"tryingtolearn" <firstname.lastname@example.org> wrote in
> NOTE: Please see my inline replies.....tryingtolearn....
Usually, inline replies don't get prefixed with >>>>
However, I was able to find your inline replies despite the
>>[... timely backups ...]
>Yes, I have an Iomega eGo portable external hard drive which I do
>backups on. I do this at least once a month---or when some program is
>added or removed or when big changes take place.
That is good, at least where your ability to recover is concerned.
Still, malware can do damage to a user that is non-reversible.
>> Do you run as administrator all of the time, or did you create a
>> limited user account for your daily activities?
> I run as administrator ALL the time. I never change this. As I said, I
> am the only one who uses the computer. There is just myself & my
> husband & he can't operate the computer. No kids or grandkids. There
> are no other users with any access levels, limited or otherwise.
This is a very bad idea. If by chance you *do* execute malware, it will
have 'the keys to the kingdom' and can thoroughly infest your system.
Malware executing in a limited user account has less power to completely
hose your system - making it a much better idea to run limited
>>> I am not worried about people tampering around with my computer in
>>> my home. I'm a little foggy as to exactly what UAC controls...
>> Actually, UAC enables a limited user easy access to the administrator
>> account's elevated security token. Most of the complaints stem from
>> user's inability to settle for limited user rights in their day to
>> day operations.
> See my notation in above blurb.
It is not just about a 'multiuser' system and having passworded
accounts, it is about doing inherently risky things (web browsing) as an
administrator when such things should be done from 'userland' (i.e.
limited user). Sure, there are malware programs that exploit flaws in
programming that allow 'userland' programs to escalate privileges - but
these are usually addressed by the faulty software's vendor in the form
of 'patches'. Running as administrator all the time completely
circumvents this scenario.
Win9x/ME didn't have this ability - everyone was admin - and is most of
the reason it is less secure on the whole than it's contemporaries.
>> Those "unauthorized changes" can be programmatic as well as by
>> physical access. A program a user runs has the privileges of that
>> user. Running a malware program from an administrator level account
>> is *much* worse than running it from a limited user account (in most
> Okay, now you sort of lost me. Are you saying that a windows update or
> a printer (if I added another) or camera software could run a malware
> program on the computer?
Yes, as these are all "programs" - and "programs" can be "trojanized" or
otherwise "infected" (as with a virus for instance). *If* you ran such a
program as a limited user, it might not have enough privileges to make
systemwide changes. Where running it from an admin account would give it
a way to 'sink its claws' in very deeply.
> I'm also a little foggy on what exactly constitutes malware.
In some cases it is very subjective - basically, it is software that
does things against your wishes - to such an extent that you would call
those actions "malicious" (MALicious softWARE). Sometimes their not
really *malicious* - and some refer to "badware" as these unwanted and
yet not actually malicious programs.
Some may not agree with my definitions for various *ware - yet I'll
wager they *all* will disagree with much of what is defined on various
"authoritative" websites - as do I.
> I thank you for your assistance thus far and would appreciate if you
> could/would explain a tad more if you have the time & inclination.
This is a security newsgroup, and computer security *still* involves
user education. Less so, now that OSes have started *enforcing* many
"best practices" to the irritation of those not familiar with operating
under them by choice. So - ask away ... and if my rather general
knowledge isn't enough, there are real experts hereabouts volunteering