I am sure a fine one to talk. I talk about security a lot but don’t always practice what I preach. With Windows XP it was unfortunate that just about any user had to run as an administrator on the system. Most software needed admin rights in order to run so there really wasn’t much choice. With Windows Vista there is really no need to run as an admin with User Access control and the ability to escalate to admin mode easily if needed. Did I do it myself? No. Even though I was running as an Admin on Vista with User Access Control rights were not quite as elevated as on a Windows XP box. Most infections occur because of Social Engineering. In other words people do things that they shouldn’t (open attachments, allow unknown websites to run and install Active X controls) etc. I heard a great expression the other day that went “Social Engineering: because there is no patch for Human Stupidity”! In fact I received one of the infected emails for the animated cursor problems a couple of weeks ago. Becuase it didn’t look right I deleted it, but at the time I wasn’t running antivirus software on my machine at all (although I was running IE in protected mode on Vista which would have lowered the damage had I clicked on the link).
So what did I do today? I changed my Vista user account from an Admin account to a standard account, and you know what? To this point I have not had a UAC prompt yet. I haven’t opened many applications though either yet. I don’t recommend that people run as admins on their local machines unless they are really sure they know what they are doing. Still I will continue to use a standard user account and actually practice what I preach!
Stephen
Leave a Reply