Elevation of Privilege is a card game from Microsoft designed to restore fun to the process of learning threat modeling. Cards come in six suits—Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege—with specific threats described on each. To play a card, participants must describe how that threat applies to the subject system.

Elevation of Privilege is available under a Creative Commons license—clearly a major decision on the part of Microsoft, as the game adds so much fun to threat modeling that I’m sure it would have outsold Dominion. Don’t believe me, watch the excitement of players in this video:

Get Microsoft Silverlight

[Hat Tip: Ido—you have no idea how glad I am you pointed that out]