lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <41A0318E.8030404@easynix.net>
From: devis at easynix.net (devis)
Subject: [in] Re: IE is just as safe as FireFox

Todd Towles wrote:

>Windows doesn't tell you about the Admin account and makes the default
>user a Admin. That isn't best method as you know. 
>  
>

>RunAs is great..but that is only good once you create a normal user -
>and then delete your new default user. Or you log in in Administrator
>and take away the full control of the default user. Easy for the average
>window user? Nope. If it was Microsoft would make the default user (note
>USER) and then let you configure the Admin account on start. 
>
>  
>
Thank you. Sometimes i feel the message doesn't get across. Run as is a 
false sense of security. Majority of MS apps ( that gets owned ) run 
with Admin or Local System priviledges. Does Run as works on IE ? on 
Office ? on IIS ?

My point was that instead of 'hiding' computer knowledge from the 'user' 
, and introducing false 'hyped' security such as 'RunAs', assuming his 
stupidity, i think people will be likely to understand that to install a 
program they would have to use a different account than from browsing 
pages. Especially when the company behind has lots of $$$ to make it 
friendly and understood. 15 years ago people thought only a few people 
will ever use email......

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ