Do you run as Administrator?

Discussion in 'polls' started by Gullible Jones, May 12, 2009.

?

Do you run Windows as an adminstrator?

  1. Yes.

    159 vote(s)
    76.1%
  2. No.

    50 vote(s)
    23.9%
  1. wat0114

    wat0114 Guest

    The first account created during setup should be Administrator and left alone - never to be changed to LUA. Any and all subsequent accounts created should be LUA - never to be changed to Administrator. Only once, a long time ago, did I try messing around with the admin account in XP and doing so absolutely f@#$%! the system over. There is a lot more flexibility with Pro, of course, where one can disable simple file sharing and if they know what they're doing, can created power user accounts with customized privileges on chosen directories.
     
  2. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    Those words need to be etched in stone somewhere. :thumb:
     
  3. Windchild

    Windchild Registered Member

    Joined:
    Jun 16, 2009
    Posts:
    571
    I don't think it's petty, just an unfortunate misunderstanding caused by you reading far, far too much into my statement, and then assuming my words meant something that they did not actually say. Let me explain it as best as I can. The title of this thread was a question. Posters then answered that question. I answered it like many others. When I say "No, I don't. Of course I don't." it means just that: "No, I don't. Of course I don't." It's a personal statement about what I do, given when asked about it. It doesn't say and it doesn't mean that "No, I don't, and neither should anyone else in the whole wide world." It clearly does not say "everyone should always run as LUA and there is absolutely no reason not to run as LUA". Not in the kind of English I was taught, anyway. But from this one "of course I don't" you made the rather fantastic assumption that I was somehow saying that absolutely everyone in the world should do what I do with no reason to act otherwise. I don't know if you've read my posts much in this forum, but I've been talking about LUA a lot. It would be strange if after all that talk I still did not run as LUA. Then there's also that running as LUA is clearly safer than running as admin, assuming we're just talking about the virtues of different user accounts like the subject of the thread suggests, instead of different security software configurations. So, when asked whether I run as admin, of course I will answer that "of course I don't." :) Another way to put it would have been: "After all my talk about LUA, what do you guys think? Of course I don't run as admin! :D LUA is safer, like I've always said." I even put one of my usual "what LUA can do for you" rants in my first post of this thread, to explain why I run as LUA. But, nowhere did that post say that everyone should run as LUA and there's no reason for anyone to run as admin.

    As for me being flabbergasted about someone else doing things differently from what I do, that seems to be another misunderstanding caused this time by, I don't know, maybe just not reading my post completely. That can happen, as I have a pretty tedious and long style of writing. But I'll try to explain, again. I was not flabbergasted by the fact that another poster didn't run as LUA or had a different way of doing things than I do. To be flabbergasted by that would be, well, entirely silly, considering that everyone in the security community knows most Windows users don't run as LUA and I certainly know most people don't do things like I do. If you read that post of mine, you'll see that I was actually flabbergasted about the poster considering LUA too much of a pain to use, while using so much security software that according to his own words he even has to "unblock consciously even zip files" before he can open them. In other words, I was flabbergasted that he considers LUA too much of a pain to use while he then actually chooses to use something that's arguably even more of a pain and without any room for argument a pain in any case. :D I was flabbergasted by the poster implying that LUA is more of a pain than a security software jungle where you have to "unblock" even zip files before you can use them. In my experience, there are good reasons to not run as LUA in some situations, like when you install a ton of software all the time. However, I don't think "LUA is a pain as compared to a security software config where I have to unblock even zip files to open them" is one of the good reasons, and I was flabbergasted someone else thought it was.

    Hopefully, that explains decently well what I was trying to convey in my first post.

    Oh no, it's not silly at all. XP certainly is less than perfect in regards to LUA and pretty much everything else, too. And Vista and 7 are less than perfect, too, although they do have improvements over XP when it comes to LUA, and some other things. I just don't expect perfection or even anywhere near perfection from software. I'm okay with "works well enough to be comfortable and reasonably efficient". LUA in XP already achieves that by my standards, and the standards of some other folks, too. Obviously, some have different standards and they may be unsatisfied by things that are good enough for me.

    So far, I've not seen even one case out of literally thousands where it would be somehow the fault of XP that software doesn't install properly in LUA. In every case I've seen it's always been the fault of the third party software (or very old MS software made for 9x) that was never designed to work with limited user accounts. But if you know of a different case where XP was somehow at fault, let me know. It would be interesting to say the least. Some software doesn't install, or even run properly after being installed by an admin, in any LUA, including XP, Vista, 7, and so on. That's not the fault of XP. That's the fault of said software being coded to assume it always has admin rights, that is to say, being poorly coded, or coded so that it's not quite compatible with the NT security model. This has been a huge problem - tons of poorly coded software out there that was made like it was going to run on Win 9x, completely ignoring how things are supposed to be done on NT. That's common knowledge to developers and support personnel alike. My solution to that is rather brutal but effective: I just choose not to run software that is coded like it was made for a DOS-based Windows 9x. If the devs can't follow the NT security model, who knows what other security issues their software will have.

    As I've said before, LUA isn't a magical replacement for all security software. It's simply one of the essential, very much basic security measures one can take. To recommend LUA is not to recommend surrendering any and all security software. In fact, most people should not surrender all security software on Windows whether they run LUA or not. That's rather why I have trouble with the kool-aid drinker label, considering that I simply advocate reason. LUA is quite a bit less intrusive than something like Steady State, for example. Quite a few people in the world don't want their computer refusing to stick with changes and returning to a previous state on every reboot, even only partially. For me, example, that would be utterly counterproductive and a huge waste of time. Quite like LUA isn't for everyone, neither is pretty much any security software. The good thing about LUA is that it can fit most security policies rather well and even improve the effectiveness of many security software, like the ubiquitous AV.

    Yes, well, people on the internet disagree about nearly everything. Of course tons of users interacting with completely different levels of knowledge and completely different needs will not reach a consensus easily. People should sometimes rely more on the developer's documentation than on what people in the web say. The developers might sometimes know their own software better. There's always common sense, too, if one doesn't want to RTM or considers the documentation inadequate in some way. If one wants to create a new limited user account, then the most logical way to do that is by creating a new limited user account - not changing an existing admin account into a limited user account, not creating a new admin account and doing stuff with it before changing it to a limited account, or anything else. What wat0114 posted is a pretty good general guideline, although you may sometimes face a rareish situation where you would want to create a new admin account, too. But the general rule is pretty obvious if one considers the security implications:
    1) if you want to create a new admin account, create a new admin account - don't create a limited user account and then change that to admin, as that would be just weird and inefficient
    2) if you want to create a new limited user account, create a new limited user account - don't change old admin accounts to limited accounts or anything like that, unless you really have a good reason and can deal with the issues that may follow
    3) do not change existing limited user accounts into admins, ever, not ever, unless you really, really have a good reason and are absolutely confident that the account is not infected with anything you don't want to give admin rights to.

    The idea is to keep the admin and the limited users separate.

    I'm not here to pontificate. I'm here to point out a few facts and to express my personal opinion where it makes sense to express it. My first reply to you in this thread was to correct what seemed to be misunderstandings about LUA. You were talking about least privilege and limited user accounts based on a Wikipedia article linked to by another poster. The Wikipedia article was pondering about how impossible it is to achieve perfection in least privilege and how therefore true least privilege is impossible. You then stated you do not want a situation where every single action is scrutinized as to what privilege has been granted. The problem with that is, practically no-one is trying to achieve perfection in least privilege, just something that works in practical reality, offering reasonable limitations and improving security, while allowing convenient use of the system for normal daily use. Problem is, when you use a limited user account, as I said before, your every single action is not scrutinized as to what privilege has been granted, as if there were tons of various different sets of privileges granted to various actions when you run as LUA - instead, everything you do in LUA happens with your one set of limited user privileges, except if you have the admin password and use it to elevate something to admin, in which case that will happen with admin privileges, or if you consider the few integrity levels introduced in versions later than XP as being some sort of problematic scrutiny on every action that only happens in LUA, which they're of course not. There's no massively complex, slow, intrusive scrutiny on every "action". Instead, there are simply privileges assigned to users/groups, and then a couple of integrity levels (after XP) assigned to securable objects like processes. And all of this happens when logged in as admin, too. It's a feature of the security model of the OS, not something that somehow only happens in LUA. When you're admin, it's simply that instead of LUA privileges, you have admin privileges - but the checking for those privileges is still there, and integrity levels work just the same as in LUA. Then, I spoke about how LUA does not much slow down anyone except those users who constantly do things to the system that require admin privileges, like install software system-wide, and how security software on the other hand can cause slow down even in such things as launching a browser. That's not pontification. It's just stating how stuff works. My later replies to you were more of that same.

    As I said, I wish people could be less emotional. I'm not trying to get you (meaning anyone) to surrender your security software - perish the thought. I'm not trying to call you (meaning anyone who does not run LUA) a fool for not running LUA. I'm simply trying to advocate a free but effective security measure that's included in the OS and will also help the effectiveness of many security software products. If you (anyone) don't like LUA and have other policies that fit you better, congratulations, that's good for you. There are still other people in the world that could benefit from LUA, and some of them might even read one of my posts and try it. That's my idea here.
     
    Last edited: Jan 22, 2010
  4. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    Yes you are, obviously. That is why you stated "Oh course I don't". You knew that there is no way most XP users can be comfortable in a "pure" LUA envirment. But you were counting on what happens normally... that most readers either didn't realize or didn't care to engage. Just look at your sig for geez sakes.

    I will tell you something ... You did not invent Windows or LUA. We all know what LUA is and how it can very adeptly be used as a security measure. We all know that Win7 is out and some of us are using it already. Soon, probably most of us will be. And at that time most of us will be using LUA and be comfortable with it. We don't need you to "bring us the news". Paragraph after unending paragraph. It is pontificating ... and it is kool-aid.

    On that note, out of respect for our other forum members and the moderators, I will end my participation on this matter. I just hope that perhaps some news ways of looking at LUA were brought forth by both of us.
     
  5. Windchild

    Windchild Registered Member

    Joined:
    Jun 16, 2009
    Posts:
    571
    I'm not entirely sure it's up to you to decide that. For the record, my opinion is that I'm just talking about a subject that's pretty much on topic in this thread, in a manner that's more concentrated on known (and even obvious) facts than how to make it all sound nice.

    Again with the fantastic assumptions! :D I wasn't counting on anything except perhaps my freedom to answer a question asked in an open thread. I know that most XP users don't run LUA. I also know that many users can be comfortable in LUA, in XP. I don't know about most. I don't know most people, but assuming most people don't do admin stuff all the time, there's a pretty good chance they could be comfortable in LUA, in XP. So, why should I not say that I of course don't run as admin, because LUA does good things X and Y and Z? Because you think it's kool-aid? Well, I'm afraid that's not a good enough reason for me. As for my sig for geez sakes, that's a joke, referring to an earlier discussion I had with some other nice folks on this board. So, again, you're reading far too much into things.

    Thanks, I didn't know that. But hey, you live and you learn. However, I somehow forgot the part where I claimed I invented Windows or LUA. But then again, age can make the mind forget all kinds of things. :D

    Unfortunately I missed the part in the forum rules where it says talking about LUA is pontificating kool-aid and generally looked down upon. I'm not bringing any news, I'm just engaging in discussion about pretty common computer security topics, blissfully unaware of the fact that speaking about LUA is kool-aid but speaking about third party security software is not. This security forum is full of people who know what (enter security software name here, say Sandboxie or Returnil) is and how it can be used as a security measure. And yet, people discuss said security software paragraph after unending paragraph, thread after thread, year after year, and it never ends, and in thread after thread such security software is recommended as a solution for this problem and that. And they don't get told by you that what they're doing is pontificating kool-aid. Perhaps there's a slight bias here.

    Probably not, considering that the topic of LUA as well as pretty much any current security measure has been talked nearly to death already all over the web. But I will say that the part where you brought up the theoretical obstacles and limitations to achieving perfect least privilege, as if Windows limited user accounts were even attempting perfect least privilege, was slightly novel - you don't often hear that being used as an argument against LUA. :D
     
    Last edited: Jan 22, 2010
  6. captainron

    captainron Registered Member

    Joined:
    Oct 22, 2009
    Posts:
    77
    fruitful discussion for me and here is how. I really liked how I had everything setup, had no background programs, my 3 year old XP Pro installation was running as if I installed it yesterday.

    It probably was secure but not as much as I thought after reading tlu's post that you linked
    https://www.wilderssecurity.com/showpost.php?p=1201866&postcount=146

    tlu says "But there is one disadvantage: Since your limited account used to be your old admin account there are still some unwanted remnants: If you check your permissions with the tool AccessEnum you will find that your limited account has write permission to at least some subfolders in c:\Windows and c:\Program Files - that's dangerous and contradicts the purpose of a LUA approach!"

    After reading this post I ran AccessEnum. Since my LUA was initially admin account, my LUA had write access to approx 50% of the subdirectories in C:/ and Program Files directories. Apparently when I previously tested this I didn't test writing in any of those sub directories.

    To make the story longer, since I keep everything I need backed up I deleted this account and created a new LUA. I initially installed my ethernet adapter in the LUA I deleted and had internet problems so I said screw it since it was a 3-4 year old XP pro install anyways. The story gets even longer because after reformatting I didn't want to connect to the internet because my XP Pro disk is so old it has IE6 on it but I won't even go into that topic.

    Tweaking an account to your liking then switching it to LUA has always been the convenient way for me. I still think the LUA with SRP I had was pretty secure since I actually tried infecting it before with some .exe's and .mov's and other crap from limewire and none of it could execute. However, it doesn't appear as solid that way as I thought since LUA could write to C & prog files. I will try it the old school way since its more secure and hope it doesn't annoy me too much not being able to change anything, if not I guess its time for Win7.
     
  7. YanK33

    YanK33 Registered Member

    Joined:
    Jan 30, 2010
    Posts:
    195
    of course unless your not the owner of the machine why you should take away your magical powers?
     
  8. tlu

    tlu Guest

    No. Setting up a LUA account is actually rather easy. Let me explain: At the time when I started that thread you mentioned I was one of perhaps a handful of posters here on Wilders promoting a LUA approach. The other 99.9% were permanently shouting "HIPS, HIPS, hurray!". If I wanted to convince these people I had to make it as easy as possible. So I decided to present an approach that converted an existing admin account into a limited account. The big advantage: Under the limited account you would have full access to all your documents and settings like before as the c:\Documents and Settings\<user> folder and the HKCU registry branch remained the same. If I had chosen the alternative approach (creating a NEW limited account) I'm sure that most readers would have complained that they couldn't see their Word and Excel files any more, lost all their emails and settings, etc. - in other words: They would have given up after 5 minutes.

    That's why I chose the other approach, tried to make my "followers" get used to the LUA approach and fixed its flaws in that second posting above when I was reasonably sure that people could manage these steps.

    One can argue if that was the right way, and I'm not sure if I would do it the same way again considering that the LUA approach has gained much more acceptance here since then. But at that time it was an attempt to not make people surrender just at the beginning. And I do have the impression that that thread contributed to that change of mind.
     
  9. guest

    guest Guest

    WOW, so many big walls of text on this thread!

    As for me, I run my Win7 Ultimate x86 as default Administrator, with UAC customized to "Notify me only when programs try to make changes to my computer (do not dim my desktop)".

    Some reasons:
    - I'm the only user of this encrypted notebook, which remains locked for the most time. If other person happens to need to use this notebook, he/she can do it using the Guest account, which I maintain activated.
    - I maintain everything updated and secured, I never install unknown things and I never click on suspicious links.
     
  10. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    On my W7 64 bit NO,is the answer as it offers selective admin powers by application.

    On my xp sp3 YES is the answer for the usual reasons.
     
  11. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    I will offer that more likely LUA is gathering more acceptance with the additional OS versions Vista, and Win7. And then on top of that "even Tlu endorses it". ;) Very respectfully, the type of manipulation you speak of is not appreciated by this reader, but seems to be typical of a procedure as it takes on cult like status. The post was made in 2008, and as you say - there was reluctance. XP came out in 2002. There are some pretty savvy computer users here. What took so long? If it really was the end-all-be-all in computer security? As you and others adopt a path of explanation that has as its' core just the gathering of new followers, and reasons that it is ok to leave out the particulars - for their own good. Then when someone like me comes along and says "Hey, what about this? What about that?", they are blasted for going against a "fundamental" axiom of computer security. And as you have just stated Tlu, it is all built on a house of cards - as I have already stated. Keep in mind - speaking XP only.
     
  12. tlu

    tlu Guest

    A couple of reasons:
    1. People were still used to Win 9x. There was no limited user, and most people have a hard time to change their attitudes.
    2. In the first years of Win NT/2000/XP many programmers were unwilling to make their software LUA-compatible. Partly due to their laziness, partly due to the fact that Microsoft didn't force them to do so (for the sake of maintaining backward compatibility). If a limited account would have been set up by default during installation the situation surely would have been different.
    3. People tend to fall for marketing hype. They have a premonition that they have a security problem and are confronted with an all-in-one "solution" for just a few bucks. How nice! Just install an additional software and all your problems are gone :D

    I beg your pardon: Where did I state that "it is all built on a house of cards"? English is not my native language but it should have been clear enough that that posting you're talking about was only referring to fixing problems coming from a special way to implement LUA as easily as possible. It doesn't apply to a situation where you create a new limited account - I think that's very obvious.

    I must say you have an odd way of putting words into somebody's mouth.
     
  13. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    Fair enough. The backpedaling here with this is obvious. So now, making all your settings as Admin and then changing it to Limited is a "Special Way" of setting things up? I wonder if all of those that set LUA up that way realize that? I Always thought that was the "Standard Way" - I think many others do also. Let me ask; Do you currently advise "Oh yes, run LUA - in all cases". Or do you state "Set up an account as LUA and never have it become Admin, and it never had been Admin in the past. If you do it the standard way, you will have to follow the steps here; in post 146. https://www.wilderssecurity.com/showpost.php?p=1201866&postcount=146 Also if you do need to change anything, you need Surun. A non-microsoft product."

    Odd way of putting words in peoples mouths? It is the totality of your and others words. Currently the given advice is - "Yes, everyone should run LUA - there is no reason not too. It is easy. Microsoft reccomends it. And most importantly, it has become a fundamental componant of computer security".

    That very statement contains and is based on inaccuracies and manipulation. Because [this is the part on your very words] - if told the TRUTH on what they were getting into - most people would have given up in five minutes. There never would have been the cult push on XP users. It never would have become a fundamental axiom of computer security. People would have seen that it is not easy. And Microsoft would have created OS versions that did handle LUA correctly, which they could then reccomend. Which is in fact what did happen, with Microsoft.

    Now, when someone comes up and exposes this "truth" - they are putting words in your mouth?
     
  14. tlu

    tlu Guest

    Sigh. You don't get it, do you? Yes, LUA is indeed easy. Virtually all newer applications are LUA compatible. In everyday usage it doesn't cause any problems. And yes, LUA increases your security significantly particularly if combined with SRP.

    Because I was talking about a situation where most people were used to their HIPS + AVs, were used to clicking numerous pop-ups and false warnings or were discussing in various threads how to make these apps less talkative. But they didn't know about such basics like that every account has its own Documents and Settings folder and its own HKCU registry branch, and they didn't know anything about file/folder permissions. Not that this subject is more difficult than configuring a HIPS - but it's unfamiliar for someone used to simply click umpteen of buttons. I wanted to avoid these initial difficulties because they required a, well, new way of thinking. As I already said, I'm not sure if I'd present that subject again in the same way but that's how I saw it at that time.

    The important thing is that most what I said in https://www.wilderssecurity.com/showpost.php?p=1201866&postcount=146 is not relevant if you create a new limited account preferably just after installing Windows XP - that's the best and "cleanest" way how to do it. Then install your apps, and you won't run into any problems (unless you're using apps several years old). If you want to setup LUA on an existing system, on which you've used your admin account for years, it's a little bit more tricky. But you have to do it just once, and from then on it works till eternity. And regarding SuRun: It makes LUA on Win XP definitely easier and more comfortable but it's not a must. You don't need it at all in Vista/Win7 because of UAC.

    That's my last comment for you since I trust that you don't remove your blinders. And besides, I've been working as a limited user only since Windows NT - this experience doesn't count compared to yours, of course. Who am I to debate with you?
     
  15. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    You don't have to "sigh" me - it is you that doesn't "get it". I see nothing wrong with stating "It is the best practice to run LUA. However, if you are using XP, Microsoft had not at that time perfected the approach and they proceded to improve it with Vista, and more with Win7. If you are on XP, it will have to be your choice. Run LUA or cover yourself with other means. If you do decide to run LUA with XP - here are some things you need to know ..." But guess what - I NEVER EVER hear that.

    This is a prime example of one of your moonies completely disrupting a thread with what has become "the unargueable politically correct".
    https://www.wilderssecurity.com/showthread.php?t=263809 Look how hard WarWagon worked to bring us all new insight on new ideas. Look at how the thread is hijacked with the LUA "news". I could show hundreds of examples. It is a cult.
     
  16. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    Also while I am at it; you really should amend this to "fixed one of the flaws that I knew about". The fact is that no one, not you, not me, and no one here knows with complete certainty the totality of the potential problems with LUA and XP. The OS was not designed to be run in LUA. Sure it can be, and maybe the user is more protected - maybe he thinks he is when he is in fact not. For me, XP in Admin is just too good to give back. There are other means of getting the protection needed for computer use.
     
  17. captainron

    captainron Registered Member

    Joined:
    Oct 22, 2009
    Posts:
    77
    not sure I consider the thread you linked 'LUA worshiping', or why windows wasn't meant to be ran as an LUA when basically every company/University uses XP Pro was LUA with SRP without problems.

    You seem to have weighed the pro's & cons of running a LUA and chosen admin. I'm sure you've done your homework and nothing wrong with running as admin, as you said you prefer running as admin since you have other "means of getting the protection needed for computer use." These means will have downfalls too and is why I said on my first post that running as admin or LUA is a tradeoff and depends on user preference.
     
  18. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    Yes but in that situation, the users are not the owners of the computer. There wouldn't be any 'problems', I never said that XP wouldn't even run as LUA.

    You've been fair and level minded.
     
  19. guest

    guest Guest

    Really, what strong protection are you thinking you will get using LUA?

    Let me show you the reality:

    1. Some malwares like keyloggers don't need administrative privileges to work, be it in XP, in Vista or in 7. In fact, the best and most hidden methods/APIs to log keystrokes (the ones few HIPS are able to detect) don't need administrative privileges in any Windows;

    2. Complex malwares exploit privilege escalation vulnerabilities in the host OS, so they will infect you and it doesn't matter if you are admin or not. Even the Guest account is considered a vector vulnerable to malwares that exploit these vulnerabilities - and several of them are unpatched in XP. Win Vista and 7 are less vulnerable, but they still have this kind of bugs.
     
  20. Windchild

    Windchild Registered Member

    Joined:
    Jun 16, 2009
    Posts:
    571
    I see this thread hasn't changed much.

    As to the claims that XP was not designed to be run as LUA, that's simply a lie at worst and a complete misunderstanding at best. LUA has been a feature of NT for ages. NT was designed from the ground up to be a secure operating system - you know, one that allows for access control on objects and allows for user accounts that don't have absolute full control over the system. Is LUA perfect in XP? No. Is it perfect in Vista or 7? No. Is it better in Vista and 7, sure, somewhat. Are XP, Vista and 7 all comfortably usable when it comes to LUA? Yes, unless you're stuck with programs designed for DOS or can't survive making a couple one-time hacks to some settings if they bother you (like the Date and Time applet issue) or simply do things that absolutely require an account with superuser privileges - if you install stuff all the time, configure hardware and do only admin tasks, it's not like you're even supposed to be LUA (there's a reason the admin accounts exist, and the reason isn't so no-one could ever use them). Are there many people running comfortably in LUA in XP, even perfectly regular people who know little about computers? Yes. Are there some who hate LUA with such a passion that the very word causes them to curse? Sure, but those folks are really not the target audience when people recommend LUA.

    The "debate" on this leads nowhere, as has been well demonstrated in previous posts. But that won't stop me from fighting the windmills as ever. :D

    Yes for the first question, no for the second.

    Changing accounts around has always been a "special" way of doing things. The normal way has always been that if you want a limited user account and don't have one yet, then you create a new account. You don't change old accounts, unless you want to a) keep the settings and b) get the ownership issues. This is actually fairly obvious, assuming you know about file permissions, considering that the OS isn't a magical mind-reader. If you change an existing admin account into a LUA, how could the operating system possibly know that you don't want this existing account to keep its ownership over whatever objects the account has become the owner of in previous use? From the perspective of the OS, if you did not want the ownership kept, then you would obviously be changing the ownership manually or creating a new account.

    But no, obviously not everyone realizes this. There are always people who fail to realize various things. At some point in our lives, we all will fail at least once to realize something. Often it's because we're working in unfamiliar territory, like computer security, and then fail to do enough of Reading The Manual or as an alternative do too much of listening to people who don't really know any more about the subject than we do and give bad or incomplete advice. But we live and learn, as I said previously in jest. Those that don't realize changing accounts around can cause some issues may learn that later. Hopefully, though, annoying LUA advocates such as myself would be able to tell them about those issues before they run into them, and save them from that particular trouble.

    Funny, because I hear it all the time. Perhaps you're just very unlucky, or just don't like hearing stuff like that and turn a blind eye to it, in lack of a better word. I can't even begin to count the times when I've remarked on some well-known issues with LUA, on XP, yes, but on other versions as well. I've ranted endlessly about incompatible software and what one could do about them, I've ranted about file permissions and ownership, changing existing accounts to LUA and issues that will cause, and I've spread around the well-known hacks and solutions to issues with the Date and Time applet and Power Management options and not having the Security tab in file/folder properties in Home versions. I've ranted about some OEMs messing up the file permissions and in so doing robbing LUA of many of its security benefits. I've ranted about LUA not preventing the execution of malware on Windows or on any other modern general purpose OS. I've ranted about how XP is ancient in software years and newer versions do LUA even better. And I'm nowhere near the only one, nor the first in any way. If you really have never heard LUA advocates telling people about issues they might run into with LUA and LUA on XP in particular, then you've either been very unlucky or very reluctant to listen.

    "moonies", "cult", "kool aid", "pontificating"... Well now, isn't that some friendly, rational discussion concentrating on fact instead of ad hominem attacks against others.

    Let's look at WarWagon's thread rationally, since you asked. "New insight on new ideas"? What new ideas are those? The idea that you can get hit by drive-by exploits without doing anything except browsing a web site? The idea that you can make videos about testing such exploit sites with different configurations, like on a patched system as compared to an unpatched one? None of this is new in any way and has been all done before a million times, just like the eternal don't be root/admin discussions. What WarWagon did, and did well, is make some nice videos with good image and sound quality. His was a very nice thread in my opinion, with very nice videos for people who haven't seen drive-by exploits in action yet. So, he'd get a thumbs up from me on that. However, there's nothing particularly new about any of it, and I doubt WarWagon himself would disagree, considering his experience with working with malware. More accurately, it's about as new as Windows XP, or the discussions on LUA on Windows that have gotten more common but haven't gotten much new material. Now that we got the "new ideas" out of the way, let's consider the thread hijack by the "LUA cult". I find nothing disruptive about the LUA comments in that thread. It seems that you're just particularly sensitive to people talking about LUA, and highly inclined to consider people who speak about it "moonies", and "cultists." Somehow, you don't seem to extend that courtesy to people who perform in exactly the same way in millions of threads, but instead of LUA advocating some commercial security software. Or if you do, I sure haven't seen you do it, although there's been ample opportunity. Listen, we get it that you don't like LUA on XP. No-one will force you to run as LUA. You can run as admin all you want, and you have valid reasons to do it, so go ahead and continue since it works well for you. That's how it's supposed to be: you find out what works for you and do it. So don't worry. We evil LUA advocates are not out to get you, or steal your security software. You're naturally free to disagree with us, but one might hope disagreements could be handled without too many unjustified insults.

    But that's that. Security should be about calm and rational consideration, not emotional response. If you don't like something, that doesn't mean you need to call people who advocate it cultists and moonies, especially when you've got practically nothing to make such name-calling seem even remotely deserved and justified. Sure, people may get upset when someone points out they're wrong about something (like the claim that ownership isn't done correctly on the permissions on Windows XP LUA, which is of course a simple misunderstanding caused by not understanding how ownership and permissions work) but that's really no reason to break out the nasty words. People don't usually mean harm when they point out some facts. It's sad that these discussions usually spiral out of hand because people can't stay calm and stick with the facts.


    A lot. For example, the kind of protection that stops an unwise but otherwise benign user from accidentally deleting system files - and this same applies to installed software that may attempt stupid things due to bugs. Another example would be the kind of protection that breaks most of current malware due to it being poorly coded and prevents almost all of the rest from infecting the entire system because they haven't found or couldn't be bothered with privilege escalation. Yet another example would be the kind of protection that prevents other users on the system from seeing all your files and gaining full control over them just by opening Windows Explorer and pointing it at your My Documents folder. Considering this is free, it's pretty nice.

    Sure. LUA is not an anti-malware. If someone claims it is, they're wrong. LUA doesn't detect or remove malicious software. LUA does offer various levels of protection against a lot of malware, but that's mostly because some malware wasn't made with the expectation it would run in LUA and because some other malware that was made for LUA can't infect the entire system when run in LUA because the malware hasn't been able to successfully exploit any possible privilege escalation vulnerability. But in any case, LUA is a way to protect the system and other user accounts from compromise. If the human user using that LUA executes malicious software in his account, then his account can be compromised. LUA will not stop that, if the malware that's executed is the right kind. So, like with everything, you need to use a combination of measures. You could use LUA with Common Sense 2010, or you could use LUA with some AV Security Suite, or some HIPS, or some sandboxing software, or AppLocker, or whatever. Many security software like AVs actually gain effectiveness when the user is LUA, since malware can't so easily kill the AVs anymore and also can't throw around kernel rootkits to hide itself from them. Nothing is The One Be-all and End-all of security. Multiple measures are typically employed, or should be, to achieve a reasonable level of security. This whole "malware can run in LUA" isn't new in any way. It's old as Unix, actually.

    Sure, there can be privilege escalation attacks. Security bugs are a fact of life. And not only with operating systems, but security software as well. Who knows how many exploitable bugs our chosen AV or HIPS has? How many would be found, if all the gazillion people looking for vulnerabilities in Windows would turn their eyes towards said security software?

    But about those complex malwares... to put things in perspective, why don't we make a list of, say, three different complex malwares that exploit privilege escalation vulnerabilities that were unpatched at the time the malware was first found in the wild or even released as a first buggy proof-of-concept. Any takers? My point being, complex malware isn't exactly common. :D Even the most outrageous rootkits typically use a very boring dropper that requires admin privileges to load the rootkit and doesn't attempt any kind of privilege escalation attack.

    So, what strong protection do we get from LUA here? Well, only that about let's say 99 % of all malware in the wild does not attempt to exploit unpatched or unknown privilege escalation vulnerabilities, and that means that LUA will prevent such malware from infecting the entire system. That sounds pretty nice, too.
     
    Last edited: Feb 2, 2010
  21. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    Well least not forget, I was called 'silly' first. And 'sighed' at later. You know, when I 'just didn't get it'. Why is the current poll hovering at 75% Admin? Oh, I know, it is because it just hasn't been explained well enough (hard to fathom that one) - or they cling to their beloved security programs - or they insist on being 'Masters of their Domains'.
     
  22. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    BS. The absolute first thing you have to do on an XP install is create an Administrator account, even though a hidden Administrator account named Administrator already exists. You would have to already somehow 'know' that you need to create a LUA account. Now I think most people that have an intention of letting other people use the computer would have enough knowledge to create limited accounts for them. But how many of them would think that Microsofts intention is for you to create that first Admin account, and then go ahead and create a LUA account for yourself - and just leave that first created Admin account lay dormant I guess ... forever. Ok, so you need that first account for settings and such ... so then what is the hidden Administrator account for? It is designed for the owner to be the Administrator, that's why. If you want to be LUA on top of that - that is a user choice.

    As for moonies and cultists - show me one post anywhere on this web prior to this thread where you specifically have stated that it is best to create a pure LUA and leave it that way - never to be Admin. No, you and the ilk are satisfied with having them create Admin accounts and switching to LUA just to get them on board. It was Tlu that first referred to his 'followers'. Not me.
     
  23. Windchild

    Windchild Registered Member

    Joined:
    Jun 16, 2009
    Posts:
    571
    No, you, the person using the alias HungJuri, weren't called "silly." What was called silly was something you said, something that, it just so happens, was in fact silly as in nonsensical. I can quote myself: "Now this is just silly. LUA doesn't somehow 'become admin sooner or later'. Not if you use the account reasonably, anyway." I'm speaking of an incorrect claim and pointing out that it is just silly; I'm not speaking about a person, you, and telling you that you are silly. English-speaking people can easily tell that just by reading what I said. If there are doubts about this, there's always the option of just going back in the thread to read what was said, post by post. Any of it can be quoted freely to solve such doubts. And it was discussed before. Please don't take this stuff so personally. We're talking about software and ideas here, not people. If I point out something is incorrect or silly, I don't do it to be a pain, only to tell the truth. As for Tlu's sighing, that happened after the kool aid and cult stuff, and I can't blame Tlu for sighing, considering how discussions in this thread had gone up to that point. :D

    As for why the current poll is hovering at 75 % admin, it's because of multiple reasons, but mostly because admin is the default and that's what people are used to and what many programs were made to assume. Other reasons are pretty much as obvious: some people have found comfortable setups and don't feel need to change them in any way including LUA or new security software, some others are like Sully who does so much stuff that really absolutely always requires admin rights that being LUA would be far too uncomfortable and inefficient for him, while some others simply dislike the idea of not having "full control" over the system at all times (yes, in this forum there have been discussions where some have admitted that they are exactly like this), and others still don't really care or understand the concept (when people say things like "I'm the only one who uses the computer, so of course I'm admin" that's a good sign that they might not necessarily understand what LUA is about). Some of these people who run as admin now could benefit from LUA, but some of them would not. Polls like this really tell nothing much of how comfortable LUA is in a given OS or how many issues running LUA may cause. Why? Because people obviously have tons of reasons for being admin beyond the simple "I tried LUA and found LUA is too buggy and/or uncomfortable". In fact, most home users who run as admin have never even tried running LUA, haven't even really heard of it, and wouldn't know whether it's buggy or uncomfortable or not. And ironically, if we compare how many XP users run as LUA and how many Windows 7 users do, considering all the improvements in 7, we may actually find that the difference isn't what one might perhaps expect, and some users of 7 are actually less inclined to run as LUA in 7 than they were in XP, since they believe UAC already does it for them - and UAC isn't present in XP. I've seen that happen even in some businesses.

    If you think what I said was BS, then show some proof of it. You know, factual stuff. Show me proof that 1) LUA hasn't been a feature of NT for ages and 2) NT was not designed from the ground up to be a secure operating system with different user accounts of different level of privilege in the system and 3) XP was not designed to be run as LUA. Because, what you just said isn't proof of that. You spoke of what happens during the install by default. You didn't bother to address what documentation says about creating limited user accounts, or that all the technology to create and use LUA is already present after XP is installed normally. All you need to do is create a new account, and go. XP was designed for that. But, we need to understand what the word "designed" means, and it looks like you don't, or you got "designed" confused with "defaults to". In simplified terms, "designed to do X" means something was intentionally built-in to the software to be used or function in a certain way, and this built-in feature can either be working automatically with no way to turn it off or it may be something the user can control. (And yes, I realize I sound like an idiot trying to explain what "designed" means in software, but what else can I do?) Default settings are a design choice as well, but default settings don't mean that anything that isn't the default was somehow not designed to be used. By the kind of unlogic that says that "XP was not designed to be run as LUA because LUA is not the default and because there are multiple admin accounts created" we could just as well claim that "since XP doesn't show file extensions by default it clearly means XP was not designed to show file extensions". Simply absurd. Both are users' choice: users can run as LUA and show file extensions, or they can go with the default and run as admin and not show file extensions. But the fact of the matter is that XP (NT) is designed to do all of this: it is designed so you can run as admin or you can run as LUA, your choice, and it is designed so you can show file extensions or not show them, your choice. Discussion is hopeless if people can't agree on obvious facts like this. When I say "XP was designed to be run as LUA", it means just what it says: LUA was designed into XP intentionally, and it's there to be used. It does not mean that Microsoft forced everyone to always be LUA, or that they should. But something tells me explaining this stuff is not going to work. Maybe it's my english.

    But let's think about things a little, since you don't seem to be familiar with NT's history (and who can blame you, it's not like most Windows users are). Why is there the default, "hidden" Administrator account, when the user is made to create a new admin account during the installation? Well, obviously there always has to be at least one admin account - or you can't administer the system very well. If something, for some reason, happens to the admin account the user created for himself during the installation - something like a badly corrupted user profile - it might be a good thing that there's another admin account on the system that hasn't gotten messed up in use. That's one argument in support of the hidden admin account. In Windows 7, some rather experienced folks had some trouble when they did not know that the hidden Administrator account has actually been disabled by default, and they created their usual personal admin account during the install and then did what was not supposed to be done and demoted it to a limited user - in the progress securing themselves out of their own system by removing the only active admin account on the system. But of course, these "personal" admin accounts created during the install are also created simply because people want to be able to customize things. Hands up everyone here who only uses user accounts that are named "Administrator" or "Limited User". Yeah, not me. I'll rather use a more personal feeling, familiar name, like a nickname.

    I find "followers" to be rather different from "cultists." But maybe it's just me.

    As for posts where I've stated you should create a new limited user account (I'm not sure what a "pure LUA" would be, so I can't comment on that) and never make it admin, I think it's pretty bold of you to expect I'd actually bother to look stuff up for you after all the cherry-picking and misquotation that has been done in this thread. :D But hey, since I'm just such a nice guy, I'll show you your one post right now, and then refuse to hold my breath until you figure out how to make it look like it doesn't really say that it's best to create a new LUA and never make it admin. :D Here we go, sir! Bold emphasis mine, of course.

    Link to original post: https://www.wilderssecurity.com/showpost.php?p=1507331&postcount=14

    That was, by the way, about half a year ago, so you can't really say I only started doing that after you showed me in this thread. ;)

    Thank you, and good night. :D
     
  24. ProrokX

    ProrokX Registered Member

    Joined:
    May 8, 2009
    Posts:
    60
    + 1 for Admin :)
     
  25. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    You don't have to hold your breath - I see it - point taken. But that is a first for me, so you are the 'one' that seems to know what he is talking about. Congratulations. But it doesn't change the fact that running XP in a LUA is a user choice - that is all it can ever be. It is not a fundamental axiom of computer security, it is not necessarily so that it needs to be emphasized more, and it is not an "of course" answer.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.