It is a clear privilege boundary, just not a barrier. Beyond UAC is Admin, before UAC is non-Admin. Crossing that divide requires a user interaction. UAC can be a barrier if it would display more about the programs intention. Similar sudo could be improved the same way.

No, that's not correct. The reason it's not a barrier and not a boundary is because there are universal bypasses.

Hurdle? I feel like we're getting off topic =]