The root of the problem here is that 1. A lot (most) people do not have any security enabled on their PCs (logged in as admin at all times) 2. Majority of software installs require admin privileges by default.
Of course, the guilty party here is the software developers that are unwilling to do anything about the status quo. Also the vendors, Microsofts, Apples and Redhats.
These days it is getting even more common and acceptable to install binary packages on a system as root and often in unattended manner (OS and package "updates", pray-and-run RPM installs, etc).
More so, there used to be some hope in this area by Apple, where you would just copy an app to install, w/o being an admin. Now even Apple is moving to store apps where every install seems to want an admin.
Linux and Windows people have been always lost in that regard: MSI and RPM/whatnot have always been unquestioned standard (Linux people, however, have a choice to not install software as root and build it locally when necessary).
Until this (admin installs) changes, we are going to have to deal with malware. Fixing this would not solve all the issues, but would help a lot.
In the meantime, enjoy your PC owned by some teenagers overseas.
> Until this (admin installs) changes, we are going to have to deal with malware. Fixing this would not solve all the issues, but would help a lot.
This is a hopelessly misguided argument. Could you maybe explain your reasoning a bit?
The argument for requiring admin rights to install is that the binaries are not user infectable. Now whether or not this leads to other problems is a different matter, but I don't see how making binaries user writeable on a box which receives automatic updates is going to make everything more secure...
The reasoning is simple: if no random third parties ever get full control of your machine, than most likely the OS is going to stay intact (with the exception of possible local privilege escalation exploits).
If the OS is intact, the job of checking whether a user environment is compromised is easy and actually doable (as opposed to the case of trying to find malware on a compromised OS).
If, in addition, a user account has limited privileges (which it should of course), then even when compromised the chances of malware being able to do a lot are a lot less. For instance, turning off a webcam light being a root is probably easy, otherwise probably not. Setting up a server, listening for incoming connections and punching a hole in local firewall as root is available, but as a regular user is not.
Stop giving admin rights to your computer to random people (install software as an admin) and live much happier. As an additional benefit, there's never a situation 'I installed this and now computer is messed up, because Joe-the-dev ran "rm -f " with a wrong path as a parameter'.
I don't agree at all: I think that apps should be installed as admin and auto-updated. I don't follow any of your arguments that installing things as non-admin are more secure.
It's more secure because you don't have to delegate admin access to random people to install the software. Any of these "RAT kits", I guarantee you, requires admin access to the system at one point or another, be it during the install, by explicitly asking for admin password, or implicitly by using the fact that most users are logged in as admin.
Of course, the guilty party here is the software developers that are unwilling to do anything about the status quo. Also the vendors, Microsofts, Apples and Redhats.
These days it is getting even more common and acceptable to install binary packages on a system as root and often in unattended manner (OS and package "updates", pray-and-run RPM installs, etc).
More so, there used to be some hope in this area by Apple, where you would just copy an app to install, w/o being an admin. Now even Apple is moving to store apps where every install seems to want an admin.
Linux and Windows people have been always lost in that regard: MSI and RPM/whatnot have always been unquestioned standard (Linux people, however, have a choice to not install software as root and build it locally when necessary).
Until this (admin installs) changes, we are going to have to deal with malware. Fixing this would not solve all the issues, but would help a lot.
In the meantime, enjoy your PC owned by some teenagers overseas.