How light can you go?

Here's a kicker...under Opera 10 beta UAC Virtualization is enabled by default both within Vista and Windows 7 while Firefox is disabled. The problem is getting use to Opera since I'm a Firefox dude.

Thought I'd pass that along.

Later....

 

Huh? Is that really you, Sully?

The logic of a LUA/SRP combo is well explained here and here. While a limited account alone provides a high level of security, a limited user is still able to start, e.g., an executable mail attachment that might tamper with his precious user data or manipulate some autostart entries since user-mode malware that doesn't require admin rights definitely exists. SRP stops that malware cold. I'm happy that PGS makes it easy to implement SRP for Home edition users.

 

Yeah lol. You know, I do ask that question. What does it give them? We know what it can do, but for 'average joe', is it going to be thier cup of tea? I set it up on many, and they don't mind it. But that is different from them actually setting it up and furhter deciding what really needs to be allowed or restricted, depending whether they are admin or lua.

The same thing has been talked about over and over and over. Advanced users can do many different methods of security, from easy to complicated. I don't worry about them, but the peeps I know who really need something, but either don't want to know, or do not yet know enough to implement much. Such a stagnant situation I wonder if there will ever be a rememdy. But it is those who I support, and frankly it sickens me that it could be so easy to tighten things up if everyone knew a baseline of how things work.

Sul.

 

Not in the SRP strategy suggested in the links in my previous post (with the exception of new paths rules if apps aren't installed in c:\Program Files). That's the beauty of that approach - you set it up once and it works forever.

In my experience, the step to a limited account is the most difficult one for most people. They have to understand the LUA logic, they have to understand how to overcome the problems when they try to install software or want to change system settings. SuRun makes a lot easier, but it still takes some time to get a "feeling" for LUA. Once that is achieved adding SRP in the proposed form is usually not really a problem although one surely needs a tutorial for its implementation.

 

Another top-notch thread by Kees.
I always read your thread, because I learn a lot from it.
Thanks!

P.S. SRP in Vista Home is really making me want to try it. I'll PM Sully in the near future.

 

It is a great tool, add Norton's UAC project (freeware) to it and you have LUA/SRP in place. Tlu has posted some excellent threads on SRP/LUA. I would fenitely have a go at using Vista''s FW tqo qay (also outbound). The easiest way to do is by first installing teh freeby Vista FireWall Control. Write down all the programs requiring outbound permission, then implement Vista's FW two way with Stem's posted (mentioned earlier, a clear and excellent thread).

Regards

 

Thanks for the information!
I guess I need a dictionary to do so...

 

Sorry for all the typos

 

No No.
I meant, I need a dictionary to find out what Tlu's thread is saying.
I took a glance at it, and I have no idea where to start from.
I really wanted to try out LUA+SRP combo, but I don't have the confidence to do it.
Maybe you can help me later?

 

@Gaeko

Here is a sticky, note the 3 links at the bottom. You should look at them for further understanding of what Tlu refers to.

https://www.wilderssecurity.com/showthread.php?t=137918

It is not what one would call 'light reading', but it is a wealth of information on LUA/SRP.

Sul.

 

@ Sully
Hi!
Thanks! I'll take a look at it.

 

See https://www.wilderssecurity.com/showpost.php?p=1509181&postcount=2