Life on the Road – Trucking News Blog

Your laptop is secured, password protected, backed-up, and up to date, you’re almost ready to go online.

One of the biggest reasons why every other operating system is more secure than Windows is user access. Mac OS and Linux/Unix have strict user controls. While Windows defaults to a user with administrator rights able to do anything and everything, other operating systems learned long ago that’s not such a good idea.

If I’m the only person on my computer, shouldn’t I be able to do anything and everything? When you’re online, your browser is your window to the internet. It’s also a window back into your PC.

If you’re logged into your system as an Administrator, so is anyone else that gets access to your system via “Drive-by-downloads“, ClickJacking or any other really nasty techniques. Any program that comes in as Administrator can turn off Windows Firewall and any Anti-Virus program. Still want to be online as Administrator?

What’s the cure? One of the good things about Vista is that it handles User Access much better than XP and Windows 7 is even better. (Yes, I downloaded the Windows 7 beta, it’s what Vista should have been in the first place).

Windows XP

While you’re sitting there logged in as Administrator, go to your Control Panel, then User Access. Is your Guest Account turned on? Why? Click on the Guest Account and choose Turn Off Guest Account.

Create a New Account, choose a name, Next, choose Limited, then Create Account. Log out, then log in with the new Limited account and go online. If you installed browsers like Firefox to only be used by the owner, you may have to reinstall for All Users.

What a hassle! I’m not doing that! I don’t go to bad websites and I have to log out and log in when I want to download something? Forget it! I’m a Power-User I know what I’m doing, I’d rather take the chance!

There is another solution. A Microsoft employee wrote a program that instantly downgrades any program from running with all rights. If you use it attached to any program that opens up to the Internet you will be much more secure.

Browsing the Web and Reading E-mail Safely as an Administrator

After reading about and downloading DropMyRights from the above link, create shortcuts that use dropmyrights + Firefox/IE/Opera/Outlook/Thunderbird or any other program that accesses the Internet.

There are instructions on how to use it on the above listed link, but the bottom line is you create shortcuts for programs that you want to grant limited access to, while still keeping shortcuts to the full access programs.

Right Click on your desktop and choose New, then Shortcut. The Shortcut wizard shows up and you input the path where you put DropMyRights.exe, then the desired program:

Here’s the entire line. Insert your path and program you want to use. Be sure and use the quotes.

C:\DMR\DropMyRights.exe “C:\Program Files\Mozilla Firefox\firefox.exe”

Finish the rest and go back and choose an icon using the firefox.exe (or whatever) icons.

You end up with two icons for Firefox, Thunderbird or anything else. Use the restricted access icon for casual browsing and email.

There are other programs that will completely isolate your session called sandboxing or running in a virtual machine, but those are above and beyond the scope of this small post. Look up SandboxIE and VMware if you’re really interested.

This solution isn’t perfect and you are still vulnerable to attack by more ways than you can imagine. But it is a good start.

Any questions about installing DropMyRights, XP, Vista, Windows 7 or anything else in this series, let me know in the comments or contact me direct.