Spyware, Viruses, & Security forum

General discussion

Stop viruses and reduce your vulnerabilities - Easily!

by rh / April 22, 2004 10:56 PM PDT

Here's a thought folks....JUST DON'T RUN AS AN ADMINISTRATOR!!!

Over 90% of the people using their computers (email, web, word proc, etc.) do not need administrator rights. However, most all of them have them, and a lot don't even know it. It's like opening all the doors and windows and wondering why things are getting stolen or damaged.

Here's the advantage, holes that let trojans in, activex controls that do damage, virus infected attachments, etc. DO NO HARM. They (at least the majority of them) all try to install themselves, overwrite system files, change registry settings, change program files, etc. Well, guess what, they all do this in the context of the current user...if the user is an administrator, they do their harm...if the user is running as a limited account, they can do no harm.

Running as a limited user has become very easy with WinXP. Simply setup an account, give it limited rights, and use it. Keep the admin account for when you absolutely need to use it (install new apps, update the system, etc...again something that a large majority of users don't often do.)

This concept is not new, other OS's have employed this for years. For those Unix/Linux users, how mny times have you been told "Not to run as root"?!
Windows is just starting to catch up. But, one big key to this is to insist that the software you run is compliant with these rules. Older software will most likely have some problems, but WinXp let's you deal with those by running them as another user (if needed). However, I would highly recommend insisting that your software carries the "Designed for Windows XP" logo to give you the best and most secure computing experience. Apps that carry that logo have passed certification that they will work *properly* in an environment where the user does not run as an admin.

Folks, this is SUCH an easy prevention method that it too simple to miss. I would still recommend the use of a firewall (which next service pack of WinXp will enforce) and if you wish, some virus scan software for that 1% of viruses that might screw up some files. But by far, this approach will lead most new or non-tech folks to have a wonderful computing experience (which is what it should be).

Discussion is locked
You are posting a reply to: Stop viruses and reduce your vulnerabilities - Easily!
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Stop viruses and reduce your vulnerabilities - Easily!
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Re:Stop viruses and reduce your vulnerabilities - Easily!
by Donna Buenaventura / April 23, 2004 2:00 AM PDT

Thanks for sharing your very useful thoughts.

Some users do not want the idea of logging-off and on. Some users has trouble in running 3rd party application that does not run in limited account. This reasons will lead or force them to use Administrator account but I do agree and also recommend to use Admin account only when needed.

For those who prefer to use Administrator account, there are ways to secure administrator account (just in case a user really want to use this admin account or if facing difficulty in running an application that also runs with administrator account.)

Windows XP Security Checklist- Basic and intermediate steps to secure Windows XP at http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm

Home and Office User Tips and Tricks: Help Protect Your PC. Six Tips to Help Protect Your PC and Avoid Security Menaces

For XP Pro users - take advantage of Group Policy Editor to secure the accounts and software. Type GPEDIT.MSC and hit enter! Happy

Collapse -
Re:Re:Stop viruses and reduce your vulnerabilities - Easily!
by rh / April 27, 2004 9:44 PM PDT

A couple of points..
The "some users" are relatively small in number compared now to the amount of general users out there. How often does one need to log off and on? I am a system software developer and consider myself to be a power user. I run with a limited account and have done so for over a year now. Rarely do I have to log-off in order to do my work. XP provides more than sufficient means to switch or run-as a higher level account. Most basic or new users simply check email, browse the web and maybe, sometimes do some documents...there is absolutely no need for admin rights there.
As for the 3rd party software not working in a limited account...demand it or find something else that does! Windows security was always open a sloppy and many developers reflected that in their code. Times are changing and security is more important than those days. If a software app forces you to run as admin, they are asking that you open up all the doors and windows and leave yourself vulnerable. No thanks! Can any Unix folks out there imagine a software package that demanded you to run as root to use it?
I can simply say that for the 20-30 friends and family that I have who use computers; I have switched them all over to this method. They enjoy their computing much more, have less problems with "my system doesn't work like yesterday", feel more comfortable with sending and receiving information, and all look for the "Designed for XP" logo on any software they wish to use.
Luckily most of them are conscious enough to understand that they don't know exactly how computers, viruses, worms and so forth work and understand that running as admin leaves them open to such attacks. They don't want to become the proliferators of attacks to their email contacts and are happy to take the ounce of prevention.

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions

The Samsung RF23M8090SG

One of the best French door fridges we've tested

A good-looking fridge with useful features like an auto-filling water pitcher and a temperature-adjustable "FlexZone" drawer. It was a near-flawless performer in our cooling tests.