I’ve set up a new community web site at http://nonadmin.editme.com. It’s a place where anyone can share their experiences with running as a non-administrator in Windows – the good (tips, tools, and help for using a limited-user account), the bad (programs that won’t even install, let alone run, unless you’re administrator), and the ugly (workarounds and kludges). Here’s my quick attempt at a FAQ:
Why should you care?
Because running as administrator (which is unfortunately the Windows default) can be a serious security hole. If you use a limited-user account instead you’ll really reduce your computer’s “attack surface”. And if you set up your parents’ PC that way, you’ll really reduce your tech-support visits too!
Why bother bookmarking a new site?
Because while there’s lots of great information on the net about how to run as a non-administrator, there’s no single site that puts it all into one easy-to-find place.
Why is it a community site?
Because I’m lazy, and because other people are much smarter at this security stuff than I am! I can’t keep track of all the neat work going on in the community, but I do want to learn about it from the experts. If anyone can add their expertise and experience, we all benefit. A good example of another community site is the Windows Update Services wiki.
What’s already there?
I’ve added content and pointers from several bloggers, including Aaron Margosis, Brad Wilson, Eric Jarvi, Eugene Siu, G. Andrew Duthie, Jenni Merrifield, John Howard, Keith Brown, and Mike Smith-Lonergan. Please add more!
What about developers?
Don’t worry, there’s a section just for you. Learning to write applications that Just Work under a non-administrator account is already a requirement for getting a Windows logo, and it’s going to be even more important under Longhorn.
What’s all this talk about a wiki?
Shhhh… you weren’t supposed to notice! The folks at http://www.editme.com have done a great job at putting a user-friendly front-end on top of their wiki software, including a WYSIWYG editing control. If that is too much for you, you can just leave blog-style comments. Different strokes for different folks.
Didn’t Robert Scoble already blog this?
Yup – I sent out a “sneak peek” email last night, and he blogged it within 45 minutes! I had been planning to get more input from the experts over the weekend before announcing the site next Monday, but now that the secret’s out…