Thread replies: 32
Thread images: 2
Thread images: 2
Are you still wasting lifetime by typing admin passwords all day? Picture very much related.
Separating privileges, i.e using a non-admin account and escalating only when needed, seems to be something everyone agrees on. I can roughly understand why it's important on every system : prevent an attacker from modifying the system and taking complete control of the machine, and on shared systems, prevent a user's mistake from propagating to the others.
However, on a personal computer, all the data I care about is in my user folder, which is accessible without admin rights by every program running on the computer. Basically, if a malware runs, I've lost, be it with admin rights or not. All the damage can be done without admin rights.
Tl;dr: For PCs, not using your root account will not increase your security.
>>
>>57622218
lunduke detected
>>
>>57622218
>always root
CHECK YOUR PRIVILEDGE
>>
>>57622266
What kind of ledge is a priviledge?
>>
>>57622233
The concept itself is pretty much OS agnostic.
>>
root master race reporting in
lol @ bloating your system with sudo
>>
>>57622312
If you assume typing that extra sudo + the password / each Windows password promt takes only 5 seconds and you need it just 10 times a day it already saves you over five hours per year.
>>
>>57622233
https://www.youtube.com/watch?v=X3Ejw_KapyA
>>
>>57622446
And yet there are no arguments for it. Yes, when running as non root, malware has a harder time ONCE YOU ARE INFECTED. Even then, all of your private data will be accessible for the malware. It's just a logical fallacy. If you feel safe running as root, you have no user data.
>>
So what you're saying is you should separate out your personal information into different accounts and not run as root also?
>>
>>57622218
>he doesn't run separate user accounts or VMs for sensitive services
Why exactly are you here?
>>
>>57622290
The high ledge which, when sitting on, make you priviledged.
>>
Privilege separation is not to prevent a user in front of the computer from doing harm, they can already do that by removing the hard disk and putting it in another computer. Privilege separation keeps applications from doing harm or from being used by a remote user to do harm.
Also you do not have to use one account for all of your personal files and stuff. You can separate out your web browser into its own account with even fewer privileges. If you do very sensitive stuff like banking you could (or maybe should) get a dedicated machine to prevent any potential cross-contamination between the public web browser and your private stuff.
>>
>>57622554
>>57622562
Having multiple virtual accounts (hello Qubes) is a nice idea but eventually doesn't work. Apart from being impractical, there is no gain security or privacy wise. Financial, personal, work, there is no such strict compartmentalization in our individuality. Apart from that, horizontal privilege escalation is trivial
>>
>>57622727
>it's too hard mummy wah wah wah
Security is a process and...
>no gain security or privacy wise
Oh wait you're just an idiot.
>>
>>57622218
This is the most retarded thing I ever read in the last months.
Tell me this is a troll
>>
File: 1479768644534 - Copy.png (35KB, 634x244px) Image search:
[Google]
35KB, 634x244px
Ideally you'd have two completely separate machines.
>>
>>57622727
>there is no such strict compartmentalization in our individuality.
Pretty sure people do not go around advertising their banking information and other highly private stuff in their daily lives. You partition that stuff off in your head and only divulge it to people that you believe should know it. Having a machine that can do that would be ideal but machines aren't perfect and flaws in them can be taken advantage of to break down the partitions.
>>
>>57622930
or you can just logout from important services after you finish whatever you are doing
>>
>>57622930
No, ideally, you stop using retarded harmful social media, saass, and nonfree software.
>>
>>57622218
You can lock/encrypt all of that if you want to.
>>
>>57622218
Yeah, it's pointless on Windows where the users and permissions system is fundamentally broken.
Use a real OS.
>>
>>57622930
>not even using different networks
>>
>>57622218
>Basically, if a malware runs, I've lost, be it with admin rights or not.
But you said it yourself, half the point of having an admin password is to
>prevent an attacker from modifying the system and taking complete control of the machine
If you want to open that door for outside attackers simply because the door would do nothing if the attackers get in anyway, then go ahead. Its purpose is to stop it from getting to that point though.
>>
>>57623031
The issue is the public machine (computer 1) is exposed to many websites and any one of them could be compromised which could cause highly personal information to be leaked (or damaged). The second machine would ideally not be hooked up to the internet unless it was necessary. It might even be off and hidden in a safe place.
>>
>all the data I care about is in my user folder
L2encrypt, retard.
>>
>>57622218
>always root
>accidentally types rm -r /usr
>>
>>57622233
That's funny, from one of the more recent Bad Voltage episodes it sounded like he was going full tinfoil and turning into Stallman lite.
>>
>>57622218
Jokes on you op, I log out of everything whenever I close my tab. So your little bullshit image is quite pointless. Also forgot to mention my browser does not remember any password. After 10 mins of inactivity the screen locks. USBs are disconnected. Password ecrypted with Camellia 256. Have fun with my laptop.
>>
>>57623240
>not even shutting down and wiping RAM after 3 minutes of inactivity
it's as if you want to get fucked, anon
>>
>>57622218
Huh, I wasn't supposed to use it? My sudoers file is set up so members of wheel can execute any command as superuser, without a password.
I see it more as protection from mistakes screwing up OS files. By having to consciously confirm every superuser action, you consent to being aware of the risks involved.
>>
>>57623320
this
Thread posts: 32
Thread images: 2
Thread images: 2