you are complicating the process, their is always a way, noone thought you could run two programs at once.....the "gloving" theory just came to me a few minutes ago so I don't have all the answers right now, give me some time and I'll write something
There always being a way and there always being a SECURE way are two very different things.
You can't claim to ask a security problem, and then get all worked up when you're given a security answer.
Here's the reality: IE will not only have the low-risk settings, it'll also be using the (oh god, I'm not even going to try and enter the acronym... suffice to say that all content that ISN'T from the machine gets effectively sandboxed using this API set, which
was introduced in XP SP2), so not only will the browser be locked down, but ALL content that isn't from the machine'll be kept under lock and key as well.
That answer your question (kinda sorta)?
I'll need to go back and listen to the demo again (gnomedex one), because the second presenter actually covered this.