Linked by Howard Fosdick on Mon 6th Sep 2010 21:56 UTC
Windows In previous OS News articles, I've claimed that mature computers up to ten years old can be refurbished and made useful. My last article identified and evaluated different ways to refurbish these computers. One approach is to keep the existing Windows install and clean it up. This has the advantage of retaining the Windows license and software, the installed applications, and the existing drivers. But it takes some work. In this article we'll see what this entails.
Thread beginning with comment 439636
To read all comments associated with this story, please click here.
No limited user accounts?
by Icaria on Tue 7th Sep 2010 09:30 UTC
Icaria
Member since:
2010-06-19

"You'll want to delete the old user accounts and replace them with your own set of user logins. Each new account should have an appropriate authorization level."

Is as close as you get to telling people to use limited user accounts for day-to-day usage. I don't even bother installing anti-malware apps on most PCs as most browser entry vector malware doesn't elevate it's privileges sufficiently to do any damage on a limited user account.

Reply Score: 1

RE: No limited user accounts?
by Kroc on Tue 7th Sep 2010 09:44 in reply to "No limited user accounts?"
Kroc Member since:
2005-11-10

Except for on Windows 7 where the default UAC level means that any non-elevated exploit can instantly elevate without prompt.

Reply Parent Score: 1

coreyography Member since:
2009-03-06

Agreed. It was a surprise to me that he didn;t go into that in much more detail. Part of my deinfestation process of infected PCs is setting up a limited user account and then educating the user on its use (and non-use of the Administrator account). Everyone I've done that for has remained malware-free since.

He also mentions setting an Administrator password, but leaving it blank can be an option on a 1-user PC, as this automatically disables network access to that account.

Reply Parent Score: 1

Neolander Member since:
2010-03-08

In my opinion, education is a mandatory step when improving the security of computers. The sole thing we can do is reducing the amount of data which the user has to learn.

There will still be some people who look for all-technological solutions to the security issue, of course, and this is fine because it can make the teacher's life easier. But do not except this to ever block basic phishing attacks if you didn't teached the user to check security certificates when they are on a "dangerous" website (e.g. banking) ;)

Edited 2010-09-08 07:09 UTC

Reply Parent Score: 2