Alex Ionescu has released (working binary, no code, to prevent it being used by malware authors) a program that circumvents the Vista
Protected Processes by letting the user mark any process as protected or unprotected.
I'm not a Windows internals expert by any stretch of the imagination, and I don't even have the code in question. But while Alex gets the title of his post right -
Why Protected Processes are a Bad Idea - he doesn't explicitly answer that question. A naive reading of his post would simply tell you that Protected Processes are a bad idea because the implementation's broken. So I wanted to add this commentary:
If you can't implement the desired separation of privileges
with the permissions system you've already got, much more important things are broken than DRM.
Owner login