Full Disclosure mailing list archives
Re: [Fwd: Re: windows future]
From: Rohit Patnaik <quanticle () gmail com>
Date: Thu, 27 Aug 2009 15:24:47 -0500
While running as a user (as opposed to root) does help, it doesn't obviate the need for education and good computer hygiene. After all, all of the information and most of the programs your users are running manage to go just fine without root access. Unless you've really strictly locked down the workstations, its still quite possible for malware to gain access to data or computing resources (e.g. CPU time, network bandwidth) without completely "owning" the computer. The one big advantage of non-privileged accounts is that they're easier to clean up if they do get infected with malware. After all, its a lot easier to backup and wipe a single account than it is to wipe and restore an entire system. However, I'm not sure how much of an advantage that is to someone whose goal is to *prevent* infection, rather than mitigate them after they occur. --Rohit Patnaik Peter Besenbruch wrote:
I'm not sure this is a solution. Most of the people I work with will unquestioningly click every UAC prompt. Knowing what to whitelist requires a fair degree of technical skill beyond most users' ability.On Thursday 27 August 2009 08:34:54 Thor (Hammer of God) wrote:If they can just "unquestionably click" the UAC prompt, then they are already running as administrators, or your DA has changed the default setting for UAC, which requires "normal users" to enter the admin username and password to run code with escalated permissions. In either case, it's not Vista's fault.It is somewhat Vista's (or Windows') fault if the default user is also the administrator by default. Yes, knowledgeable people will know to set up a separate user account, but in a home environment such people are few and far between. In my own "business" situation, I am the computer goto guy. Our equipment isn't capable of Vista. When I arrived it ran XP Home. It took about a year, but we migrated to something more open source, and to an OS that insists on regular user accounts by default.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [Fwd: Re: windows future] Rohit Patnaik (Aug 27)
- Re: [Fwd: Re: windows future] Peter Besenbruch (Aug 27)
- Re: [Fwd: Re: windows future] Thor (Hammer of God) (Aug 27)
- Re: [Fwd: Re: windows future] Peter Besenbruch (Aug 27)
- Re: [Fwd: Re: windows future] Rohit Patnaik (Aug 27)
- Re: [Fwd: Re: windows future] Thor (Hammer of God) (Aug 27)
- Re: [Fwd: Re: windows future] Rob Thompson (Aug 27)
- Re: [Fwd: Re: windows future] Thor (Hammer of God) (Aug 28)
- Re: [Fwd: Re: windows future] Peter Besenbruch (Aug 27)
- Re: [Fwd: Re: windows future] Thor (Hammer of God) (Aug 28)
- Re: [Fwd: Re: windows future] Peter Besenbruch (Aug 28)
- Re: [Fwd: Re: windows future] Thor (Hammer of God) (Aug 28)
- Re: [Fwd: Re: windows future] Peter Besenbruch (Aug 28)
- Re: [Fwd: Re: windows future] Thor (Hammer of God) (Aug 28)
- Re: [Fwd: Re: windows future] Peter Besenbruch (Aug 28)
- Re: [Fwd: Re: windows future] Thor (Hammer of God) (Aug 27)
- Re: [Fwd: Re: windows future] Peter Besenbruch (Aug 27)