So in other words: You run your XP and W2K systems as Administrator or a user a user with Administrator rights. Either way, that is not considered "best practice" from a security point of view. Any malicious code that you could encounter on-line will have full access to your system.
I can't tell you the number of times I've had to wipe a friends system because they had all sorts of trojans, spyware, virus' et al on their systems because they ran it as Admin.
Information protection begins with you. If it is too inconvenient for you to have to switch over to Admin to install software or configure your system, and don't care about the info it contains getting into the wrong hands, then have it.
If you don't care; I certainly don't.
For those of you who do care, follow "best practices" and run your computer with a restricted account. The inconvenience of doing so, can/will far outweigh any headaches you get from having a compromised system.
That’s how I run and I’ve yet to have a problem with a trojan.
If you don't care; I certainly don't.
Well I do. And you should care too.
Some 90%+ of spam comes from pwnd Windows machines. My circuit, firewall and mail servers have to deal with all of that spam. That costs me time and money.
As long as his poor practices don't impact the rest of the 'net, you're right, no one cares.
But when people are negligent and let their machines get taken over by bot nets it impacts us.
You know, I thought about what you wrote here, and decided to make some changes. I added a user account that had full administrative rights. I then changed my user account to "restricted". Guess what. I could no longer print to my printer when logged in on my account. The printer works fine though in the new administrator account I opened.
I thought I'd change my personal account to "standard" instead of "restricted". Can't do that. There is no option for a Group name named "standard". "Administrator" and "Restricted" are the only two groups to which I can add new users.
So, I'm back to square one. I system restored to where I was before making the changes. If you have any suggestions on how to get around such issues I'd really appreciate hearing them (I've been all over the place online but searches don't address this specific matter...that I can find). But you really came across with some criticism ("If it is too inconvenient for you..." or "...and don't care about the info it contains getting into the wrong hands"...). And here I try to take your opinion constructively and it gets me nowhere; well, worse than nowhere.
I'd say thanks, but I'm not sure for what. But I will say, be careful of what you recommend so blithely. You can potentially wreak havoc without intending to. Fortunately, I didn't let it get away from me.