[guispeak] Re: adaware

  • From: "david poehlman" <david.poehlman@xxxxxxxxxxxxxxxxxxxxxxxx>
  • To: <guispeak@xxxxxxxxxxxxx>
  • Date: Sun, 9 Jan 2005 10:13:17 -0500

I tried this approach and found that I could not run some of my apps unless 
I was running as admin.

Johnnie Apple Seed

----- Original Message ----- 
From: "Laura Eaves" <leaves1@xxxxxxxxxxxxxxx>
To: <guispeak@xxxxxxxxxxxxx>
Sent: Sunday, January 09, 2005 12:38 AM
Subject: [guispeak] Re: adaware


Hi -- this is an issue that has been discussed on other lists I'm on and
amongst my various family members...
Actually, one reason windows is so insecure for the average user compared to
a shell account on a unix or linux system is that on the unix-based systems
the root/administrator/superuser account is well defined and separate from
all the various user accounts, and administrative operations are typically
only done by the system administrator who logs on as root only long enough
to do the necessary actions, then does all his/her regular work as a normal
user.  Non administrative operations are never done running with root or
superuser permissions.

Compare this to windows, in which a PC comes with the default login being
OWNER, which has administrative priveleges, and so the unwary user, when on
a malicious web page, or clicking on an attachment or untrusted program, can
unleash a virus running with the same priveleges, and can thus infect the
whole system and do much more damage than the same malicious program run
without administrative priveleges.
Now what to do about it...
I actually haven't tried this, but one of my nephews has suggested (on xp)
setting up the system and installing all the software you want to use as
administrator, then creating a separate login with only guest or other
non-administrative priveleges and do your regular work there.  Now if there
comes a time when you need to do something as administrator, you can always
give yourself admin priveleges (I forget how to do this easily), but for
most operations, this is not necessary.

Now this sounds like a good idea in that a non-administrator can't install
new programs or update drivers and other system files, and I believe can't
munge with the registry.  But since windows is generally a single user OS
(although it allows for multiple logins), people are used to doing things as
administrator, to the point where the boundaries are blurred.  It's really
funny discussing this on the various programming lists I'm on.  Most people
who know anything about systems and programming, know that windows is quite
full of holes, if you know where to look, but on the one list where there
are Microsoft employees, the tone is much different: they don't deny there
are holes, but they say it's only because there are so many users that virus
writers target windows systems.  But that being aside, windows is used much
more by people who aren't savvy technically and only use the computer for
end user applications and don't want to deal directly with security.  So
they run as administrator, not even knowing such a thing exists... and the
details of what is happening is hidden from them (on purpose, since windows
is intended to be simpler to use), but this means that a hacker knows how to
sneak in and the average user doesn't know how to protect against it.

Sorry state of affairs.
But it is quite interesting.  Windows is different from unix in that
unix/linux separate the operating system from the applications, whereas
windows tries to integrate everything together.  Well, this is the result...

Off soapbox.  Hope I haven't confused the issue.
Since I tend to be a tech nerd, having been a professional programmer, I
like to know what is happening on my windows system, and so experiment with
settings and look at log files and the like.
And I am (blush) still running as administrator, since as I said, I have to
switch so often to doing admin-related activities that I don't want to have
to type in a password several times a day.
But the option is still there to separate activities.  I should try it to
see how it affects operation of the apps I'm running.
Actually, large corporate and government organizations do run many windows
clients with logins in restricted mode, so it is done in practice, but
again, the home user often never bothers with such things.
Take care and let me know if you find any good spyware removers.  I ran one
a while back and was amazed how much had been installed on my system without
my knowledge -- logs of activity in my temp folder, programs that monitored
things, adware, etc.  The logging and spyware programs scare me the most as
I don't want things like my paypal password being swiped.  Now that would be
a pain--having some spyworm logging and transmitting your passwords who
knows where...
Take care.
--le

----- Original Message ----- 
From: "Scott V" <scott2089@xxxxxxxxxxxxxx>
To: <guispeak@xxxxxxxxxxxxx>
Cc: <helpneededlist@xxxxxxxxxxxxxxx>
Sent: Saturday, January 08, 2005 11:38 PM
Subject: [guispeak] adaware


    Is there a way in ad personal co to block the ads from coming in the
first place?
Thanks


** To leave the list, click on the immediately-following link:-
** [mailto:guispeak-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** guispeak-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:guispeak-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** guispeak-request@xxxxxxxxxxxxx with the Subject:- faq

** To leave the list, click on the immediately-following link:-
** [mailto:guispeak-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** guispeak-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:guispeak-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** guispeak-request@xxxxxxxxxxxxx with the Subject:- faq

** To leave the list, click on the immediately-following link:-
** [mailto:guispeak-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** guispeak-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:guispeak-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** guispeak-request@xxxxxxxxxxxxx with the Subject:- faq

Other related posts: