Nice concept, doesn't work like they think it will. Contention, tracking rates for individual programs versus a collective whole, etc. will make this a nightmare to implement.
We already have an equivalent today for remote API calls, and it by no means solves the problem of bad actors. Plus, this will seriously piss off users for installations, unpacking compressed archives, etc. now become incredibly slow.
If processes have a rate limit, why don't I create create more processes to bypass the limit? Why don't I add some mutation code to my virus, making it polymorphic, to appear to the OS as separate processes that are unrelated?
Now we need to add a methodology to rate-limit how often a process can start another process or open another application, from any API or method that could have been used to accomplish that. And if you think that limiting CreateFile() was a breaking change...
Right off the top of my head, why not use the scheduling tool in Windows to run a theoretical SpawnSeperateProcess.exe once every second?
Don’t forget that processes can inject code into other processes on the same session, so you can hijack other “innocent” processes to further bypass this rate limit.
We already have an equivalent today for remote API calls, and it by no means solves the problem of bad actors. Plus, this will seriously piss off users for installations, unpacking compressed archives, etc. now become incredibly slow.