Actually, you do get the source code to DropMyRights.
My code is just 100 lines including lots of boiler plate statements.
Not that big of a deal codewise. The big deal is using any of these to remove admin rights.
As I said, use whatever you want.
-M
To my knowledge Microsoft doesn't provide the source to psexec & DropMyRights either. The only reason I'm proselytizing what I've written is because it has a user friendly installer.
psexec & DropMyRights assume you're familiar with the command line.
Use the command line tools if you prefer.
Other than that, the end result of what you get from MS' tools and mine do not defer.
-M
PS: FYI, it's not a plugin.
They're command line tools... your average user knows squat about the command line.
Allso, as I pointed out in my original post, many an IT professional that I've pointed them out to "doesn't get it".
The crux of what I've done is the installer. It creates shortcuts and labels them "SecureIE" & "SecureFirefox". As they say, a picture is worth a thousand words. A turnkey solution increases user adoption by a very wide margin. I remember when I tried via IM to get a friend to use the command line tools and create shortcuts, I realized as I struggled to get them working that he wasn't putting a space between the
Lastly, the command line tools have a dependency on the Win32 console runtime. If you create shortcuts and use them, there's a momentary flash. If you use these with average users (I'm not
Again, I was motivated to do this based on my own personal experiences with evangelizing the command line tools.
-M
PS: As for the command line tools, psexec & DropMyRights -- Google them.
You are talking nonsense. When it comes to running an application such as a browser, there is no reason for it to be modifying the registry, the program files directory, etc., etc., etc.
Another
-M
Mark Russinovich's tool, psexec, allows you to do it with the "-l" switch and DropMyRights:
http://technet.microsoft.com/en-us/library/bb456992.aspx
The issue is that Microsoft never exposed a tool for *average* (note emphasis on AVERAGE) end users to leverage the power CreateRestrictedToken affords.
Currently, when creating a shortcut you can through its Advanced properties have Windows prompt you to change your user credentials but when SP2 came out Microsoft should have added a way to strip admin rights. A no brainer imho and *trivial* to implement.
-M
There are many factors at play, including among them in house politics at Microsoft. In particular the fact that they don't have a central figure with the ability to dictate security policy among their product groups. A security czar if you will. Imagine if there was the equivalent of a Steve Jobs inside of Microsoft but the only thing he was worried about was security *THEN* shyt would get done.
Otherwise you have one too many individuals with "security" in their title with no ability to dictate policy in products. Developers inside of Microsoft are pressured by managers to make product deadlines so MS can show growth to the stockholders (hint: none of them are thinking about security) and the end result is nothing progressive, creative and user friendly on the security front gets done. This Dilbert strip eludes to what I'm talking about:
http://flickr.com/photos/fucuyama/3002208273/
What's more you have individuals like the guys on ZDNet's Security blog who love to post about the latest flaws in applications, whether they be QuickTime or Microsoft Office but never point out that many of these issues can be severely mitigated by not running with administrative credentials.
The "principle of least privilege" gives you the most bang for the buck when it comes to security yet Microsoft has been woefully bad at empowering Windows XP desktop users which lead to Windows' reputation of being insecure. Many security issues that are specific to an application, whether it's IE, Office, QuickTime, Adobe's PDF reader, etc., etc. become way less interesting when you remove administrative rights.
That's why there's 300,000 viruses in the Windows universe and like 7 on Mac OS X. Because Mac OS X has never had people running with administrative rights.
Vista with UAC is a big step in the right direction. Windows 7 presumably will cache the fact that you've approved an installer to do something and let it run its course up until the process (associated with the installer) terminates. This would eliminate prompting users multiple times and annoying the hell out of them.
-M
DropMyRights is one of two tools you can get off Microsoft's site to remove administrative rights when launching applications.
However, the biggest problem with both is that they are command line tools and your average Windows user knows jack about the Windows command line. Yes, this is
What's more, getting people to actually read the Washingtonpost article and implement what it is saying is like pulling teeth. My experience is, it just doesn't happen. Even with IT people.
Secondly, DropMyRights is linked to the Win32 console runtime which causes a momentary flash as an application is launched (Windows displays a console window momentarily). It's very minor given the gains (in the case of DropMyRights) but average people have creative imaginations and they might dismiss a tool for the most *trivial reason* if their experience changes.
For all these reasons I wrote a small utility RemoveAdmin that does the same thing:
http://www.download.com/RemoveAdmin/3000-2381_4-10824971.html?tag=lst-1&cdlPid=10835515
EXCEPT my installer creates shortcuts for IE & FireFox - turnkey solution is critical here, you have to break down the typical resistances with average users. The installer labels the shortcuts "SecureIE" and "SecureFirefox".
In addition removeAdmin.exe isn't linked to the Win32 console runtime so you don't see a flash as an application is launched.
-M
So, right click on your shortcut, click "Properties", click on the "Advanced" button, pick "Run with different credentials".
Now when you double click on your shortcut, you can change your credentials (to the Administrator).
-M
Yes, because Download.com doesn't screen anything.
In fact, don't use Download.com at all since God forbid you might find something useful on there.
-M
It's a combination of ignorant users and ignorant IT people. I've never seen a single IT person use "runas" (impersonation), ACLs on the Windows file system or registry or and this is the damning one, a command line utility that allows you to selectively strip administrative rights on applications as you use them thatâ(TM)s been on Microsoftâ(TM)s site for years (after I pointed it out to them).
There was a reason once upon a time Microsoft chose to release Windows XP in such a way as to have users running with administrative rights. A reason that is extremely weak now - many people were upgrading to Windows XP from Windows 9x/ME and Microsoft didn't want to incur the support cost (or their partners) of having lots of applications stop working. Among them is the popular WinAmp. It used ancient APIs for its configuration file, WINAMP.INI, that stored global preferential data (as opposed to per user) in C:\WINDOWS\WINAMP.INI. If you didn't have administrative rights, it would just hang when you fired it up. Google Desktop when first released would *NOT* work on a non-administrative desktop. The list of offending applications goes on and on, e.g., a friend of mine had oceanic navigation software that insisted running with admin rights.
However, it turns out there is a programmatic mechanism in place in every copy of Windows XP (and Windows 2000) that allows you to strip administrative rights when you launch a process. Microsoft never exposed users to this ability for reasons that to this day are unclear to me. The magic API in question is CreateRestrictedToken.
But what really was an eye opener to me is when I would point out a tool on Microsoft's site to strip out administrative rights when you run a program. Namely, years ago you could have made the situation tenable in the case of apps like WinAmp and Google Desktop by yes, logging onto your desktop as an administrator but launching most Internet facing application without administrative rights but hereâ(TM)s the clincher *AND NOT CHANGING USERS* . In fact, I've been doing this for years.
Nonetheless I observed an incredible amount of laziness on IT professionals when I pointed out these capabilities. Laziness, apathy and the usual suspect of insecurity ("Don't tell me what to do, I know what I'm doing"). Yes, that's right, you manage a CISCO PIX firewall, you must be a security guru all around and follow best practices.
So given my former life as a Windows software developer I took it upon myself to create a turn key installer that at least protects Jane & Joe Average called *RemoveAdmin*:
http://www.download.com/RemoveAdmin/3000-2381_4-10824971.html?tag=lst-1&cdlPid=10835515
RemoveAdmin is a utility to strip administrative rights off apps as they're launched under Windows XP and Windows 2000 where unfortunately 99.9% of home users run with administrative rights.
The default RemoveAdmin installer creates shortcuts for IE and Firefox but if you analyze the shortcut, you see IE and Firefox are passed as an argument to the removeAdmin.exe program.
You can trivially setup another shortcut for Opera and/or any other Internet facing application... as you should since you can't trust foreign computer systems you connect to.
Itâ(TM)s version 0.1 since I havenâ(TM)t created a FAQ and thereâ(TM)s the situation that if you have multiple administrative SIDs it wonâ(TM)t work (not the case for most people). I need to fix that, create a FAQ and also offer to adjust the ACLs on the Startup folder to tighten security such that when combined with RemoveAdmin, breaching your system on account of your browsing becomes because crazy hard.
"However, I'm very unmotivated both because of the work that I do, which is boring, and because the organization I work for is highly political, disorganized, and lacks accountability."
Big reasons I no longer do it.
The other reason is maintenance. Most "software development" is dealing with crap laid down by others who moved on years prior. If not within the company, then mentally.
Frankly, software development is severely overrated. Getting a CS degree and going off to do it is sort of like watching some episode of Nova dealing with some science topic lending some interest to whatever scientific branch that is involved but then when you get that chemistry degree you realize a monkey could work at a lab eventually (think Darwin).
Likewise, creating some "neato" web page isn't exactly indicative of what software development is like in the real world. Sure web development is not the only kind of software development but it sure is the majority nowadays.
-M
But tell me FreakinSyco... how many people, think Joe and Jane Sixpack run with non-administrative accounts at home under Windows XP?
Even worse, 99% of IT people will do the same, i.e. rely on anti-virus vs. the principle of least privilege which they'll call out in a heartbeat on *NIX ("Don't run as root!!!") but fail to do the same when at home under Windows XP. It's largely a user education issue. Few people know about the tools Windows does offer and assume it's completely insecure (that's not true).
Further lots of Windows software has assumed the user DOES have administrative privileges. At one point in time Google Desktop would simply not run in a non-admin desktop. Other software dating back to Windows 9x was also guilty of this. Until a couple of years ago Winamp failed to run if you were not an administrator. Why? Because it stored its configuration (Winamp.ini) in C:\Windows and it maintained global settings for the entire machine via the depracted GetPrivateProfileString and WritePrivateProfileSring APIs dating back to Windows 3.x.
Do you think your average user would likely have such information? Or even care? They just want software to work!
This tool is a compromise. 1) People don't like passwords. 2) Most Windows XP users run as administrators with nary an understanding of the dangers getting them to change to a non-admin account has many, MANY barriers 3) This tool is a compromise.
If you run as "god"/root/administrator then by proxy as your browser pulls in crap off the Net, guess what's going to happen? Yes, security issues will persist, such as cross site scripting, but which would you rather have, a browser flaw that at most might steal some file on your system or getting your machine instrumented with a root kit? No system is 100% secure but the key is to minimize exposure.
RemoveAdmin leverages a security API that's actually part of Windows Vista as well. If you have an end user that has foolishly turned off UAC. This tool will work there. It will also work with Windows 2000.
-M
Exploits for specific document types make compromising people's machines an issue. However, what 99.9% of people that revel in schadenfreude with IE's woes miss or fail to understand (yeah including many people on Slashdot) is that most Windows XP users (which are most Windows users, Vista is only 20%) run as as "root"!!! ("administrator" in the Windows vernacular)
I wrote a utility called RemoveAdmin available on Download.com that leverages an API in Windows (CreateRestrictedToken) that strips administrative rights:
http://www.download.com/RemoveAdmin/3000-2381_4-10824971.html?tag=mncol&cdlPid=10835515
The installer will create shortcuts for IE and Fifrefox but if you look carefully it's really a program with the browser
Which means you can strip administrative rights on anything you run... in fact that's exactly what I do. I don't run *anything* that talks on the Net without this.
This means if you stumble across rigged
(Some caveats)
This is version 0.1. What would 1.0 have? A FAQ and user guide for starters. Also, I've seen this version not work in some cases, largely situations where AD is in play (probably because a user has multiple admin credentials).
If you need to run ActiveX controls on a site (poor you if you use IE), just quit IE, go to the site, have the controls installed. Quit IE and re-run IE with the secure link. Likewise this is what you would do before going to WindowsUpate.
And finally, to convince yourself the utility does something useful. Go to any site, "View Source" after you run your browser with the secure link and try to save the resultant
Maybe I'll educate some % of the IT world yet...
Respectfully,
-M
He has not acquired a fortune; the fortune has acquired him. -- Bion
