(the other guy in this thread is usually me)
Not sure what hidden system accounts those might be.
I'm not in front of an XP box right now, but they are visible
(assuming you have Windows Explorer in "don't hide things" mode, which
IMO is a must) in "C:\Documents and Settings" and as entries in HKU.
Names like "Network", "Local System" etc. come to mind.
The "super" admin account is the built-in local administrator. I certainly
haven't heard of any way to escalate to that account.
Is it running at runtime?
Frankly, I think your fears are misplaced. The user with the weak password
is the easiest account to attack over the wire.
In what contexts is a password the only thing standing between the
Internet and the PC? As I have no desire to let the Internet do
ANYTHING on the PC, I'd prefer to rip out those functionalities by the
roots than have to rely on password "protection".
Killing off admin shares is a part of that quest.
And if that user is a member of the administrators group . . . One admin
is really as powerful as another
Er, not really - the "super" admin you refer to has longer arms
who cares *which* admin the attacker becomes?
We're losing focus a bit here (as this is beyond c$ etc.) but OK;
let's deal with this matter of "why be admin?" and "why avoid multiple
user accounts?". MS seems genuinely surprised some users are taking
to these brave new features like rats to cats (i.e. running away)
There are three big reasons why I avoid multiple user accounts, and
why the accounts I use are always Admin:
1) Loss of settings back to MS defaults
This, for me, kills non-Admin user accounts stone dead, rendering them
unfit for use. When I created an account, set it up, and then dropped
it to User in XP Home, it fell back to "hide file name extensions",
"hide files", "don't show full paths" and a host of cosmetically
annoying junk. That's trading one risk for another - how can one
practice "safe hex" if you can't evaluate risk, or manage files if
half of what you are looking for is hidden from you?
2) Inability to pre-set settings in account prototype
Every new account starts with MS duhfaults such as those objected to
above, but also the IMO hopeless standard shell folder locations.
Hopeless? Well, yes, if one is trying to run a more clueful model:
- locate data and bloat off C:
- keep data set on D:, and clean and lean for auto-backup
- locate bloated Music and Pictures on E:, out of data set
- locate incoming risky junk OUT OF DATA SET !!
Every newly created account locates data on C:, where it's subject to
C:'s engine-room write traffic and thus risks of corruption. It nests
bloated Music and Pictures and risky "My Recieved Files" within the
data set, making it too big to auto-backup and too risky to blindly
restore after a (malware payload?) disaster. Plus, each account
wastes an absurd amount of space on web cache that is repeated for
each account - bloats and fragments what should be a lean and fast C:
3) Tedium of applying settings across multiple accounts
Every malware strike requires one to tour the startup axis and check
risk settings that may have been reduced ("broken fences"). There's
no view that allows these to be displayed for all accounts, or allows
them to be set across all accounts, and if the tech doesn't have the
account pwd, that account can't be fixed and remains a risk. Same
applies to baseline risk management you'd like to apply pre-infection,
e.g. NoDriveAutoRun = 9D 00 00 00
So I'd rather have one properly set up and fully functional account
than the sort of mess that ensues when users spawn new accounts every
time someone wants a different wallpaper.
We can chat about pwds as substitute for lockdown later
-- Risk Management is the clue that asks:
"Why do I keep open buckets of petrol next to all the
ashtrays in the lounge, when I don't even have a car?"
