I've read this and the relevant chapters on his Substack and I think I get the idea that he tried to implement, but it's obvious in 2026 where his vision diverged from what people really wanted.

In the ideal world, Win32 applications would have automatically run in a sandboxed WinRT environment with granular permissions. A program thinks it's accessing a USB webcam, but it is actually accessing a Win32 shim that goes to the WinRT that first prompts the user to obtain the necessary permission and then goes to the real Win32 USB API to interface with the camera. A program is trying to access a file that hasn't been selected in the "Open file" dialog or dragged into it or passed as a command line argument? Raise a "malicious access" warning.

Overly complicated programs like antiviruses would have been able to get a "hall pass", either by registering their builds with Microsoft or asking for an administrator-level exception.

Of course, this would've been terribly hard to implement. Doing it natively would be supremely complicated, much harder than just designing a whole new userland API like WinRT. And sandboxing every application in something similar to Sandboxie would've been too taxing on the PCs from that time.