Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Users Ignoring LUA Security

Posted by timothy on from the until-it's-easy-it's-hard dept.

blankify writes "eWeek is running a story about the least-privilege, no-admin option available in Windows (2000/XP/2003) that has been mostly ignored by end users. From the article: '"To the average user, the notion of non-admin is abstract and obscure," said Michael Howard, a senior security program manager in Microsoft Corp.'s security business and technology unit. "Most users just don't know they can set up least-privilege accounts in Windows today, and that's just a sad reality."'"

6 of 522 comments (clear)

  1. doh by Anonymous Coward · · Score: 5, Informative

    most likely because this option breaks most applications

    1. Re:doh by blackpaw · · Score: 5, Informative

      You can start a Administrator cmd prompt in windows without logging off:

      runas /profile /user:Administrator cmd.exe

      Or any other program can be launched.

  2. Cluelessness at Microsoft by ts0003 · · Score: 5, Informative

    There's a reason why most people don't use it. Microsoft's implementation is flawed to say the least. When a user sets themselves up this way and then installs programs as an Administrator, they find that they can't run the programs completely or correctly as the lower privilege user. Some of this is due to Windows application programmers doing boneheaded things. Much of it has to do with the programming practices Microsoft has fostered - like writing to global registry keys in the Windows 95 and 98 days. Contrast this will Apple which has gotten the APIs right, put out tutorials on how to do this and most importantly made the whole process of installing as Administrator but running as a User as painless as possible.

  3. Non-admin Wiki! by sandstorming · · Score: 5, Informative

    Everything you need to know http://nonadmin.editme.com/

    --
    http://www.sandstorming.com
  4. Reminds me of Red Hat... by Mister+Impressive · · Score: 5, Informative

    ... I'm a true blue Windows user, but I've tried linux. Red Hat 8, to be specific. I remember the FIRST thing it told when I logged in as root, was to create a new non-power account. It even showed me how to. Whenever I wanted to change/install something, a nice prompty would come up asking for my password to give it the proper priviliges.

    M$ should learn from this, and their little article there, that instead of the stupid tour that appears when you first login after a fresh install, there should be a message alerting the user to create a new account.

    --
    Let the commencement BEGINULATE!
  5. Re:Tell that to the developers by value_added · · Score: 5, Informative
    Hell, tell that to Microsoft.

    Certain Programs Do Not Work Correctly If You Log On Using a Limited User Account

    Microsoft Flight Simulator 98
    Microsoft Flight Simulator 2000
    Microsoft Flight Simulator 2002 Professional
    Microsoft Flight Simulator 2004 Century of Flight
    Microsoft Train Simulator 1.x
    Microsoft Money 2000
    Microsoft Money 2001
    Microsoft Money 2002
    Microsoft Money 2003
    MSN Messenger Service

    Microsoft seems to have discovered the command-line, so maybe they'll discover the root account? Maybe they can fix their broken 'runas' soon thereafter.