Leo, I’ve heard that browsing with an admin account puts you at more risk and I’m wondering what are some ways to stay protected without switching to a less privileged user account. Also, what is sandboxing?
What you’ve heard is correct. Running with what’s called a limited user account (LUA) is indeed safer.
It’s also something that unfortunately, many people don’t do… including myself.
Become a Patron of Ask Leo! and go ad-free!
The weakest link is … you
The single best thing you can do if you need to run as administrator is to use common sense. Basically, learn to understand where you should and should not browse, what you should and should not download, and just generally what steps you need to take to stay safe online.
Honestly, all of that can really go a long way towards keeping you safe regardless of whether you’re using an admin account, a limited user account, or a guest account. Understanding how to be safe is the single most important tool you can develop.
Unfortunately, of course, it’s not 100% reliable.
UAC is almost LUA
So the second most important thing you can do if you need to run as administrator is to run Windows 7 or better and have User Account Control (UAC) enabled. UAC is that annoying pop-up that says, “I’m about to change your system. Is that ok?” It’s enabled by default.
With UAC enabled, you’re running as administrator, but not really. You’re running as an account that’s allowed to be administrator, might be a better way to put it. Then pay attention to those pop-ups. Those are the things that are requesting true, full administrative access to your machine.
Often, they are things you want, like a program that you’re installing. Sometimes they’re things you don’t want, like malware. Being able to understand the difference is key to keeping yourself safe.
And naturally, the traditional litany of using anti-malware software, firewalls and common sense is worth reiterating.
Playing in a sandbox
A sandbox is an interesting additional solution. You can think of sandboxing software as kind of a protective wrapper around some other program. When you run that program within a sandbox, it looks to that program like all of the changes that it’s making to your system are actually being made.
In reality, they’re being held by the sandboxing software. When you exit the program, all those changes can be discarded, which is particularly nice if those changes happen to be a malware installation. You shut down your browser, the sandbox cleans up, and all of that malware is gone.
Of course, using a sandbox quickly gets complicated because there are still some changes that you want! Things like your browser settings, or certain cookies, or the bookmarks that you saved, or downloads that you really want to keep and so on.
So it’s not a simple “just do this” kind of a solution without some ramifications, but it can be a very good approach to safety. I know a number of people who swear by it.
Sandboxie is the most common example (originally, a “Sandbox for IE”, hence it’s name). It can now be used to sandbox just about any program you might want to run.
We recently purchased a domain name, the site administration files, and the site graphics. All was available from an individual who “owned” this, etc. and was running a site for – “non-profit” community. After we send an event announcement with 3 graphics, we received a ton of backlash from someone who was affiliates with the non-profit community. The person who sold everything owns his own web host company, he own(Ed) the domain etc, and was registered on Whois. In the county registrar (public property/business records) the domain is listed as owned by the individual who is throwing backlash, stating the “county registry” is proof that he is the owner of the domain, and site files. Is there any relationship to a county “public record” and the ownership of a domain name, and it’s related files? If yes, how was this available/possible to be sold to us?
The ownership of a domain name (a specific URL) is held by the registrar. That would be found by the search in whois. Make sure you are looking up the ownsership in a proper whois site such as http://www.domaintools.com/. If this domain was sold to you properly you should now see your name on the registration.
There is a chance that the domain has whois protection – in that case no name will be showing on the public records but you should be able to see your name in your own official registrar account. More on that in this article: http://ask-leo.com/what_is_whois_protection_and_do_i_need_it.html
If the individual throwing backlash let his registration lapse, then he has lost ownership, whether or not it is listed in a local county or state registry. I am a web designer and have problems all the time with clients who forget to renew their domain names. As soon as one expires someone else snatches it up – and then they own it.
The solution to your problem is as simple as checking the official whois registries, that will prove who owns the domain.
If there is some connection between this thread and the actual subject of this article, I sure missed it…!
Sometimes people ask questions in the form of comments to articles that have no relevance to the original article and should have been poses as a general question to Ask Leo!