94% of Microsoft Vulnerabilities Can Be Mitigated By Turning Off Admin Rights (computerworld.com) 238
An anonymous reader quotes Computerworld:
If you want to shut out the overwhelming majority of vulnerabilities in Microsoft products, turn off admin rights on the PC. That's the conclusion from global endpoint security firm Avecto, which has issued its annual Microsoft Vulnerabilities report. It found that there were 530 Microsoft vulnerabilities reported in 2016, and of these critical vulnerabilities, 94% were found to be mitigated by removing admin rights, up from 85% reported last year. This is especially true with the browser, for those who still use Microsoft's browsers. 100% of vulnerabilities impacting both Internet Explorer and Edge could be mitigated by removing admin rights, Avecto reported... Windows 10 was found to have the highest proportion of vulnerabilities of any OS (395), 46% more than Windows 8 and Windows 8.1 (265 each). Avecto found that 93% of Windows 10 vulnerabilities could be mitigated by removing admin rights.
Of course, the stats are based on vulnerabilities announced in Microsoft Security Bulletins, but there's an overwhelming pattern. Turning off admin rights mitigated the vast majority of vulnerabilities, whether it was Windows Server (90%) or older versions of Microsoft Office (99%). And turning off admin rights in Office 2016 mitigated 100% of its vulnerabilities.
Of course, the stats are based on vulnerabilities announced in Microsoft Security Bulletins, but there's an overwhelming pattern. Turning off admin rights mitigated the vast majority of vulnerabilities, whether it was Windows Server (90%) or older versions of Microsoft Office (99%). And turning off admin rights in Office 2016 mitigated 100% of its vulnerabilities.
100% of Microsoft Vulnerabilities (Score:5, Funny)
100% of Microsoft Vulnerabilities Can Be Mitigated By not using Windows
Re: (Score:2)
Re: (Score:2)
How so? If I access my Hotmail account through Firefox on a GNU/Linux PC or through the Outlook app on an Android/Linux tablet, I'm still vulnerable to any vulnerabilities in Microsoft's servers.
Re: (Score:2)
How is Hotmail exploiting a vulnerability in your non-Windows PC?
It isn't. The vulnerability to which I refer is in Microsoft software that runs on a device other than my PC.
Hotmail goes through Microsoft's server. If the Microsoft software running on Microsoft's server has a vulnerability, the data stored on said server on behalf of its users is affected, even data stored on behalf of users who do not run an Windows operating system. Therefore, shunning Windows will not protect users from all vulnerabilities in Microsoft software.
Hotmail, really?
Unlike Google with respect to Gmail, Mic
Re: (Score:2)
If there's one multinational corporation I trust to keep a promise, it's Microsoft.
Unless Microsoft wants to stop doing business in Europe, there's at least one organization with the power to hold Microsoft to its promises.
Re: (Score:2)
Windows 10 Enterprise has that functionality coming up.
I do this anyway... have a VM just for running the browser under. This way, if/when it gets nuked, a rollback to a snapshot cures it. Running ad blocking software doesn't hurt either.
Not viable on Windows 10 (Score:5, Informative)
as it is on macOS. On W10, for some things it will ask you to identify as an admin, and proceed, and for other things it will just fail instead, either forcing you to relog as admin, or to enable admin for your main account. They couldn't even make this work.
Re:Not viable on Windows 10 (Score:5, Insightful)
I think you hit the nail on the head right there. I've always felt the interface to gain admin on Windows has been clunky and inconsistent at best.
Re:Not viable on Windows 10 (Score:5, Insightful)
They can't make it work. Windows core architecture is fundamentally broken and insecure. See MS's documentation about security tokens and permissions. You can only unmask permissions since 2008R2. This means that your process starts with max permissions and is masked to reduce it. Totally unlike the authentication/authorization and security elevation process in pretty much every other system out there.
No, your process starts with a *masked* token. The security subsystem creates *two* tokens when you log in: One with all of your privileges and one where "admin" privileges has been masked out. Switching from the masked token to the unmasked token is called *elevation*.
The desktop process (explorer.exe) and any process that you launch will *by default* use the non-elevated token. This means that by default none of your user processes have admin privileges, even if you logged in using a admin account. It is understandable that someone only familiar with the Linux/Unix model does not get this at first, because Linux/Unix do not have *tokens*. The *nix model can only describe the permissions of a process through an "effective user" - i.e, a reference to an account. No token.
On Windows, each process has a security token which by default is inherited from the parent process, but may differ. This is not possible on *nix where you need to refer to some user id to describe the privileges indirectly.
An executable's manifest may indicate that the it needs certain admin privileges when executed. In that case, Windows will look up to see if your *unmasked* token fits the required privileges. If it does, Windows will prompt you for consent to use the elevated token. If you approve, the new process is launched with the elevated token that was created and stored when you logged in.
Re:Not viable on Windows 10 (Score:5, Insightful)
Re:Not viable on Windows 10 (Score:4, Informative)
Too much of the system still requires administrative rights for it to be viable.
That is utter nonsense. It is such a shame to see this modded as informative, because it is completely misleading.
I have use standard accounts since Windows NT 4.0. Now that was a pain, but every single version of Windows has made the process easier than the last. The biggest improvement was the UAC that prompts for the admin password when needed. Some badly written software can still cause problems like programmatically checking that the current user is an administrator and giving an error message if not. This means the UAC doesn't get a chance to kick in.
But those programs are few and far between, and you can usually manually launch the program as admin by holding the shift key down and right-clicking on the program (or just change the icon's compatibility settings to run as administrator if the program has been installed). It is incredibly rare that you ever need to actually log in using the administrator account. Temporary elevation is usually enough (the equivalent of *nix sudo).
Re: (Score:2)
But, about half the applications I use in Windows require administrator rights to work. Some of these center around DRM/Licensing controls, some are likely just lazy, and some are because the software was never designed for multiple user m
Re: (Score:2)
But, about half the applications I use in Windows require administrator rights to work.
You should probably name and shame those applications then, because they are the problem; not Windows.
I would add an extra reason to your list of why some programs require administrator rights: stupidity. The accounts software that we used for many years required administrator rights to run. It annoyed me because I could not see why it would be required. Upon inspection, I found a *.MANIFEST file in the install directory. It had a setting of something like userLevel=highestAvailable. I changed this to asInv
Re: (Score:2)
How do you run a program as an administrator with a different account in windows 10?
If it is on the start menu right click on it, then on the pop-up menu choose "More->Run as administrator". If the program is an icon on the desktop or an executable file then right click on it and choose "Run as administrator". If you always want to run that particular program as an administrator, then right click on the desktop icon or program file and choose Properties. Under the Compatibility tab, select "Run this program as an administrator".
Re: (Score:2)
I seems I must remind everyone. Windows 10 admin rights can not be turned off. Sure you can knock out your 'limited' admin rights but you can not shut down M$'s over arching admin rights which they demand and have basically implemented as a root kit implement, that is impossible for you to remove. So great big ole fat lie, you can not longer shut down admin rights, except your own, specifically 'limited' admin rights, as one you install windows 10, you surrender all your rights to M$.
Re: (Score:2)
This sounds like BS. I used an ordinary user account on Windows 7, I'm an ordinary user on Windows 8, no problems. Hard to believe they broke it in Windows 10.
Re: (Score:2, Informative)
This sounds like BS. I used an ordinary user account on Windows 7, I'm an ordinary user on Windows 8, no problems. Hard to believe they broke it in Windows 10.
They didn't. I have my dad set to a general user account on his W10 machine and he has zero issues. Every program runs perfectly, even the one in DosBox.
On those occasions something needs installed or updated, I log into the administrator account, take care of it, then log off. Not a single issue so far.
Re: (Score:2)
Re: (Score:2)
I have my dad set to a general user account [...] On those occasions something needs installed or updated, I log into the administrator account, take care of it, then log off. Not a single issue so far.
Can you do that remotely on the home version, or do you need to be physically present? Because if it's Saturday evening, and your city doesn't run buses on Saturday evenings or Sundays (as Fort Wayne, Indiana, doesn't), it might be a long wait before you can be present at dad's computer.
Re: (Score:2)
Can you do that remotely on the home version, or do you need to be physically present?
You don't need to be present. UAC prompts work through Windows Remote Assistance.
Re: (Score:2)
Re: (Score:2)
As far as the article, I agree with Avecto's findings. On any computers I have setup for others, I have always setup a separate admin account from the working user account and made sure the latter did not have admin rights. For some people I simply made this account without a password or something very simple they could remember easily. In either case, simply
Re: (Score:2)
AC is full of crap. Never had issues with Windows 10 and having a separate admin account (which is the best policy no matter the operating system).
I would argue that not relying on a tie between accounts and privileges is a better policy. It may take more work to set up something like selinux and capabilities, but not a lot of malware or Oracle scripts (but, I repeat myself) can deal with that.
Re: (Score:2)
No you're full of crap, or you're just dumb. It's one or the other.
That's very rude, and especially funny since you are wrong.
The point that was made was that you can do it if you keep switching accounts, which is cumbersome, but the convenient way of always using your regular account and only identifying as admin when needed does not work.
You don't need to switch accounts. If you are changing a system setting or installing software as a standard user, the system prompts for a password. You do not need to log out of your standard account, you just type in the password and keep working as if you had logged in as an administrator account. It does actually work, and only takes a second to type in the password. Perhaps you should actually try it yourself since you obviously don't know how
Re: (Score:2)
What they're trying to say is that there are situations where this will not work, where Windows will not ask you for the password, but just fail instead, thus concluding that for some things your account MUST have admin rights.
And what are those unspecified situations? Because I can't think of anything right now, and especially not something that I would need to run often enough to purposefully undermine the security of my system by running as an administrator account all the time..
Re: (Score:2)
Re: (Score:2)
What they're trying to say is that there are situations where this will not work, where Windows will not ask you for the password, but just fail instead, thus concluding that for some things your account MUST have admin rights.
Oh you mean how apt-get will fail if I forget to run through sudo? Is that a Linux problem
Re: (Score:2)
This. It just doesn't work.
Re: (Score:2)
Re: (Score:2)
and for other things it will just fail instead, either forcing you to relog as admin, or to enable admin for your main account
Right click, select "run as admin". For the few system management apps that don't prompt for admin themselves that's all you need to do. No need to relog or change permission settings.
Also in the news (Score:4, Insightful)
94% of all programs won't run properly without those rights.
Unfortunately for the longest time developers for Windows got away with not giving half a shit about security. To make matters worse, when MS finally decided to tighten the screws, they went overboard by a long shot. You cannot even install a simple program without elevated rights.
And to make matters worse, "elevated" means "full access, anywhere". There is no granularity, it's only "can't do jack shit" or "total control". You cannot open up the program files to install a normal program without also giving that program the ability to drop a low level driver into your system.
Then again, if that worked, a lot of people would probably notice just WHAT kind of crap their beloved games barf into the deeper intestines of their computers for the sake of the all holy DRM.
Re: (Score:2)
Nonsense. I run as an ordinary user and I rarely have to run anything as admin. Games don't require admin.
Re: (Score:2)
It is true on the consumer side, they try at least to follow the minimal requirements to be a good Windows application. the business world on the other side is awful. Applications that don't work if you install on Program Files, that you need to add write permissions to the installation directory, or that need read write permissions on server shares. This is too common on small business targeted applications that I have lost count on the ones I have seen.
A lot of Windows developers have no idea what %appdat
Re: (Score:2)
Hmmm... I'll just say that back in the 1990s I was worked on an end to end full suite of apps in a particular industry, and I recall going thru the work THEN to make sure that everything worked as an ordinary user, because we had a major customer who didn't want to give its users admin rights. I'm having trouble believing it's still the norm to hand out admin, or that there are a lot of applications that insist on installing in particular directory. But maybe I've led a sheltered life.
Re: (Score:3)
I'm pretty sure with Vista, 10 years ago, where there was the push to run users as non-elevated, a lot of developers smartened up.
Re:Also in the news (Score:5, Insightful)
Games don't require admin.
Unless they use third-party digital restrictions management.
Re: (Score:3)
Re:Also in the news (Score:5, Insightful)
Hell yeah. Especially browsers have never, ever a reason to run as root. /usr/lib/chromium/chrome-sandbox
-rwsr-xr-x 1 root root 18768 Feb 19 21:17
Re: (Score:2)
Windows Store apps can have granular control...
Re:Also in the news (Score:4, Informative)
"94% of all programs won't run properly without those rights."
This has not been true since Vista.
Vista introduced virtualization for the filesystem and registry. Apps would think they had admin rights, when in fact they were sandboxed and contained.
These days most apps run fine without admin rights. You can install them and run them without any special access. Older apps that attempt to access protected paths like Program Files and the registry actually write to special per-user and per-app hives.
If an app really needs admin rights you get the dreaded UAC prompt.
This is why Vista was so painful. Too many UAC prompts, the virtualization was slow... But it was necessary.
Re: (Score:2)
Re:Also in the news (Score:4, Informative)
You just have to click the fucking yes button, you don't even need to enter your password.
That only works if you have an administrator account. Standard users do have to type in a password.
Re: (Score:2)
You fucking moron. Standard users don't have admin credentials. OF COURSE THEY HAVE TO TYPE ADMIN CREDENTIALS IN.
Did you even read the part that I quoted from the grandparent, which said that you didn't need to type the password in? Obviously not. It's kind of weird that you call me a moron because I am correct.
Turn it off (Score:3, Insightful)
I found it a whole lot easier to just turn Windows off.
Re: (Score:2)
I found it a whole lot easier to just turn Windows off.
I prefer to get paid.
Re: (Score:2)
Re: (Score:2)
One question I keep asking myself is why there are a zillion ways to do everything in Linux.
Because it's an open ecosystem.
Re:Turn it off (Score:4, Insightful)
I've spent this weekend trying to repurpose an old laptop as a media/streaming machine, and decided to go Linux rather than Windows. It most certainly has not been easier. Maybe if you've worked with the system for years and know the ins-and-outs it is second nature, but Linux has caused all sorts of issues I wouldn't have had on Windows.
If you've worked with Windows for years and know the ins-and-outs of that system, it's a lot easier to set Windows up than something else. Personally, when I have to set up a Windows system, I have a lot of issues I wouldn't have on Linux.
I know because I had to install a Windows system for the first time in about a decade a few months ago. It took me all day and lots of hair-pulling to figure out how to find and install all of the drivers needed to make the thing run. At the end I was still left with a few devices showing errors in the device manager, which I was simply unable to get working. It worked enough, so I gave up on the rest. The worst part of the process was that right after installation Windows had no functioning drivers, for ethernet, Wifi or USB, which made it really hard to get drivers onto the box. I solved this by booting a Linux LiveCD (which worked out of the box), creating a small FAT32 partition, downloading the ridiculously bloated 250MB (WTF?!?) ethernet driver onto it, then booting Windows again and installing from the FAT32 partition. I have no idea how a Windows guy would have solved that.
Re: (Score:2)
I have no idea how a Windows guy would have solved that.
You can make a Windows live CD (called Windows PE). It's rarely necessary though.
It sounds like the version of Windows you were trying to install was not officially supported by your hardware. If it was, drivers would not have been a problem. Since Windows 7 they have included drivers for contemporary chipsets on the disc, which are usually enough to net network access and download the officially supported ones from Windows Update or the manufacturer's website.
For your scenario. downloading the drivers onto
if apps had rights to there own folder then (Score:2)
if apps had rights to there own folder / reg keys then there would be less of an need for admin.
For some apps storing stuff per user can lead to a lot of space used and a lot stuff being downloaded more then 1 time. Also makes it a pain for updates.
This can be an issue with games with user maps / mod and A lot of games have built in downloads for them.
Video and other drives have there own updates. The windows ones can lack the control apps.
Re:if apps had rights to there own folder then (Score:5, Interesting)
if apps had rights to there own folder / reg keys then there would be less of an need for admin.
Maybe.
For some apps storing stuff per user can lead to a lot of space used and a lot stuff being downloaded more then 1 time. Also makes it a pain for updates.
Windows has %appdata% folders (c:\
programdata ) for 'stuff' (files, settings, databases,...) that is shared between all users.
Video and other drives have there own updates. The windows ones can lack the control apps.
This area is a complete minefield... i mean, these days geforce experience requires a sign in, as do the drivers for a razor mouse etc... that whole part of the ecosystem is pretty toxic.
Re: (Score:2)
if apps had rights to there own folder / reg keys then there would be less of an need for admin.
This feature was implemented with Vista. To work around those badly written programs that assume that they can write to their installation folder or LOCAL_MACHINE registry, Microsoft implemented File and Registry Virtualization. If an application opens a file in read/write mode under Program Files, then a copy of that file is made in %APPDATA% and this file is used instead.
This was only intended for old programs, and it only works for 32bit applications. It is assumed that 64bit applications are modern enou
Re: (Score:2)
This was only intended for old programs, and it only works for 32bit applications. It is assumed that 64bit applications are modern enough to know where they should place configuration files and such
And that seems like a very bad assumption to make. I wonder how long before Microsoft realizes this and implements it for 64bit apps too
Chrome updates from the about menu need admin (Score:2)
Chrome updates from the about menu need admin but it does have an background auto update that works without admin.
Firefox has auto and about menu works without admin.
I've often wondered about this. (Score:2)
I wondered if for some rea
Good policy, if you can live with it .... (Score:2)
I've been doing this for a while now with my daughter's Windows 10 PC. She's running as a "standard" user account that prompts for my admin account's assigned PIN code when it needs elevated rights for an action.
It's FAR more functional than an arrangement like this would have been with an older version of Windows like 7 or XP. But it's not perfect. One of the problem she's had is that she's gotten interested in modding games (Minecraft is a good example, as all the serious players use custom texture pac
Vulnerabilities vs infections (Score:2)
I haven't read the article, my bad, my I guess it's not talking about vulnerabilities but about various malware which indeed in most cases requires admin rights to be properly installed.
However a great number of modern viruses live under various hidden directories in the user's profile, e.g. C:\Users\User\AppData\Roaming, so Admin Rights or not but you will be successfully infected.
The real problem with Windows is that most users blindly trust whatever .exe/.pdf/.docx/.xlsx files they receive from absol
No Visual Studio RT (Score:2)
Microsoft is trying hard to solve this problem by migrating to an app model which is used by Android and iOS but it just cannot work with Windows for far too many reasons
Probably the same reason it doesn't work with iOS. You can't develop apps on an iPad Pro with keyboard and Apple Pencil because Xcode works only on a Mac. Likewise, you can't develop apps on a Surface 1 or 2 because Microsoft never released Visual Studio RT. (You can on Surface Pro and Surface 3 because those run full Windows.)
Re: (Score:2)
Windows since Windows Vista makes your user a non administrator by default, unless you 1) disable UAC completely or 2) specifically enable the Administrator account and log under it.
I guess I'll have to read the article because something feels wrong about it.
Hiding the real point (Score:2, Insightful)
The real point of this story is that by disabling admin rights Microsoft can pretend to the world that their products are not the least secure in their respective classes.
Of course it completely fails to address the fact that unless you only want to do very simply things on a computer, admin rights are frequently required.
We knew that almost two decades ago... (Score:2, Informative)
when I worked at Microsoft. We talked about ways of protecting users, but the rumor was that it was killed because so many people buy new computers instead of fixing ones that have a Microsoft-created problem. Viruses are very profitable to Microsoft.
Re: (Score:2)
That's nothing! (Score:2)
You can mitigate 100% of Microsoft vulnerabilities by not using Microsoft products! ;)
Re: (Score:2)
The other 6% (Score:2)
The other 6% can be eliminated by not turning the machine on. And the good news is you'll get almost as much work done.
horseshit (Score:2)
Re: (Score:2)
RUNAS helps with some apps (Score:2)
[c:]runas /showtrustlevels
The following trust levels are available on your system:
0x20000 (Basic User)
This works for firefox and outlook and some others. Chrome and slack fail.
wtf does it mean to turn off admin rights (Score:2)
Is there like a switch? An "Admin Rights" checkbox somewhere? Maybe not a bad idea but I haven't seen anything like that. Did I just miss it? I'm still using Windows 7 so maybe this switch is a new feature in Windows 10. If the author meant that a user should run as Standard (unprivileged) User and not as an Administrator then maybe he should have said that. It is not as simple as just turning something on or off. If you are running as an Administrator you would probably want to actually create a new standa
Check bank / cc statements (Score:2)
-have good backups when ransomware comes in
-enjoy
Yeah and then... (Score:2)
Most of your software wont work properly because monkeys still insist on writing config info into program files.
Re:Duh? (Score:5, Insightful)
Who runs with full admin rights?
Define 'full'.
I run with admin rights on my Windows 10 machine because it's the default and it's a pain in the neck to run without. "Sorry you don't have permissions to set the clock".
Re:Duh? (Score:5, Informative)
I run with admin rights on my Windows 10 machine because it's the default and it's a pain in the neck to run without. "Sorry you don't have permissions to set the clock".
Have you also turned off UAC prompts? Because when I set the time it prompts me for the admin password and it works fine. I don't ever see the message that I don't have permissions to set the clock; I just see the icon on the button to set the time which shows that it will perform an elevation (prompt for password) to run it.
Re: (Score:2, Informative)
I run with admin rights on my Windows 10 machine because it's the default and it's a pain in the neck to run without. "Sorry you don't have permissions to set the clock".
Have you also turned off UAC prompts? Because when I set the time it prompts me for the admin password and it works fine. I don't ever see the message that I don't have permissions to set the clock; I just see the icon on the button to set the time which shows that it will perform an elevation (prompt for password) to run it.
That was an exaggeration for emphasis. I could be more specific.. On a work laptop, I can write to my 'c:\Users\\Documents' folder, but if I try to access it via the various shortcuts on the left of the file manager, I am denied access. No UAC, even though I have the password for that. The permissions on the thing vary based on the path you access it by? That's messed up.
Re: (Score:3)
That was an exaggeration for emphasis. I could be more specific.. On a work laptop, I can write to my 'c:\Users\\Documents' folder, but if I try to access it via the various shortcuts on the left of the file manager, I am denied access. No UAC, even though I have the password for that. The permissions on the thing vary based on the path you access it by? That's messed up.
That's not an account type issue; something is seriously borked on your system. That doesn't happen normally even if you are a standard user. It sounds like the user folders have been moved, but the icons haven't been updated to reflect this. (It's possible that something like OneDrive has fiddled with the folder locations).
I assume that you are talking about the Quick Access section. If I were you I would right click on those folders and select "Unpin from Quick Access". Then browse to the folders and cl
Re: (Score:2)
That's nice, but the Swedish Chef [youtube.com] predates Supreme Court Nominee Bork by a decade. The Muppet Show had a greater worldwide impact than some parochial bit of politics.
Re: (Score:2)
Re:Duh? (Score:5, Informative)
Why does windows ask for the admin password to get rid of an icon?
Because those icons are stored in the shared desktop folder (default: C:\Users\Public\Desktop). Any file or icon here will be visible on the desktop of every user. If you shared a computer with other users, then you might not want the other people to be able to edit the icons that appear on your desktop because they could alter them to run malicious software instead. If you ran a program where you needed to login with a password, then they could write their own mock version of the software that logs the passwords and change the desktop icon to run it instead.
If you don't share the computer with other people, then you could grant write permission on the shared desktop folder to all users. Then you could delete and update automatically created icons to your heart's content.
Re: (Score:2)
Why does windows ask for the admin password to get rid of an icon?
Because those icons are stored in the shared desktop folder (default: C:\Users\Public\Desktop). Any file or icon here will be visible on the desktop of every user. If you shared a computer with other users, then you might not want the other people to be able to edit the icons that appear on your desktop because they could alter them to run malicious software instead. If you ran a program where you needed to login with a password, then they could write their own mock version of the software that logs the passwords and change the desktop icon to run it instead.
If you don't share the computer with other people, then you could grant write permission on the shared desktop folder to all users. Then you could delete and update automatically created icons to your heart's content.
Or you could run with admin rights.
Re: (Score:2)
Or you could run with admin rights.
But that would be stupid considering how vulnerable your system would be (given the topic of this /. story).
Re: (Score:2)
When you make the decision to use windows, you are accepting that you are vulnerable.
But if you can make yourself 94% less vulnerable, it makes sense to do this. I wouldn't run as root/administrator as my general purpose account on ANY operating system. I also would not assume that ANY operating system would make me invulnerable.
Re: (Score:2)
That's all well but why would you want Windows ? Assuming you have the choice.
Because despite what people around here say, Windows is simply good enough. I have a mix of different operating systems, and have no problems switching between them because they all offer the same basic facilities.
Re: (Score:2)
Likewise, GNU/Linux has kernel mode setting and the Direct Rendering Manager.* Isn't that also part of the GUI in the kernel?
* The latter happens to share initials with something more sinister.
Re: (Score:2)
Windows still runs the GUI as part of the kernel?
No. The GUI runs under the logged-in users non-elevated account, i.e. even if you log in as an administrator, the administrator privileges are stripped from the user token that is used for the desktop (GUI) process. (the explorer.exe process).
On the driver level, graphics drivers are split in two: A (hopefully) smaller kernel part as well as a user-mode part. This split is for reliability and security. By keeping the kernel mode small, the developer can limit the attack surface and maximize reliability. A m
Re: (Score:3)
Me too. It's just too much of a hassle to switch admin rights off. Maybe it's better now but knowing MS it will not have changed much since 2000 when I tried using my computer as a normal user. "You can only run that program in administrator mode," it would tell me, or it would just refuse to do the simplest things. I gave u in frustration. I do use my Mac as a normal user, which works fine. It only asks for administrator passwords when doing administrative things like installing programs and changing globa
Re: (Score:3)
Maybe it's better now but knowing MS it will not have changed much since 2000 when I tried using my computer as a normal user.
What? Have you not heard about the User Account Control (UAC) [microsoft.com] that was implemented with Vista? It does exactly what you described happens on the Mac:
It only asks for administrator passwords when doing administrative things like installing programs and changing global settings.
Yep, that's exactly what Windows does. They really have done work on Windows in the last 17 years!
Re: (Score:2)
Oh that's interesting. I will try it out tomorrow. Thanks!
Re: (Score:2)
I'm sorry, but I think that is completely wrong. Exactly how does Windows starting with maximum permissions actually manifest as a real world example?
If you start with a basic account, you don't have to whittle away its rights; it is low by default. If you want it to be a higher access account then you add it to the Administrators group. Then it inherits the additional permissions. This is the opposite of what you described.
Where you might be getting confused is that the permissions system allows for both A
Re: (Score:2)
Not only that, but you can always run as. In my day to day job I run as a standard user. I frequently launch server manager as a domain admin users for admin related tasks. I have not ran as a local or domain admin on windows 10 ever.
Re: (Score:2)
I don't see how it's a pain. It's much less of a pain than cleaning an infected system. I haven't had an Admin account as my normal account since the XP days. If I'm prompted to enter an admin password and it wasn't something I was intentionally doing, I know something's up --- immediate shutdown (full, not just a restart) and scan my system on boot up.
Re: (Score:3)
I'm a DEV, too. My *account* is a limited account. But (depending on the project), I can launch Visual Studio with Admin rights. Some projects are just fine without them, so I don't use them. Other projects require admin rights, so I launch either through Shift-Right-click on the icon and select "Run as Admin" or I create a second shortcut and set the Admin flag. I get the UAC prompt when I launch it, but that's usually only once per dev session, so it isn't *that* annoying. But only Visual Studio is
Re: (Score:3)
Both Windows and GNU/Linux separate "running as root" from "running as a member of the wheel group". Even if you're a member of the wheel group (which may be called Administrators under Windows or sudo under GNU/Linux), you still need to elevate in order to do any tasks that require superuser privileges. But perhaps creating two accounts, one in wheel and the other not, and doing work other than software installation as the user not in wheel would make it harder to social-engineer users into elevating.
Re: (Score:3)
I've read TFA twice now and I still can't figure out if that's what the authors are trying to suggest, or something else entirely.
The entire point of UAC/sudo is to allow users to run in a standard context for day-to-day activities, and to quickly elevate certain applications/actions when it's required. Unless
Re: (Score:2)
Even on my Linux boxes I do not run my web browser or email client as root. To do so is just asking for trouble - even on a Unix system.
Re: (Score:2)
Re: (Score:2)
Eh ? I don't understand. To install software (is that what you mean by ''load'') you generally need to become root for a short while since you typically need to create files in /usr/bin/ & similar. This is very different from the program needing superuser privileges in order to run -- only a very few do. Most packaged software needs to be installed with superuser privileges but if, however, you build it yourself you will run ./configure and can put the software almost anywhere - usually.
Re: (Score:2)
Most Windows vulnerabilities can be mitigated by removing admin rights.
Most vulnerabilities can be mitigated by removing ignorant users.
Re: (Score:3)
Lol. Guess you never worked at a company that uses windows. See they have this thing called a domain. And the windows pc is joined. Then they have this thing called a user. They let employees have this. Then when developers like me want to install anything I have to ask fuck face neck beard to do it.
But no vulnerability... besides the back of fuck face neck beards skull from the large pc case crushing it.
We have an AD domain & ~10,000 users 95% of whom don't have admin rights. But judging by the number of malware infections and re-imaging I see reported, they seem to be really, really good at finding the 6% of cases where Windows without admin rights doesn't work.
Re: (Score:2)
Re: (Score:2)