InfoWorld takes a somewhat skeptical tone in their article on the new LUA model in Longhorn, but even so, it's great to see the topic of least privilege getting more attention from the industry media.

The article, I think, overstates the difficulty of running your computer with least privilege, but it's certainly true that developers who run as admin and fail to adequately ensure that their software runs as LUA are a big part of the problem. I'll be discussing this very topic at Tech-Ed in June, namely, how developers can improve the security of their software by changing their own login habits in addition to using the principle of least privilege in their software.