|
Well, I think this picture sums up a lot of thoughts on this subject: https://xkcd.com/1200/ In a nutshell, your user account has all your data, all your session cookies, all your logins and passwords, all your documents.... Everything. And what can root/Administrator do? That's right, play with device drivers and systems stuffs. Once you have the primary user's account, unless it's a multiuser system, it's game over. Just with user creds, I can start encrypting files to #evil_private_key , emailing browser data, keylogging, screencapping, data injection, and being a general nuisance. The only good defense I've seen to this is what Qubes incorporates: Zones. It's virtual machines, with unique unspoofable borders, that you can configure to only allow the minimum amount of permission the container needs. Bank Zone only needs to talk to bank and financial websites. It doesn't need sound, or direct graphics access. Tor Zone allows talking through TCP on specified ports to and from, to allow Tor across system. In that case, yes a specific system could be compromised, but using containers like that keeps damage limited. |
UAC is particularly bad in that it also produces problems with older applications and causes other applications to pop up UAC dialogs frequently. It's a huge annoyance with little security impact.
At worst it may make malware harder to remove if I do get infected - but in my experience, 99% of the malware you find kicking around on the internet isn't rootkit loaded 0 days - it's script kiddies crapping out iStealer to dump browser passwords or darkcomet to run DDoS botnets.