G. Andrew Duthie asks: “Will 2005 be the year of Least Privilege” (via Robert Scoble).

Not a chance.  Why not?  Scoble sums it up pretty well (unintentionally):

For those who don’t know what Least Privilege is, it means turning off a bunch of administrator rights so that no software can install without logging off and logging back in as administrator

People don’t want to have to log off and log back on to get stuff installed!  That’s awful.  People want to use their computer and have it get out of the way.  What should happen is that they are prompted for an administrator login when admin privileges are needed and it should all just work seamlessly once such a login has been provided.  Similarly, if they are logged in as Administrator, they should have to provide their password to install software anyway so that they know it’s happening.

Essentially, don’t let software install and run unsafe code without first confirming the user trusts it.  Check out sudo for how to do it on the command line and OS X for how to put a GUI on it.  Then while you’re at it – disable the administrator account and just use this system instead (see sudo for how to handle permissions when there is no administrator/root account).

Sure users can still be daft and install spyware, but putting more steps in their way doesn’t make them not do stupid things if they want to do them.