DropMyRights - Page 1

So you're still running XP, and as with most users in 'Internet land', you're logged on as an Administrator user. Now I'm not going to lecture you on all the security advantages of being logged on as a standard user most of the time, and just using an Admin account to make system changes, because while it's true, and lets be honest here, some software (even after all these years) just doesn't work correctly if you're not logged on as an Admin user.

Other users regularly perform tasks that require them to be logged in as an Admin, but it can become a bit of a hassle logging in and out again twenty times a day just to do your everyday computing. The end result? That limited user account you created with all those good intentions gets left there, unused, while you carry on doing all of your day-to-day tasks logged in as an Administrator. And yes, I'm currently logged in as an Admin user too.

But there's an easier way to protect your computer from that potentially dangerous Admin account, and it doesn't involve logging in as another user, or the slightly over enthusiastic User Access Control (UAC) mechanism found in Vista.

The solution is to set all those programs which are potential vectors of attack, (web browsers, email clients, and maybe your office applications) to always run with reduced rights - meaning that although you're logged in as an Administrator, your browser doesn't necessarily have to run with the same rights as that Administrator user, it could run with the rights of a normal user, or an even more limited 'constrained' user. So while everything else on your system is running as an Administrator, your chosen applications can be running in a restricted environment.

Running applications with reduced rights instantly stops them from accessing certain areas of your machine by default, this in turn drastically reduces the effects of Viruses/Trojans or other Malware that might get accessed through that software on your system (this is in part one of the main reasons why Macs and Linux are generally safer than Windows, as for them running everything as a restricted user is 'the norm').

Sounds like a good idea, but do I really need to do this?

Don't think you need to worry about such things? Well think again. Even veteran computer users can get infected without realising these days. Did you know that Windows can get infected just by viewing a Web page, or loading a picture in your browser?

Remember when everyone and their dog told you not to open email attachments for fear of a virus/trojan? Well it's now possible to infect Windows with some things by simply reading the e-mail message, even if the attachments are left untouched.

Naturally you only visit 'good' websites, so you should be fine, right? Wrong. Reputable sites are getting compromised more and more by nefarious users in an attempt to install malicious software on your computer. The owner of the Web site might not even realise this has happened for a long time, if ever.

Even if you've got various antivirus and antispyware programs installed, no application catches everything. How about your firewall? In this context it's all but useless, as the problems covered here are not the sort that a firewall can help protect you from.

Page: 1, 2 Next >>>

Article Navigation:

• Introduction - Drop those rights!
• Do I really need to do this?
• How do I do it?
• Setup
• Which programs?
• Inheritance
• Testing
• End