Are you still wasting lifetime by typing admin passwords all day? Picture very much related.
Separating privileges, i.e using a non-admin account and escalating only when needed, seems to be something everyone agrees on. I can roughly understand why it's important on every system : prevent an attacker from modifying the system and taking complete control of the machine, and on shared systems, prevent a user's mistake from propagating to the others.
However, on a personal computer, all the data I care about is in my user folder, which is accessible without admin rights by every program running on the computer. Basically, if a malware runs, I've lost, be it with admin rights or not. All the damage can be done without admin rights.
Tl;dr: For PCs, not using your root account will not increase your security.
If you assume typing that extra sudo + the password / each Windows password promt takes only 5 seconds and you need it just 10 times a day it already saves you over five hours per year.
And yet there are no arguments for it. Yes, when running as non root, malware has a harder time ONCE YOU ARE INFECTED. Even then, all of your private data will be accessible for the malware. It's just a logical fallacy. If you feel safe running as root, you have no user data.
Henry Foster
So what you're saying is you should separate out your personal information into different accounts and not run as root also?
Carter Jackson
>he doesn't run separate user accounts or VMs for sensitive services
Why exactly are you here?
Jordan Hughes
The high ledge which, when sitting on, make you priviledged.
Gabriel Price
Privilege separation is not to prevent a user in front of the computer from doing harm, they can already do that by removing the hard disk and putting it in another computer. Privilege separation keeps applications from doing harm or from being used by a remote user to do harm.
Also you do not have to use one account for all of your personal files and stuff. You can separate out your web browser into its own account with even fewer privileges. If you do very sensitive stuff like banking you could (or maybe should) get a dedicated machine to prevent any potential cross-contamination between the public web browser and your private stuff.
Jacob Campbell
Having multiple virtual accounts (hello Qubes) is a nice idea but eventually doesn't work. Apart from being impractical, there is no gain security or privacy wise. Financial, personal, work, there is no such strict compartmentalization in our individuality. Apart from that, horizontal privilege escalation is trivial
Zachary Myers
>it's too hard mummy wah wah wah
Security is a process and...
>no gain security or privacy wise
Oh wait you're just an idiot.
Jack Rogers
This is the most retarded thing I ever read in the last months. Tell me this is a troll
Alexander Sullivan
Ideally you'd have two completely separate machines.
Joseph Roberts
>there is no such strict compartmentalization in our individuality. Pretty sure people do not go around advertising their banking information and other highly private stuff in their daily lives. You partition that stuff off in your head and only divulge it to people that you believe should know it. Having a machine that can do that would be ideal but machines aren't perfect and flaws in them can be taken advantage of to break down the partitions.
Blake Cooper
or you can just logout from important services after you finish whatever you are doing
Tyler Wood
No, ideally, you stop using retarded harmful social media, saass, and nonfree software.
Adrian Barnes
You can lock/encrypt all of that if you want to.
Ryder Murphy
Yeah, it's pointless on Windows where the users and permissions system is fundamentally broken. Use a real OS.
Anthony Jones
>not even using different networks
Caleb Cruz
>Basically, if a malware runs, I've lost, be it with admin rights or not. But you said it yourself, half the point of having an admin password is to >prevent an attacker from modifying the system and taking complete control of the machine If you want to open that door for outside attackers simply because the door would do nothing if the attackers get in anyway, then go ahead. Its purpose is to stop it from getting to that point though.
Dylan Rodriguez
The issue is the public machine (computer 1) is exposed to many websites and any one of them could be compromised which could cause highly personal information to be leaked (or damaged). The second machine would ideally not be hooked up to the internet unless it was necessary. It might even be off and hidden in a safe place.
Levi Morales
>all the data I care about is in my user folder L2encrypt, retard.
Michael Flores
>always root >accidentally types rm -r /usr
Gabriel Brown
That's funny, from one of the more recent Bad Voltage episodes it sounded like he was going full tinfoil and turning into Stallman lite.
Logan Wright
Jokes on you op, I log out of everything whenever I close my tab. So your little bullshit image is quite pointless. Also forgot to mention my browser does not remember any password. After 10 mins of inactivity the screen locks. USBs are disconnected. Password ecrypted with Camellia 256. Have fun with my laptop.
Gabriel Gray
>not even shutting down and wiping RAM after 3 minutes of inactivity it's as if you want to get fucked, user
Andrew Evans
Huh, I wasn't supposed to use it? My sudoers file is set up so members of wheel can execute any command as superuser, without a password.
I see it more as protection from mistakes screwing up OS files. By having to consciously confirm every superuser action, you consent to being aware of the risks involved.
