Re: Using Same Account as both Admin and Limited User



Anteaus wrote:
What is actually needed on a one-per-desk computer is a way to prevent
access to system files when in 'normal mode' so as to offer better security
against malware, and to allow such when in 'maintenance mode.'

What happens instead is that all system configuration is done under an
entirely different collection of settings, and any changes to the settings
are thrown-away when returning to normal mode. This causes extreme
awkwardness (in fact it means that most apps have to be configured
twice-over) and is the main reason most people don't run as a limited user.

Well, that's why Microsoft made Windows Vista. Uh, wait...

You can do several useful administrative things from a limited user
desktop with right-click "Run As..." to select your administrator
account. Other things you can't do at all, and some you can do by
using "Run As..." in an indirect way. I think that's a way to run
hard disk maintenance tools, for instance - through "Computer
Management". But Windows Explorer, and "Windows Update" inside
Internet Explorer, seem to be out.

Administrator is always present and active in your computer but may
not be talking to you.

On the other hand, "Ordinary user" could be compromised while
administrator is not - or so we're told. And yet frequently we hear
of a Windows Update that stops a malicious exploit that invades as
"Ordinary user" and then escalates to administrator. Which is not
even needed if /you/ escalate "Ordinary user" to administrator
status. I'm sure there are exploits that just assume that, like very
many users even today, the victim is an administrator.

As it happens, I'm looking for advice on securing an XP Home netbook I
just got. Is there a good FAQ?

Let's say my administrator account is named "Arthur" and the everyday
user is named "Galahad" - although that's not leading anywhere. Now
for instance there's a "real" Administrator that only works in safe
mode, right? Apparently with no password as default? On the WWW I
can find people telling me to rename /that/ administrator, delete it,
change the password. Does any of that stuff matter if the account
isn't accessible except for explicitly invoked mainenance?

Also, I've apparently been silently but legally supplied with Norton
Internet Security 2008 on hard disc, but not configured. But I favour
F-Secure's products, and I want to upgrade protection on other systems
I own, too. Also, my employer uses F-Secure. Still, I have this one
copy of Norton for free - temporarily, I expect, a limited-time
subscription.
<http://voices.washingtonpost.com/securityfix/2009/07/
update_for_norton_internet_sec.html> (Brian Krebs) repeats but
disagrees with criticism: "NIS has earned a bad rap over the years for
being a slow, resource-hogging beast of an anti-virus program, but
when I trialed the program for a few months, I found NIS2009 to be
very fast and unobtrusive." He doesn't mention it being hell to remove
from a system, which I've also heard. So I guess it could be (1) best
avoided or (2) too late, since it's kind of there.
.



Relevant Pages

  • Re: MS Popups?
    ... "Anyone who prefers security over freedom deserves neither." ... Windows Update is the online extension of Windows that helps you get the ... Click the Trusted Sites icon, ... is disabled, contact your system administrator. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Error number: 0x800A0046
    ... When searching for available updates on the Windows Update site, ... Resolution: Set the Security Descriptor ... Choose Local Security Policy ... Add the Service and Administrator to the list of Users and Groups. ...
    (microsoft.public.windowsupdate)
  • Re: Server 2003 updates fail
    ... "Administrators" group and Windows Update again. ... Manage auditing and security log ... I was log on as the administrator when getting ... I have been able to download and apply in past w/ the same ...
    (microsoft.public.windowsupdate)
  • I cant seem to get Windows Update to Run
    ... informed to make sure first I have the current patches ... in as administrator and the same thing happens. ... >do you have any security on example black ice or similar ...
    (microsoft.public.windowsupdate)
  • [NT] User Downgraded from Administrator to User Retains the Ability to List Other Users Running Task
    ... Beyond Security would like to welcome Tiscali World Online ... Windows XP presents a new option called "Fast User Switching" (FUS). ... Eitan has found that if a user is downgraded from an administrator role to ... as shown in task manager)) via tempting the local ...
    (Securiteam)