The idea that the principle of least privilege requires that a user or process be given no more privilege than necessary to perform a job makes a lot of sense in this hostile digital divide we live in. Least privilege has become a passion of mine, and its reflected in everything that I design now adays. Which is why Carina works so well in the face of hostile and malicious code.
In today's show I talk about the security principle of least privilege, how we use it to protect our customer's information... and how you can use it to protect your desktops.
For more information about least privilege please check out some of these links:
- nonadmin.editme.com - This is a community web site (wiki) for Windows users who want to learn how to run without Administrator privileges, and why they should do this.
- "RunAs" basic (and intermediate) topics - Aaron Margosis' introduction on how to use the runas command in Windows
- Secure Coding Practices: Running with Least Privileges in Windows - An older article I wrote for CodeProject on how to develop using least privilege on Windows
- Developing Software in Visual Studio .NET with Non-Administrative Privileges - Lars Bergstrom's great article that explains how to productively develop software while logged on with non-administrative privileges.
- Using a Least-Privileged User Account - A small article on TechNet discussing LUA, and how it will affect LongHorn.
After listening to customer feedback, we are going to try a new format with this podcast. We will keep these single topic recordings short (somewhere around 5 minutes) so that people with busy schedules can still get a chance to listen to it. We will leave longer shows for more in depth interviews etc. Please let me know if you like the new format.
Think strategically. Protect your information. Enjoy!
MP3: Scorpion Vault: Understanding Least Privilege (4:59s / ~4.7mb)