[guispeak] Re: adaware

  • From: "George Bell" <george@xxxxxxxxxxxxxxxxxxx>
  • To: <guispeak@xxxxxxxxxxxxx>
  • Date: Sun, 9 Jan 2005 13:19:04 -0000

Hi Laura,

I know this relates to Windows 2000, but I don't have time
to research deeper.  However the general principals still
apply.

(Watch the URL doesn't split.  It should end in admin.htm)

http://www.microsoft.com/windows2000/en/advanced/help/defaul
t.asp?url=/windows2000/en/advanced/help/windows_security_why
not_admin.htm

Why you should not run your computer as an administrator
You should not add yourself to the Administrators group and
you should avoid running your computer while logged on as an
administrator. For most computer activity, log on as a
member of the Users or Power Users group. If you need to
perform an administrator-only task, log on as an
administrator, perform the task, and then log off.

Running Windows 2000 as an administrator makes the system
vulnerable to Trojan horses and other security risks. The
simple act of visiting an Internet site can be extremely
damaging to the system. An unfamiliar Internet site may have
Trojan horse code that can be downloaded to the system and
executed. If you are logged on with administrator
privileges, a Trojan horse could do things like reformat
your hard drive, delete all your files, create a new user
account with administrative access, and so on.

You should add yourself to the Users or Power Users group.
When you log on as a member of the Users group, you can
perform routine tasks, including running programs and
visiting Internet sites, without exposing your computer to
unnecessary risk. As a member of the Power Users group, you
can perform routine tasks and you can also install programs,
add printers, and use most Control Panel items. If you need
to perform administrative tasks, such as upgrading the
operating system or configuring system parameters, then log
off and log back on as an administrator.

If you frequently need to log on as an administrator, you
can use Run as. For more information, see Related Topics.


Why you should not run your computer as an administrator

Use Run as to start a program as an administrator

Differences between Windows NT 4.0 and Windows 2000 default
security settings

Default security settings

Add yourself to a group

Log off from the computer so someone else can use it
 

-----Original Message-----
From: guispeak@xxxxxxxxxxxxx [mailto:guispeak@xxxxxxxxxxxxx]
On Behalf Of Laura Eaves
Sent: 09 January 2005 05:38
To: guispeak@xxxxxxxxxxxxx
Subject: [guispeak] Re: adaware

Hi -- this is an issue that has been discussed on other
lists I'm on and amongst my various family members...
Actually, one reason windows is so insecure for the average
user compared to a shell account on a unix or linux system
is that on the unix-based systems the
root/administrator/superuser account is well defined and
separate from all the various user accounts, and
administrative operations are typically only done by the
system administrator who logs on as root only long enough to
do the necessary actions, then does all his/her regular work
as a normal user.  Non administrative operations are never
done running with root or superuser permissions.

Compare this to windows, in which a PC comes with the
default login being OWNER, which has administrative
priveleges, and so the unwary user, when on a malicious web
page, or clicking on an attachment or untrusted program, can
unleash a virus running with the same priveleges, and can
thus infect the whole system and do much more damage than
the same malicious program run without administrative
priveleges.
Now what to do about it...
I actually haven't tried this, but one of my nephews has
suggested (on xp) setting up the system and installing all
the software you want to use as administrator, then creating
a separate login with only guest or other non-administrative
priveleges and do your regular work there.  Now if there
comes a time when you need to do something as administrator,
you can always give yourself admin priveleges (I forget how
to do this easily), but for most operations, this is not
necessary.

Now this sounds like a good idea in that a non-administrator
can't install new programs or update drivers and other
system files, and I believe can't munge with the registry.
But since windows is generally a single user OS (although it
allows for multiple logins), people are used to doing things
as administrator, to the point where the boundaries are
blurred.  It's really funny discussing this on the various
programming lists I'm on.  Most people who know anything
about systems and programming, know that windows is quite
full of holes, if you know where to look, but on the one
list where there are Microsoft employees, the tone is much
different: they don't deny there are holes, but they say
it's only because there are so many users that virus writers
target windows systems.  But that being aside, windows is
used much more by people who aren't savvy technically and
only use the computer for end user applications and don't
want to deal directly with security.  So they run as
administrator, not even knowing such a thing exists... and
the details of what is happening is hidden from them (on
purpose, since windows is intended to be simpler to use),
but this means that a hacker knows how to sneak in and the
average user doesn't know how to protect against it.

Sorry state of affairs.
But it is quite interesting.  Windows is different from unix
in that unix/linux separate the operating system from the
applications, whereas windows tries to integrate everything
together.  Well, this is the result...

Off soapbox.  Hope I haven't confused the issue.
Since I tend to be a tech nerd, having been a professional
programmer, I like to know what is happening on my windows
system, and so experiment with settings and look at log
files and the like.
And I am (blush) still running as administrator, since as I
said, I have to switch so often to doing admin-related
activities that I don't want to have to type in a password
several times a day.
But the option is still there to separate activities.  I
should try it to see how it affects operation of the apps
I'm running.
Actually, large corporate and government organizations do
run many windows clients with logins in restricted mode, so
it is done in practice, but again, the home user often never
bothers with such things.
Take care and let me know if you find any good spyware
removers.  I ran one a while back and was amazed how much
had been installed on my system without my knowledge -- logs
of activity in my temp folder, programs that monitored
things, adware, etc.  The logging and spyware programs scare
me the most as I don't want things like my paypal password
being swiped.  Now that would be a pain--having some spyworm
logging and transmitting your passwords who knows where...
Take care.
--le

----- Original Message -----
From: "Scott V" <scott2089@xxxxxxxxxxxxxx>
To: <guispeak@xxxxxxxxxxxxx>
Cc: <helpneededlist@xxxxxxxxxxxxxxx>
Sent: Saturday, January 08, 2005 11:38 PM
Subject: [guispeak] adaware


    Is there a way in ad personal co to block the ads from
coming in the
first place?
Thanks


** To leave the list, click on the immediately-following
link:-
**
[mailto:guispeak-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** guispeak-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on
the
** immediately-following link:-
** [mailto:guispeak-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** guispeak-request@xxxxxxxxxxxxx with the Subject:- faq 

** To leave the list, click on the immediately-following
link:-
**
[mailto:guispeak-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** guispeak-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on
the
** immediately-following link:-
** [mailto:guispeak-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** guispeak-request@xxxxxxxxxxxxx with the Subject:- faq



This Message has been scanned for viruses by McAfee Groupshield.
** To leave the list, click on the immediately-following link:-
** [mailto:guispeak-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** guispeak-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:guispeak-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** guispeak-request@xxxxxxxxxxxxx with the Subject:- faq

Other related posts: