E-Mail:

Lock It Up

Monday, January 7th, 2008 by Matt Hartley at 10:03pm
No Responses (Add)

On Friday, I showed you how to do something that even Microsoft itself has not accomplished with Windows XP — run admin only applications with the limited user’s password, all within the limited user itself and without resorting to the dangerous “RunAs” function. The obvious benefits from a safe computing aspect are staggering. Being able to only have things install when the user grants their limited user password, but unable to uninstall other apps installed previously by the administrator, is very useful for most family computers. Personally, I believe this gives Windows XP a huge edge. Try this exercise — with WinSUDO installed, create a shortcut to explorer.exe. Sudo into it and try to add something to your windows directory — you can’t. That is not too shabby, let me tell you. Moving on…

And as I had stated latest week, today I will show those of you who want to continue running as admins, how to make your various applications on Windows a whole lot safer. It all starts here. As you can see from the code on the previous page, this simple application allows administrators to operate individual applications with a lot more safety in mind. How? By simply dropping the privileges of the specific application you have in mind.

Keep in mind that their are glossier ways of doing this sort of thing, like DefenseWALL HIPS. But I like to get down and geeky with apps. That, and I don’t like to run extra software in the background if I can avoid it — on any platform.

In either instance, running your Web browser and email client using either of the above tools is going to translate into a much safer computing experience. And to be honest, this secure mindset needs to go for Vista, OS X, and yes kids, even Linux as well. I can easily whip up a fast little bash script for Linux newbies and wipe your systems clean (or in some cases, just your personal data). So all platforms should be used with care.

Remember, no OS over another is idiotproof. But with the tools I have provided over the past couple of days, I hope this gives each of you a stronger place to start from in your quest for a more secure desktop.

Tags
Categories

What Do You Think?

 

Posted Recently

Rodney Buike Talks Office 2010

Use Social Networking As An Extension To Team/One-One Meetings

Spicebird v0.7.1 Beta

4G Ahead! A New World of Enterprise Mobile Broadband

Yet More Mozilla Woes – Infected Firefox Add-on

Microsoft Exchange Server 2010 Administrator’s Pocket Consultant

Should Games Be Permitted On Work Computers?

Advanced SystemCare Free v3.5.0

Top 10 Lessons Learned For Corporate 3G Mobile Broadband Deployments

Dealing With Flash Instability With Chrome On OS X

Off The Hook Personal Assistant Application

Search Patterns: Design For Discovery

Should You Add Humor To Your Presentation?

Spamihilator v0.9.9.53

Oracle E-Business Suite Automation Kit

Chrome Will Not Be My Next Browser – Or Will It?

All Up In Your Business

Microsoft Forefront Threat Management Gateway (TMG) Administrator’s Companion

How To Ask For A Reference

Macrium Reflect Free Edition v4.2.2409

Free 70-680 Windows 7 Configuring Exam Prep Special Edition

Engadget And Gizmodo – Not So Friendly Now

Sane Call Blocking For The iPhone?

CouchDB: The Definitive Guide

Why Developing Soft Skills Is Important Even In Technology Careers

NoClone Free Edition v4.2.14.0

Ten Innovative Ways To Use Twitter For Business

Mobile Firefox – Only For Nokia

OSCON 2010 Approaches

Windows Group Policy Administrator’s Pocket Consultant

Windows 7 Reliability Monitor

#7Z v0.8.1

Mastering eDiscovery: The IT Manager’s Guide To Preservation, Protection, And Production

IE 6 No Longer Supported With Google Docs

Brent Ozar Puts SQL In The Cloud

MAKE: Technology On Your Time Volume 21

Windows 7’s Credential Manager

SView5 v2.77

Five Ways To Lower SAN Administration To Three Hours A Week

It’s The Publishing, Stupid