Ryan Naraine has written a nice article for eWeek about non-admin security in XP. He notes that Microsoft will be promoting Least-privileged User Accounts heavily in Longhorn, but that you can enjoy their added security right now – if you know where to look in Windows!

The article includes commentary from security guru Michael Howard about the problems of user education, and a link to my own nonadmin wiki, where we’ve been gathering tips and best practices for the whole community to use. Most of which came from Aaron Margosis, of course :)

Ryan emailed me for comments when he was writing the article, but I bowed out when I heard that he already had Michael’s feedback – Michael is a trained security spokesman, and I definitely am not. So kudos to Ryan for doing a good job of keeping all the information in the article, but me out of it. Definitely a pleasant encounter with the press.

Mary Jo Foley picked up on the story over at Microsoft Watch (“No Need to Wait for Longhorn for LUA”), but in summarizing things for our ADD-prone world, she simplifies a little too far:

The company is making available new tools on a Wiki aimed at Windows users to try to help increase awareness.

The tools aren’t new, the wiki has nothing to do with Microsoft (especially since it's powered by Linux), and I’m not aware of any official effort to raise awareness, but apart from that the sentence is accurate :)

Oh, and thanks to everyone who noticed! Including Jack Richins, J. Daniel Smith, Peter Provost, and Kirby Turner.

Category: Security