Running Windows Without Administrator Privs?

javacowboy asks: "For a while now, I've been advising friends who run Windows to try running as a regular user, as opposed to running as administrator, which is the default setting. However, I switched to Mac a year and a half ago and I haven't run Windows since, so I'm probably not the best person to be giving this advice. Still, on a philosophical level, *trying* to run Windows as a non-admin, given the prevalence of viruses, worms, trojans, and spy-ware, seems to make sense. Have any of you tried to run Windows as a non-admin, and how did it work out for you? Are there certain tasks or certain software you need to be admin to run? How realistic is it to expect a Windows user to run their OS as non-root?"

one experience

[yagu]

A friend's computer shared by the entire household was unendingly compromised. We restored XP many times from scratch but the result was always the same, within a month XP was toes up again.

We did manage to trace the culprit pretty certainly to one of the kid's AOL sessions. No emphasis and teaching was enough to stop a trusting click to wreak trojan horse havoc. (I don't blame the kid, she was using in good faith and only talked to friends, and only clicked when she was assured they were "being good". Unfortunately, in the world of XP running with admin privelege, this is not enough.)

We finally bought a separate computer with discrete accounts, and only one had admin access. The kids' accounts were non-admin. This new machine remains uncompromised, but with a price.

The non-admin accounts, while unable as expected to install software, have random and mysterious failures. I've been able to track some down to exactly what I (and most) feared -- applications which expect to have admin access. Not one example was legitimate in the sense the failure point was performing work requiring admin access, it was just presumptive development by the application. (Interestingly, one of the applications that works fine in admin access but not in non-admin access is Windows Media Player 10.)

Unfortunately this turns out to be a common symptom running non-admin in XP. Lots of applications will work fine. Lots won't.

The machine remains partitioned as described, but the ultimate result has been the kids gravitating back to the unprotected computer for unfettered access. I expect that machine will continue to need its periodic re-imaging.

These problems in XP aren't rare and are artifacts of an infrastructure with security tacked on in ugly layers again and again, all as afterthoughts. I hope Vista proves better at this, but wonder how many applications will continue as problematic because of a murky and muddled and shifting security architecture.

For the record, I'm simply amazed Microsoft has gotten away with this for so long... it's ample empirical evidence more deals on shop architectures are being made on the golf course and not around the white boards.

And, also for the record, Microsoft has the money and power to fix this once and for all. I'm sure some will defend Microsoft's incremental work on this, but for too many years my observation has been Micosoft using their money to buy additional fingers with which they point at others to blame rather than work to solve comprehensively the security and system integrity problems.

• Bottom line:

I still recommend PC owners create separate non-admin accounts with only one admin account. Applications that won't/can't play nice I recommend they uninstall and ask for their money back. This isn't optimal, but it keeps the machine healthy longer.

Sigh.

Aaron Margolis

[BSDevil]

Runs "The Non-Admin Blog" - one of the most useful resources for this. He's a Microsoft staff consultant, and often has tips for it you won't find elsewhere.

Check it out at http://blogs.msdn.com/aaron_margosis/