Using user account with admin privileges.

Discussion in 'Mac OS X Lion (10.7)' started by Cattywampus_, Jun 22, 2012.

  1. Cattywampus_ macrumors 6502a

    Joined:
    Apr 19, 2006
    #1
    Hi,

    I recently had my Gmail account 'hacked' by some knob in Mexico. Since then I have been on a bit of a paranoia streak bout keeping secure.

    One thing I have wondered about with the coming of the viruses for OSX such as flash back is; is it safe to always be logged in on an account with Admin privs?

    I have always run it like this - but I read somewhere that it can be detrimental, security wise. Is this correct?

    I also read that if running as Admin, programs like Little Snitch can actually still let traffic through under certain circumstances?

    Advice welcome.

    Thanks
     
  2. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #2
    There is no disadvantage to running an Admin account, as long as you exercise reasonable care. Flashback was a trojan, not a virus.

    Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.
    1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall

    2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General

    3. Disable Java in your browser (Safari, Chrome, Firefox). This will protect you from malware that exploits Java in your browser, including the recent Flashback trojan. Leave Java disabled until you visit a trusted site that requires it, then re-enable only for the duration of your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)

    4. Change your DNS servers to OpenDNS servers by reading this.

    5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.

    6. Never let someone else have access to install anything on your Mac.

    7. Don't open files that you receive from unknown or untrusted sources.

    8. For added security, make sure all network, email, financial and other important passwords are long and complex, including upper and lower case letters, numbers and special characters.

    9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.
    That's all you need to do to keep your Mac completely free of any Mac OS X malware that has ever been released into the wild. You don't need any 3rd party software to keep your Mac secure.
     
  3. robgendreau macrumors 68030

    Joined:
    Jul 13, 2008
    #3
    I asked essentially the same question recently. The consensus was that it's OK to run as admin (note: not root). On Macs you need to authenticate to change much of anything even when running as admin, so you're unlikely to have problems. And even then your Google accounts could be compromised no matter how you're logged into your machine.

    Lots of stuff accesses your Mac behind the scenes for lots of reasons. Again it's unlikely any of that is malicious, unless you're installed some truly disreputable software.
     

Share This Page