a new one".
> And web browsers seemed to take off before Windows NT was the more popular desktop kernel.
Windows 98 didn't run in ring0. It was crap, but not that crap.
To elaborate on the reasoning behind why it may be necessary to throw the machine out, for the people who aren't familiar:
Given full access to the hardware, it's possible (though I haven't tested it to be certain) to flash the BIOS. The machine could be bricked by a remote exploit.
* No possibility of a secure experience via strict privilege separation (e.g. strict usage of multiple account, inconvenient but protects against alteration of personal data)
* A ring0 program has unfettered access to the hardware, so the machine itself may be compromised, a breach is not "format & reinstall" let alone "run a bunch of antiviruses" it's possibly "throw the whole machine into the bin and buy a new one".
> And web browsers seemed to take off before Windows NT was the more popular desktop kernel.
Windows 98 didn't run in ring0. It was crap, but not that crap.