Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: [in] Re: IE is just as safe as FireFox
From: devis <devis () easynix net>
Date: Sun, 21 Nov 2004 07:11:26 +0100

Todd Towles wrote:

Windows doesn't tell you about the Admin account and makes the default
user a Admin. That isn't best method as you know.

RunAs is great..but that is only good once you create a normal user -
and then delete your new default user. Or you log in in Administrator
and take away the full control of the default user. Easy for the average
window user? Nope. If it was Microsoft would make the default user (note
USER) and then let you configure the Admin account on start.
Thank you. Sometimes i feel the message doesn't get across. Run as is a false sense of security. Majority of MS apps ( that gets owned ) run with Admin or Local System priviledges. Does Run as works on IE ? on Office ? on IIS ?

My point was that instead of 'hiding' computer knowledge from the 'user' , and introducing false 'hyped' security such as 'RunAs', assuming his stupidity, i think people will be likely to understand that to install a program they would have to use a different account than from browsing pages. Especially when the company behind has lots of $$$ to make it friendly and understood. 15 years ago people thought only a few people will ever use email......

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]