Sometimes, I wonder and worry about the vast majority of Windows users that run with administrative privileges. Most of them probably do this blindly because it is the default auto-login for Windows XP and do not know any better. This tells a lot about the power of having secure defaults...
However, such unnecessary privilege comes at a great price: spyware / malware / virus / trojan / worm freely misuse such privileges to infect and proliferate. And in knee-jerk response, a whole security industry dedicated to corraling these miscreants spring up and some even enter the Microsoft product line and Windows Update.
But, no one seems to be tackling the fundament security problem:
As I had discussed earlier, the effective computer system security is simply the weakest link amongst Software, Configuration, and Policy. Simply focusing on using Software to compensate for a lack of secure computing practices (Policy) does not improve security. I mean, we can come up with perfectly written Software with no bugs nor security vulnerabilities and Configure the system securely yet functionally, but if the user runs as administrator because "things work better" or blindly follow instructions to get themselves rooted, all the effort is for nothing. This is why I think that such actions do wonders for PR and user perspection (and sometimes, changing perceptions is "the goal"), but it really does not raise the bar.
I do not know about you, but I like making real progress, not perceived progress. So, I am going to show one approach that I use to not run as administrator to safely compute on Windows - both at home and work.
I mean, I really hate personal security software from McAfee, Symnatec, etc because they assume how you want to work (so many people fail to install IIS on Windows XP due to these software packages "breaking" IIS in subtle ways to prevent installation/functionality), and they do not do much more than common sense... so I consider them unnecessary bloatware that gets in my way. Yes, I do not run security software on all of my machines; no virus scan, no email scanner, nada. I just run as normal User with Windows Firewall sealing off all ports and common sense against social engineering. :-)
No, I am not going to wait for Windows Vista, LUA, and various other security advancements to help run as non-administrator and secure my computing environment... not when I can do it all right now from Windows 2000 on up.
What I do is basically:
That is it. It is functionally similar to how LUA will work in Windows Vista, except with GUI dialog boxes instead of console commands. And this is how I create the desktop shortcut to launch my special "root" console window (I actually just copy the same shortcut on all my machines to %ALLUSERSPROFILE%\Desktop):
%windir% \system32\runas.exe /u:%COMPUTERNAME%\root "cmd /T:3E /k @title root && start /min %windir%\system32\taskmgr.exe"
Enter the password for %COMPUTERNAME%\root:
Now, what are some of the "inconveniences" that I incur by doing this? Well:
Overall, I find that the "inconveniences" happen very rarely in my day-to-day activities. You rarely install programs, patch, reconfigure networking, stop/start services, and change system date/time and file ACLs on a daily basis... so it makes sense to not run with administrative privileges
Now, I know that there are cases where you may want to run a program but that program only works when run as administrator... such as games or other older software... but I tend to leave them alone. The way I think about it, until the users revolt with their pocket books, application providers have ZERO incentive to fix/improve their code. So, I do not buy such software and if I do, I bug the heck out of their support staff and complain that their product is insecure because it requires me to run with administrative privileges. Hey, some have listened and changed. :-)
Well, I know that this does not solve all your problems on Windows, but hopefully it can help you solve a good chunk of your security concerns. I am interested in hearing some of your stories regarding this topic...