Get rid of "Run as administrator"

By Cosmin
in Microsoft (Windows)

 Share

Recommended Posts

Rising Star

gregrocker

Posted
Posted

The first thing I do when I install Windows is google "enable adminstrator account" then run CMD as administrator.

Then log off and log back in as Administrator.

Then go to User Accounts>Manage another Account to delete your named account.

The reason to do this when you first install is it will otherwise put your files on the desktop to redistribute, as it builds you a whole new desktop and User account as Admin.

But you will never be bothered by second guessing everything you do again. Just be sure of what you want to do.

Ignore Chicken Littles who say you are grossly compromising security. It's already been disproven and those of us who have always run as administrator never get infected because we know what we are doing.

Grand Master

devHead

Posted
Posted
The first thing I do when I install Windows is google "enable adminstrator account" then run CMD as administrator.

Ignore Chicken Littles who say you are grossly compromising security. It's already been disproven and those of us who have always run as administrator never get infected because we know what we are doing.

But Greg, this user may not know what he's doing (sorry, but the fact that he's running TuneUp Utilities in Win7 kinda shows that) and could mess something up if he did what you're suggesting as an advanced and experienced computer user. It's not a Chicken Little complex, it's just safe computing. And for some, that's what is necessary. You speak in your post of "those of us" and "we know". But that's not speaking for everyone; I dare say for most people.

Grand Master

XerXis

Posted
Posted
The first thing I do when I install Windows is google "enable adminstrator account" then run CMD as administrator.

Then log off and log back in as Administrator.

Then go to User Accounts>Manage another Account to delete your named account.

The reason to do this when you first install is it will otherwise put your files on the desktop to redistribute, as it builds you a whole new desktop and User account as Admin.

But you will never be bothered by second guessing everything you do again. Just be sure of what you want to do.

Ignore Chicken Littles who say you are grossly compromising security. It's already been disproven and those of us who have always run as administrator never get infected because we know what we are doing.

i know some people who run linux as root, they also claim they know what they are doing, we laugh at them too...

Grand Master

hdood

Posted
Posted
i know some people who run linux as root, they also claim they know what they are doing, we laugh at them too...

Can you explain why you feel the user/admin separation is so important on a single-user home computer? If we're talking about the potential to make mistakes that break the computer, then well, you really can't know whether Greg or anyone has the skill level required to not do so. Lots of people do. I know I could run it this way. There is a small chance that a program could unintentionally damage something it shouldn't have if running as admin, but I can't think of any such examples.

If we're talking about malware, then being administrator only gains the malware two things over being a user. One is the ability to infect other users, which isn't relevant here. The other is the ability to make itself harder to remove by hiding deeper in the system (which can also have stability consequences). Other than that, there's not much malware can't do running as your standard user. It already has access to everything of interest there, from your private data to the network. It also has the ability to hijack elevation requests, so that if you use UAC/sudo to elevate something while malware is running, you risk also elevating the malware anyway. The only thing that truly protects you is to not run random executables, and to have antivirus software that can block known threats before they execute.

Proficient

Grope for Luna

Posted
Posted
Or just turn off administrator approval mode and use your current account. There is nothing special about the legacy "Administrator" user. I don't know where this myth comes from.

Indeed. Everytime I hear about it I wonder if I'm missing out on something. I use regular admin-level accounts with UAC off and everything works fine.

Grand Master

hdood

Posted
Posted
When I read the topic title, I thought he wanted a way to hide/remove the "Run as Administrator" option but keep UAC on.

Hiding that option would be handy so people don't play with it ;)

Uhm... People can only play with that option if they are already administrator users. The answer is to make them standard users, in which case the default setup will instead prompt them for admin credentials (username and password). You can change it to prompt for credentials for administrator users as well, but that's rather pointless considering they just have to enter their own password.

Grand Master

markwolfe Veteran

Posted
  • Veteran
Posted
I see Mr Linux hasn't responded.

To what? Your question for why running as root is bad?

Because anything you run (Windows/Linux/whatever) should only run with normal "user" permissions. You cannot damage the system that way (just your data). And, if in the course of your daily actions, you are suddenly prompted to elevate to Admin/root, that should set off warning bells. You see, malware or even silly user errors that would overwrite system files/settings won't happen automatically.

Grand Master

hdood

Posted
Posted
Because anything you run (Windows/Linux/whatever) should only run with normal "user" permissions. You cannot damage the system that way (just your data).

Right, the stability issue is valid to some extent, but from a security perspective it's much more complicated.

And, if in the course of your daily actions, you are suddenly prompted to elevate to Admin/root, that should set off warning bells. You see, malware [...]

The problem with this is that if you managed to run something malicious as a standard user, you could never trust any UAC requests after that point. Even ones you believe to be legitimate. It is not a matter of "suddenly" being prompted. Before you dismiss this as nonsense, know that it is a demonstrated attack vector. You have no way of knowing what you are elevating. You simply cannot make an informed decision. It may be useful in preventing self-inflicted damage or to protect you some of the time, but it is not a security barrier.

I personally do use AAM, but I do not live under the illusion that it keeps me safe (I'm not saying that you do). Only antivirus software and sensible use can do that. Spreading the idea that not being admin somehow makes you "safe" (the meaning of which I've yet to see defined) is dangerous.

Grand Master

Julius Caro

Posted
Posted
, but I do not live under the illusion that it keeps me safe (I'm not saying that you do). Only antivirus software and sensible use can do that. Spreading the idea that not being admin somehow makes you "safe" (the meaning of which I've yet to see defined) is dangerous.

Well, there must be a reason why most (if not all) operating systems make it kinda difficult to use the admin account. This discussion is very late 1990s. UAC, sudo, and whatever OS X uses, are not there to stop YOU from screwing up the system (though it comes handy for those who don't know what they're doing).. It is there to stop software doing more than it should be able to, intentionally or not.

Grand Master

markwolfe Veteran

Posted
  • Veteran
Posted
Right, the stability issue is valid to some extent, but from a security perspective it's much more complicated.

The problem with this is that if you managed to run something malicious as a standard user, you could never trust any UAC requests after that point. Even ones you believe to be legitimate. It is not a matter of "suddenly" being prompted. Before you dismiss this as nonsense, know that it is a demonstrated attack vector. You have no way of knowing what you are elevating. You simply cannot make an informed decision. It may be useful in preventing self-inflicted damage or to protect you some of the time, but it is not a security barrier.

I personally do use AAM, but I do not live under the illusion that it keeps me safe (I'm not saying that you do). Only antivirus software and sensible use can do that. Spreading the idea that not being admin somehow makes you "safe" (the meaning of which I've yet to see defined) is dangerous.

No single thing makes you "safe". I agree with you on that. But not running as root makes you "safer"! An accidental mis-drag of some files won't trash my /sbin (or your /Windows/system32 or whatever).

Nothing fixes a stupid user that elevates apps he doesn't know. Well, there is ONE thing that fixes that. Remove their ability to elevate, and have a separate person as admin. ;)

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Creative Sound Blaster AE-X PCIe review: your headphones will love it

      By Jaybonaut · Posted

      Nope. That lack of surround sound capability (analog) won't fly with me. Sure, I use headphones most of the time, but still.
    • Creative Sound Blaster AE-X PCIe review: your headphones will love it

      By Steven P. · Posted

      Creative Sound Blaster AE-X PCIe review: your headphones will love it by Steven Parker If you have been reading Neowin for any length of time, you may remember that I reviewed the Sound Blaster Audigy FX Pro back in April. I found it to be an excellent budget sound card, even though it lacked support for formats such as DTS over the included SPDIF port. Anyway, Creative reached out to me again asking if I was interested in reviewing the Sound Blaster AE-X. It is a card mainly targeted at headphone wearers, which I'll get into a bit later. Before we get underway, here is a disclaimer: Creative Labs provided a free sample without any review pre-approval. Here are the full specs of it: Creative Sound Blaster AE-X Dimensions: 179 x 126 x 18 mm Weight: 263g / 9.28 oz Platform: PCI-e DAC: ESS ES9039Q2M Connectivity Options Side: Rear: 1 x HD Audio Front Panel Connector, 1 x ⅛“ Headphone port, 1 x RCA Line-out (Left) port, 1 x RCA Line-out (Right) port, 1 x Coaxial SPDIF-out port, 1 x ⅛“ Mic in/Line-in port, 1 x TOSLINK SPDIF-in port Surround: No DNR / SNR: THD+N: 0.0001% Dynamic Range 130 dB Recording Resolution: PCM up to 32-bit / 192kHz (Stereo) Direct Mode: Line Out (Stereo): PCM up to 32-bit  384 kHz Coaxial SPDIF Out: PCM up to 24-bit 192.0 kHz Headphone Amp: PCM up to 32-bit / 384kHz (Stereo) Native DSD: DSD64, DSD128, DSD256 Output Impedance: 1Ω, Supported Headphone Impedance: 8–600Ω, IEM: 0.5Vrms, Low: 1.5Vrms, Mid: 3Vrms, High: 6Vrms, Maximum output power: 350mW @ 32Ω (High), Maximum output voltage: 6Vrms (High) Front Panel Headphone Amp: PCM up to 32-bit / 192kHz (Stereo) Native DSD: DSD64, DSD128 Output Impedance: 10Ω, Supported Headphone Impedance: 32–300Ω, Maximum output power: 40mW @ 32Ω, Maximum output voltage: 1.9Vrms ASIO: ASIO 2.3 Total Harmonic Distortion: THD+N: 0.0006% Dynamic Range: 114 dB Scout Mode: Yes EMI shielding: No (but it passed all the FCC emission tests) Operating temperature: 0–45°C Input Power: 12V⎓0.5A Warranty: 1 Year (MSRP) Price: $179.99 / £169.99 The Sound Blaster AE-X was announced at the end of May, and it becomes clear that it is mainly for headphone wearers. I should also note that the card does not support DDL/DTS encoding technology, but it is said to support decoding through the coaxial SPDIF port. I was able to test this working with the classic Windows Sound properties, but I could not get a DTS (decode) signal through my Logitech Z906, it defaulted to 3D sound whenever I played DTS content through Plex or Emby. In addition, this card only supports two channels (stereo) over the speakers. The surround support is limited to the Headphone Amp, so before I get underway, what we have here is a card mostly intended for headphone use, especially with its SPDIF In (Toslink) port where you could connect another device like a console. So what about the highlights of this card? The AE-X is powered by the ESS SABRE DAC (ES9039Q2M), which is capable of a 130 dB dynamic range. In addition, it supports 32-bit/384 kHz playback for deeper detail and clarity. The headphone amplifier delivers up to 350 mW @ 32Ω, which admittedly far surpasses standard onboard audio, offering support for studio-grade headphones. DSD256 and ASIO 2.3 are also supported. What doesn't it have? No support for What-U-Hear, Super X-Fi, or the SmartComms Kit No EMI shielding, but it passed all the FCC emission tests (from the FAQ) I also want to make it clear that I am no audiophile. For me, it's purely subjective and it should just "work" out of the box. First impressions As I said in the introduction, I was a bit sad to see that the AE-X only supports stereo output, meaning it would not be on par with my ALC1220 over my speakers, as I mentioned it seems like this card is marketed toward headphone users. Since I am not an avid gamer that would rule me out as a potential customer, but I can still test its capabilities! The card arrived in a nice-looking box, as shown above. It's quite a bit larger than the Audify FX Pro that I reviewed back in April, and at first I thought the covering meant that it was EMI shielded, but it isn't as mentioned above in the highlights section. What's in the box: 1 x Sound Blaster AE-X PCIe card 1 x 3.5 mm CTIA TRRS to Dual TRS Headset Splitter Cable 1 x Quick Start Guide Aside from the Quick Start Guide, which someone at my age (I guess) needs a magnifying glass to read thanks to the tiny fonts, Creative Labs also has the manual online, which first requires you to prove that you're human in order to access it (so I can't direct link it). Anyway, the box is mostly made up of cardboard, and the only plastic in it is the anti-static bag for the card itself. Design Top Bottom The card itself looks pretty cool and actually wouldn't look out of place in an all-white build. There's only one connector, and for some reason it is awkwardly placed on the side (front-facing) that is for the front panel audio connector, which will let you use the headphones through the front PC audio jack. Since the front panel Headphone Amp has fewer capabilities than the rear headphone port, I decided not to use it. Rear of card PCI-e interface The rear of the card is completely open and is normally where you would find the front panel connector. The PCIe interface side is completely covered, which initially made me think it was EMI shielded. I/O panel Side (front-facing) with Front panel connector On the outer rear bracket side we have the TOSLINK SPDIF in, Coaxial SPDIF out, RCA line out (Right), RCA line out (Left), Headphone out, and Mic/Line in ports. On the front facing portion of the card itself is the F-panel connector. Usage Test System Our test system consists of the following: AMD Ryzen 9 9950X3D Gigabyte X870E AORUS MASTER (BIOS F12) Corsair RM1000x (2024) Thermal Grizzly Kyronaut (33x33x0,2mm) 2x 32GB Kingston Fury Beast RGB DDR5 6000MT/s CL36-38-38-80 T-Force Z540 2TB (PCIe Gen5) NVIDIA GeForce RTX 5090 Founders Edition (NVIDIA) Creative Sound Blaster AE-X Windows 11 25H2 Pro I installed the card into the Gigabyte X870E AORUS MASTER which includes the RealTek ALC1220 onboard audio. For our subjective listening tests, I used the Coaxial SPDIF port to my Logitech Z906 speakers. For headphone tests I used the OneOdio Studio Max 2 Wireless DJ Headphones that I reviewed last month. After installing the audio driver, I installed Creative Nexus, which is a relatively new app designed for the latest Sound Blaster cards. Then I discovered the AE-X needed both a driver update from 1.00.15.0001 to 1.01.09.000 and a firmware update from 1.00.06.0000 to 1.00.06.0002, then I was set to go. It should be noted that the card did not work without the driver (not Plug and Play). As you can see above, you can manage the firmware, driver, and inputs via Advanced Settings on the Device tab. By default Nexus enabled "Direct Mode". Upon clicking on Acoustic Engine, the Equalizer can be enabled and set to four different presets, which are: Gaming Music Movies Footsteps Enhancer There's also a dedicated Scout Mode for gamers. I mainly used Tidal and Spotify in the past week to listen to some of my Liked Songs (which now total over 700) in Shuffle mode; there were no pops or interference that I could hear. I also found a 5.1 Surround Music playlist on Tidal that sounded really great over Studio Max 2 headphones. When I reviewed the Audigy FX Pro, I went out and purchased a Logitech Z906 set second-hand for €100 specifically to use with the card, but in this instance all I could get on the AE-X was the 3D output of surround sound through Coaxial SPDIF and although it still sounded great, it isn't quite as good as DTS Interactive via my onboard Realtek ALC1220. Conclusion So what have I learned? The AE-X lacks multi-channel support for 5.1/7.1 setups and drops support for modern surround technologies like Dolby or DTS, functioning strictly as a stereo output device. So to really benefit, you will need Studio-grade headphones to "hear" the benefits of this card. With that being said, I can imagine it will appeal to gamers who are switching between console and PC. By utilizing the SPDIF in port, you could just plug your headphones into the AE-X (front or rear port) and then switch between PC and Console without having to move the headphones to a different port. As I said in the Sound Blaster Audigy review, the EQ in the Creative Nexus app offers safe presets, which allows a user to further tweak the lows, mids, and highs for a personal listening experience. Of course it all depends on the headphones you hook up to it. Speaking of headphones, I kind of wish I had higher-quality Studio-grade headphones to really test this card with; I'm not usually wearing headphones in my day to day duties. The only time I will wear them is if I want to listen to music very late at night and I don't want to disturb my neighbors, so my rating (verdict) is based on this fact. Someone with a PC/Console setup and wears headphone religiously to game, and consume media will benefit much more than I from the high-quality Headphone Amps that are included in the AE-X. Once again, I do feel like Creative could have gone the extra mile to support the S/PDIF port a bit more. Why include it if you're not supporting the main popular digital formats? It seems like the decision was more of a legacy-based one, offering uncompressed 2-channel PCM audio, for users with high-fidelity audio systems and external DACs. Maybe I will be lucky enough to review a card that truly includes all these features in the future. I am sure readers with far more knowledge on audio systems than me will correct me in the comments below. I'll just say I am happy to learn what I don't know! Where to buy The Sound Blaster AE-X is available to purchase now in preorder for $179.99 on the U.S. Creative website, or for £169.99 on the Creative UK website and will start shipping to customers from June 25.
    • Poll: Grand Theft Auto VI price predictions, cast your vote

      By noobient · Posted

      $80 or 90%, anything else would be financial suicide one way or another.
    • Why you need to take back control of your synced passwords and how to go about doing that

      By noobient · Posted

      Or... just use Bitwarden. Free, and has on-prem option as well. Works both on desktop and mobile, wherever you are. The age of local password files is over.
    • Mp3tag 3.35

      By Jaybonaut · Posted

      Thanks

  • Recent Achievements

    • Week One Done
      Supreme Spray LV earned a badge
      Week One Done
    • One Month Later
      Genuinetonerink- Dubai earned a badge
      One Month Later
    • Week One Done
      Genuinetonerink- Dubai earned a badge
      Week One Done
    • One Year In
      hhgygy earned a badge
      One Year In
    • Week One Done
      AMV earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      513
    2. 2
      +Edouard
      164
    3. 3
      PsYcHoKiLLa
      88
    4. 4
      Steven P.
      74
    5. 5
      Michael Scrip
      73
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!