the point was that the model was better, not necessarily the implementation.

Similarly the model of ACLs has a lot of advantages over traditional Unix permissions, however that doesn't make Windows more secure.

Cheers,
Ben