Saturday, July 18, 2009

Privilege - Update

Boy, this is a day to update previous security posts. This week I posted on why excessive privilege levels (like root on Unix or Administrator on Windows) is bad, and how this makes it easy for Spyware to target you. In this, I pointed out that Windows was particularly subject to this.

Well I've found some code from Microsoft (!) called DropMyRights, which is targeted at precisely this. It's a free download from Microsoft's developer site.

Now both my regular readers will be reminding me right now of Borepatch's First Law: "Free download" is Internet security speak for "open your mouth and close your eyes" - and this point is well taken indeed. Here's why I would be comfortable with this particular download:

1. It's from a known source. Microsoft's not in the business of serving up malware.

2. It's from Michael Howard, who while he may not be "The Guy" for security at Microsoft, is certainly one of The Guys.

3. There's source code.

I haven't tried this, because I do most stuff from Ubuntu, but if you want to try what the Cool Kids are trying in Windowsland, here you go.

Disclaimer: I haven't downloaded or compiled (or run) this. However, I have a lot of respect for Howard, so expect that this is decent.


Anonymous said...

1. It's from a known source. Microsoft's not in the business of serving up malware.

There is a case that Windows in general is malware, but it could be a lot worse, and I don't think their ineptitude is a symptom of some malevolent business plan to deliberately make it only good enough that people will cope with it.


Ian Argent said...

Serious question here. Do I need this if I'm running Vista/Win7 with UAC turned all the way up?

Or does this duplicate the effects of UAC for XP and 2003?

(Yeah, I know I should be running a non-privileged account. I'm still in the middle of getting this machine set up just right)

Borepatch said...

Ian, great question. I don't know, and haven't used it.