How to Crash Your PC – Part 1
Posted by jon in Windows, tags: 2000, habit, maintenance, Vista, XP
I often get asked how to keep PCs running. It’s shortly after I give the list of things I do, that I get the I-have-no-idea-how-to-do-that stare. I decided it’s probably easier to tell people how to break their PC and hope they see a habit they should break instead.
RUN AS AN ADMINISTRATOR
Back in the days of DOS (and up to Windows ME), if you used the Windows operating system, you ran with administrative privileges. Since the advent of Windows 2000, users have been given the choice to run their PCs with limited user accounts that are not allowed to change system files.
However, the average user today still performs his or her daily activity using an account with administrative privileges. This is the single biggest mistake people make using PCs today.
“So what. What’s the real danger?” you say.
Lets start with simple facts. (1.) A limited user account is exactly what it says it is – an account with no rights to change critical system files. This means that a limited user can’t change or delete files that would cause the PC to crash or otherwise become unusable. (2.) An administrative account can change system files, basically doing anything they want to do, including deleting or changing files that could cause the PC to become unstable. (3.) Any website you visit, any program you run, any file you open at all – has the same rights as you do.
“But, I don’t go to websites that would harm me and I’m not going to download anything harmful to my PC,” you say.
Wrong. According to Google, 1 in every 1000 websites is infected with malicious software. These aren’t sleazy websites either:
In the past year the Web sites of Al Gore’s “An Inconvenient Truth” movie and the Miami Dolphins were hacked, and the MySpace profile of Alicia Keys was used to attack visitors.
The point is that the web isn’t safe and that cute little game you just downloaded is possibly feeding your credit card numbers to the web right now. I’m not trying to be dramatic, I’m trying to wake you up.
So what can you do? First, make the decision to commit to a process to keep you and your PC safe. If you won’t do that, nothing I say here will make a difference. Second, create a single administrative account with a password (accounts without passwords might as well be open doors, anyone can walk through), call it something that designates the impotance, such as Installer or Admin. Third, login with the administrative account and change the account type of all other accounts to limited. Fourth, only login to the administrative account to install software, updates or perform other administrative tasks (defragment, spyware scans, etc.). Finally, never, I mean NEVER, surf the Internet, read mail or do any daily work in the administrative account.
I can hear the whining already, “but, now I have to do a whole bunch of logging off/logging on just to install software.” Yes, you do and that’s part of the point, to make it more difficult for software to be changed on your PC. Remember, if you can’t do it on your account, neither can viruses, spyware and adware.
Lastly, this is not the end of the process. Simply changing account types won’t prevent a malicious website from putting something on your PC. Your user account can still be infected, but at least this way your PC will most likely be safe, and you have an administrative account to help clean it out if necessary.
Entries (RSS)