Why can't I open the temporary internet files folder under users , carl ,
local , temporary internet files.
What is so security risking about that folder.
Well, it's a #1 entry point for malware, asd it's the easiest point of
entry. I'd want that locked down, wouldn't you?
There are lots of folders under local that have the shortcut arrow that are
not accesable,such as the documents folder.picture,music,video folders.Why
is that?they are my personal folders,why can't I get into them?
Those are hidden to avoid confusion. I also unhide everything, but
that meant I had to learn not to be confused
Those legacy paths are junctions to the new locations. Programs can
traverse them automatically, whereas the shell won't let you do so - I
suspect to avoid problems that would arise if you (or code operating
as "you") could reach the same place via both paths, and be unaware
that it was operating in the same place.
Consider logic like "Copy from A to B, if exists on B, delete old copy
on A" when the code isn't aware that A = B.
Just don't see all this security stuff. It is my computer,my instalation of
windows, if I want to destroy it ,that is my perogative I would think.
That's always been my perspective, and still is.
Once upon a time, NT was for professionally-administered corporate use
only. Everyone using it would be doing so on company time, subject to
policy restrictions. You'd have rights to do only what you needed to
do, and you'd log on to prove your identity, and off you'd go.
Most of XP's security is still based on this model, which is wildly
inappropriate when you use the OS in consumerland.
As a "free" user, I might have an accounting app open that should not
be 'net-accessible but should access my sensitive data, while I surf
the web using a browser that allows sites to drop and automate "rich
content" that shouldn't reach my data, and play a game that needs
access to neither my data nor the Internet.
So already, the same user is doing different things at the same time
that really should have different restrictions. Then I start clicking
on emaul attackments from "someone I know", or the system gets spoofed
by creatively-malformed content that gets to run as raw code.
Either way, the result is the same; code gets to run that shouldn't,
and it automatically gets all rights that I've been assigned as the
logged-in user. I don't want to cower in a "panic room" while this
stealthy malicious code stomps all over the house!
So, what to do? Well, treat all code as suspect, unless you know it
isn't. If something happens that affects the PC beyond my user
account, then UAC pops up. When that happens straight after I
initiate a Format (say), I'm annoyed. When I get an unexpected
"Format?" pop-up just after I view an email "message text", then I'm
very glad to have the opportunity to Just Say No.
UAC's a great learning tool; one learns how do do things with a
minimum of risk exposure. The tools you trust, you can set to run as
Admin via the shortcut you use interactively, while hopefully not
assigning the same rights when the same code is automated, etc.
--------------- ---- --- -- - - - -
Saws are too hard to use.
Be easier to use!
