Sunday, February 22, 2009

Locking down my Windows XP machine

During my last Windows XP re-install, I pondered for a moment if I should use proper computer security by running within a limited user account. Eventually my desire for convenience, and realization that I wield the raw power of the OS far too much, kept me with a default admin account.

I’ve never really needed much protection. I can count on one hand the number of viruses my antivirus has found on my computer this decade. Only one of those tricked me to execute it. Over time, my weekly antivirus false-positives caused me to disable the nightly scans.

No, my fear of unwanted programs wasn’t enough to drive me into putting a lock on that admin door. It turned out to be the fear of programs I do want that pushed me to the switch. It started with World Of Warcraft’s Warden, and culminated with Mirror’s Edge’s SecuROM. Invasive DRM and rootkits concern me far more than any virus.

But I’m glad I didn’t try to live in the limited account back then. It would not have lasted very long before I would be sick of always having to switch to an admin account whenever I wanted to burn a CD, change anything in the control panel, install anything, or modify system or program files. There is the "Run as…" option, but that often leaves changes made to the account being "run as", instead of the current account.

Luckily my Linux experiences in the last year taught me that you can have the best of both worlds with a program like sudo. My searches for something like that for Windows led me to 3 open source solutions.

  • SudoWin (Sudo for Windows): This is repeatedly recomenneded by readers of Atwood’s Real Ultimate Programming Power blog.
  • suDown (or sudoWn): Tried briefly before running across…
  • SuRun: Seems to be the new kid on the block. I have been using this one for several weeks now, and so far I love it.

For better or for worse, I disabled having to actually enter a password. This was mainly due to my need for some programs to always run with admin access (especially at startup). For everything else, I get a nice popup that just needs an OK click, not much different from Vista’s UAC. Update 1: The new v1.2.0.6 lets you skip password input for your white-listed apps if you want.

Update 2: After using SuRun even longer now, I’ve only found 2 problems with it: (1) When browsing explorer as administrator, any changes you make don’t get reflected in the file browser (you have to manually refresh to see), and (2) It sometimes takes several seconds to open new Windows explorer windows. In general big delays have occurred for any kind of file system browsing, or low-level associated functions. For example, mounting/unmounting a TrueCrypt volume can take up to 10 seconds, and has even failed with a strange error on unmounting at times.

Update 3: Found an insightful thread where someone discussed with the SuRun creator about some aspects of the program.

It’s kinda comforting to see Process Explorer unable to view any details of admin processes. I know that Warden and SecuROM* will be hitting the same roadblock.

However I ran across something a little disturbing with World of Warcraft the other day. Process Explorer was unable to view details of the Wow.exe process, as if it was running as admin without my knowledge.

To be continued… * I’m aware that SecuROM has been known to install a service, thus always granting it admin access, but I’ve kept a watchful eye on my services and haven’t noticed anything yet.

No comments:

Post a Comment