More press coverage of NOT running as an administrator


Ryan Naraine has written a nice article for eWeek about non-admin security in XP. He notes that Microsoft will be promoting Least-privileged User Accounts heavily in Longhorn, but that you can enjoy their added security right now – if you know where to look in Windows!


The article includes commentary from security guru Michael Howard about the problems of user education, and a link to my own nonadmin wiki, where we’ve been gathering tips and best practices for the whole community to use. Most of which came from Aaron Margosis, of course 🙂


Ryan emailed me for comments when he was writing the article, but I bowed out when I heard that he already had Michael’s feedback – Michael is a trained security spokesman, and I definitely am not. So kudos to Ryan for doing a good job of keeping all the information in the article, but me out of it. Definitely a pleasant encounter with the press.


Mary Jo Foley picked up on the story over at Microsoft Watch (“No Need to Wait for Longhorn for LUA”), but in summarizing things for our ADD-prone world, she simplifies a little too far:



The company is making available new tools on a Wiki aimed at Windows users to try to help increase awareness.


The tools aren’t new, the wiki has nothing to do with Microsoft (especially since it’s powered by Linux), and I’m not aware of any official effort to raise awareness, but apart from that the sentence is accurate 🙂


Oh, and thanks to everyone who noticed! Including Jack Richins, J. Daniel Smith, Peter Provost, and Kirby Turner.


Category: Security

Comments (2)

  1. JMac says:

    LUA is a nice idea and fairly easy to implement in the enterprise through AD, but have you tried to implement it for a home user? I tried it recently on my nephews Windows XP Home based machine and was astonished at the amount of games that either wouldn’t run at all or showed serious display bugs when running as a non-admin account (FarCry). He has to run as a member of the Administrators group just to ensure his games will run properly.

    It’s not just end users that need to be educated. Some developers are still living in single user land and need a kick in the right direction. That will be a much harder task. Maybe taking Apple’s approach to the privileged user is the way forward?

  2. I hear you! A big role of the wiki is probably going to be educating developers.

    Still, there are some things you can do right now for your nephew that will leave him running as non-admin most of the time, but able to get Administrator privileges for those badly-behaved games. Check http://nonadmin.editme.com for details 🙂