Spyware becomes increasingly malicious (let's return to reality)

Fri Jul 16 04:38:16 UTC 2004

Did you try to run Windoze as 'not admin user'? Ok, try, then install, say,
harmless user-level (not a server at all) Visio package...

They run as admin, because Windoze (1) have not easy (temporary) switching
between User and Admin, and (2) 99.99% applications require user privilege
to be installed or configured (and they are not sevice applcaitions).

>
> Not necessarily true.  Security/permissions plays a major part in the
> effectiveness of adware and spyware.  A majority of consumer Windows
> OS's run with the default login as an admin user.  When a user chooses
> to install "Cool-Search", their user rights allow for registry changes
> and alterations of system libraries, which cause ads to display when
> using IE.
>
> Can this be prevented by running Windows as a non-privileged user,
> yes.  But people want to install their "Cool-Search" and
> non-privileged users can't install anything.
If I am in Unix, I can install Cool-Search when I am a normal 'user', BUT
these will not be a system-wide application. I need root privileges to
install a service, and I do not neeed it to install something which is
client only (can not run by itself).

// I am not advice for Unix here.

These is a difference - in a very old, ansient Unix system there is simple
and effective privilege segregation (and everyone understands it). No one
application writes into /bin and /usr/bin, and only very few badly designed
applications try to write anything into /etc; user's directory have simple
'-rwxrwxr-x- (or other) access list (easy to understand), etc etc... As a
result, 99% of this _old_ OS are more secure than99% of  Windoze
installations (through Windoze can be made much more secure than Unix).
There is all result of 'hidden complexity'.

Install 'Osiris' (or Tripwire) IDS and try to configure rules for Unix and
Windoze, then compare. Tremedows difference!

> When using OS's other than Windows, users can install their own
> binaries, but they do not have access to modify the system binaries.
> Then can still browse with the system wide Mozilla/whatever, but their
> actions will not have the ability to alter anything that will allow
> for ads to be served when browsing, or for browsing habits to be sent
> to a third party.
Technically they can run some startup script, but even if they do it, it is
_very_ easy to get rid of such thing. And (what is most important) usesr can
do 100% tasks when logining as a 'user' not as an 'admin' (if they need
temporary permission change, they can got it).