Mark Jalbert wrote:
The advantage of running as a standard user is that the user's domain is restricted to their home folder ( and in OS X the Shared folder also). In other words, they a only write or modify files that they create.
They cannot modify the Operating System.
Once you allow a standard user to elevate their privilege to root or admin then it's game over, you have lost the advantage. The standard use can now modify files that aren't within their domain.
Correct. Can't modify Applications neither.
You might as way use an admin account for your daily use.
Your mistakenly assuming that all software, including malware is going to use a installer.
Sure if a user gives a installer their admin name and password it can do what it wants, malware also can install via flaws in browsers, plug-ins and so forth covertly.
If this malware has to request a Admin name and password to escape the Standard User/Shared privileges, that's going to send a red flag to the user.
OS X/Crisses does what limited it can if in Standard User and installs a root kit if in Admin User (how it does this is unknown) it's not trying to alert the user of it's presence.
Again the benefit of running as Standard is to keep that malware out of Admin priviledges and later root, thus a user who gets it can simply log into Admin and delete the infected Standard User account.
With 10.7 and 10.8 requiring a Internet resinstall, no more write protected OS disks and setting up the first user as Admin, Mac's can't be opened by the user, etc., is only going to cause Apple a great deal of future trouble with malware.
Mac malware of the future is going to brick the entire machine and I'll be laughing my arse off when 600,000 Mac's get bricked instead of simply infected like Flashback does.
The problem with Apple is they seem to think they can't do no wrong, that they have the very best minds and programmers.
They are relying too much upon BSD Unix and it's security, their small market share to protect them.
Apple is lazy on security because they keep changing the goddarn operating system every year with a rewrite, throwing all sorts of stupid gimmicks in.
When Apple issues a security update, sometimes it has over 80 or 90 fixes at a time, that's how crappy they do.