Geeks With Blogs
Chris Breisch   .NET Data Practices
Search this Blog!

Jeff Atwood has a good piece on why you shouldn't run as an Admin. He even links to another good piece on the subject by Aaron Margosis.

Jeff makes his point by visiting a malware website with an unprotected system running an unpatched IE 6.0.  The site installed the following spyware on his machine (not that he didn't click on anything or download anything)

(Quote from Adam McNeil of Webroot Software):

Webroot SpySweeper detected the following spies after allowing the installer to run over night.

  • Virtumonde
  • Visfx
  • ZenoSearchAssistant
  • PurityScan
  • Trojan Downloader Matcash
  • Trojan-Downloader-Zlob
  • BookedSpace
  • Trojan-Downloader-WaveRevenue
  • Trojan.Gen
  • Trojan-Downloader-Prez
  • MaxiFiles
  • TargetSaver
  • Trojan-Poolsv
  • Trojan-Dropper-Zomavis
  • Webhancer
  • Web Buying
  • Command
  • Core Adware (CoreAdware is known to use Rootkits {core.sys} to mask its presence.)

In addition to the above listed spies, I have also recorded a large number of unclassified (not for long) files and registry entires that were added to the box as well.

By now, we've read hundreds, if not, thousands, of times why it's bad to do this. And I never ran as an admin when I was using Linux as my primary OS.

So, why do we keep doing it?

Because it's painful to try to run as a non-admin. It shouldn't be, but we're surrounded by bad software writers. Here's an example for you.

I like to rotate my desktop background with pictures of my kids. There's a nice little powertoy for this from MS that works with XP.  It's called the Windows XP Creativity Fun Pack PowerToys Wallpaper Changer. It's a nice little app that you can configure to rotate your pictures how often you want; you can stretch them; you can even have special pictures for special days.  It's a very nice little app.

Unfortunately, it doesn't work with Vista.

Now, it's a tiny little app.  I could write my own in no time flat, I'm sure.  But, why re-invent the wheel?  Surely there's another one out there.  And a little search engine digging found me several.  Most of which also don't work on Vista.  :(

But, I did find one that does work in Vista: Adolix Wallpaper Changer.  Problem solved, right?

Wrong.  Remember what I was saying about bad software writers?  This is people's exhibit 1.  Like most apps like this, it makes a temporary copy of whatever picture it's about to set to the wallpaper. There are various reasons for doing this, but that's beyond the scope of this post.  The point is that this product makes this temporary file in the installation directory.  It's 2007, people.  Haven't we figured out yet that that's not a good idea? So, if you installed to the default location (C:\Program Files...), then this app won't even run if you're not running as an admin! And this is just a tiny little wallpaper changer app.  You run into the same sorts of issues with your development IDE, possibly even with your web browser, and countless other applications on your system.

I kept hoping that application developers would get smarter, and that it would get easier to run as a non-admin. I've given up on this.  And so, apparently, has Microsoft, or they wouldn't have put that abominable UAC in Vista. So, if you're still not running as a non-admin, and you're still waiting for the apps to get better to support it first, then my advice to you is to stop waiting. Bite the bullet.  Deal with the pain.  But stop running as an admin now!

Posted on Monday, July 9, 2007 12:39 PM General , Architecture , Microsoft OS | Back to top

Comments on this post: Don't Run as an Admin, yada, yada, yada

No comments posted yet.
Your comment:
 (will show your gravatar)

Copyright © Chris J. Breisch | Powered by: