Jul 30 2004
Drinking the kool aid
I have advocated running as a standard account and not as a administrator for quite some time and have over the last year switched all my families accounts (yes I am the single Pewitt family IT department more some other time) to run as standard user and I have a admin account on each box that I can login in to. That is good for them but what about me?
For a long time I figured I know what I am doing I don’t need to worry about it and seeing that I am a developer it will be to hard to run as a user. Then last week I was schooled on why every one needs to run as users!
The current project I am on is at HP and they got send some e-mails to almost all of there accounts the e-mail looked official and had an apparent extension of .txt (I can’t believe I am going to admit this) it was good enough to fool me “Mr. attachment paranoid” and I double clicked it. As soon as I did I knew something was wrong I immediately unplugged from the network and checked TaskManager for process that I did not recognize, I did not see anything then I ran Autoruns from www.sysinternals.com and sure enough there in my registry was a application that should not have been there! I cleaned it from the registry and deleted the file and all was good in the world again no damage done. Over the next few days HP was hammered by this many of there systems were affected, it was so bad they announced over the 1MC (Navy term for announcement system) that attachments should not be opened. Yes you guessed it each person here is a local admin.
I had started to rebuild a new system for myself in this time and I decided to bite the bullet! I am now living the pain of being a developer running as a user and so far it’s not that bad. I have found this excellent blog by Aaron Margosis that is all about living as a user on your system. Would I suggest this for everyone? Not yet but if things keep going this well I will soon.
Have fun!
No responses yet