How least privilege models, like UAC and su, will not defeat malware presented at AUScert 2008

by Roger A. Grimes,

Summary : Least privilege models inconvenience users and developers, while not diminishing malicious hacking and malware over the long term; when we should being doing the exact opposite. Least Privilege models have their uses, but minimizing malicious hacking isn't one of them. Attend and learn more about Vista's UAC, specifically discuss the challenges to today's least-privilege models, and learn exactly where hackers can hide their malware in user mode models.