I have heard that it can be bypassed rather trivially due to a (seemingly intentional) oversight on MS's part. And that it therefore isn't of much real value. But also have heard it sworn by. And see that it works at the kernel level and not merely user space like regular SRP, and see that as a great thing otherwise. So I'm conflicted here as to whether to go with Win7 Pro or Ultimate. Can someone give me specifics about this "flaw" in lehman's terms? What does it take to pull it off?... physical access to my machine? Because if so it doesn't matter much at all to me. Also, what does it mean regarding the Pro version that you can create policies, but not enforce them? Am I missing something, or is that as completely pointless as it sounds to me? Is it just to give you an idea of how it would works, had you gotten Ultimate instead? Like a sales pitch?