Anyone who works in an office where there is a computing network will know that it is impossible to install software on the computers there, not just because it is against company policy but because the computers themselves won’t allow staff to. The same is true for those using a PC in such locations as a public library. This is because software installation rights are restricted to the computer administrator who accepts the responsibility for the system. Although many do not realise it, Windows XP and Vista both offer the same facility, and if computer owners want to keep unwanted and potentially dangerous software off their machines (such as the Platte software that is the current subject of so much debate) they should avail themselves of the facility. And each user of the PC should have their own account; if there is a problem it makes it far easier to determine who was responsible. I’m giving specific instructions on how to do this at the end of the post.
Nobody (not even the administrator) should be routinely browsing the internet through the administrator’s account, so owners will need to set up a second account for themselves (this is advice from Microsoft, not just me). It is very important that the administrator account is protected with a safe password that is never shared with other users of the PC under any circumstances. It takes two people to put Platte or similar software on a computer; the person who carries out the install and the owner who has been foolish enough to let them do it.You should not rely on any antivirus package to protect you either; they can do no more than flag up a warning against a deliberate installation of software by a determined user with administrator privileges.
Children often represent the biggest problem, not least because they often know far more about computers than their parents.But this is all the more reason to stop them having any access to an administrator account. Children's approach to the home computer is simple - they’ll download anything they like without any regard to the consequences of doing so, whether it’s screwing up the computer or seriously compromising the security of the information stored on it. The parents job is to pick up the bills and little more. Sound familiar? Nor should parents underestimate the likelihood that their children will seek a site such as getfilmsnow out, not because they want to watch a tired old Popeye cartoon but quite specifically because they want to watch material with a sexual content.Boys are genetically programmed to have an interest in such matters, and links to such sites will be circulating among them by email, creating peer pressure to view such material even when the child doesn’t particularly want to. In my youth it was ‘Health & Efficiency’, a publication which appears laughably innocent in this day and age. But of course even without downloaded software there is a lot of sexual content that can be viewed on the internet. While you can limit a young child’s exposure to such material by adjusting the settings for the browser, the most effective way to keep an eye on what the child is viewing without intruding too much is to keep the computer in the regular family room, not tucked away in an office.This can be inconvenient for the adults, but it does enable them to exercise reasonable control over the computer's use. I'm afraid that it is simply not possible to protect a child from the irresponsibility of their parents. You wouldn’t give them unrestricted use of your car, would you?
There are other sources of information on how to manage your computer, not least of which is Google. If you’ve got a problem, someone else will have had the same and there’ll always be plenty of helpful advice. If you’re asked to install software make sure that it’s you who does the download after googling the software you plan to install (since that will flag up any obvious concerns). If a few more people had googled ‘Platte Media’ before installing it there’d be a lot less grief right now. Do check any small print in licence agreements even when they’re written in difficult to follow legalese. If in any doubt, don’t put it on. Very little software is really needed on a computer beyond an office suite and an antivirus package other than the supplied software for your other hardware, printer, camera, scanner iPod and the like. The less software you load on a computer, the less likely it is to go wrong.
The children will moan of course, starting with ‘none of my friends parents...’ (you should just tell them to go and install their software on their friends computers in that case). Don’t give in, not even once. Because once you do you’re on a slippery slope and soon you’ll find yourself right back where you started. The ubiquity of the games console means that it is not even necessary to install games any more and it’s best not to. At least then you’ll no longer have to endure your child playing ‘Rape and Pillage III’ while you’re trying to get on to do your online banking.
Sooner or later you’ll no doubt feel your child is responsible enough to have administration rights. But he should be administrating his own computer, not yours, and accepting the full financial responsibility for doing so – repairs, upgrades, and all the bills that arise from injudiciously downloaded software. If he wants to let passing pornographers access his computer that’s up to him, at least they won’t be accessing yours. Nor do PCs require regular replacement. Mine has lasted 10 years and it is quite reasonable to expect the same of his. If he wants to replace it, let him shell out for the privilege.
So, how do you set up an administrator account? I’m going to give you detailed illustrated instructions here. Take your time, don’t allow any distractions, and read the instructions through carefully to make sure you understand them before you start. You will want to use your existing account as your day-to-day account since it has all your passwords and personal settings, so I am going to call the new account ‘PC Administrator’ – you can’t just call the account ‘Administrator’ since Windows already has a hidden account of that name. These instructions presume that your existing account is set as an administrator account already; if not you will need to log in to one that is. You should note that I will shortly be putting up full instructions for removing all the files left behind by Platte's uninstaller, and these will be written on the assumption that you have followed the advice in this post. So here we go...
1. Open the control panel (click start, 'Control Panel' is in the right-hand column):
Where it invites you to pick a category, select 'User Accounts':
Click on 'Create a new account':
And insert the name for your new account (I've called it 'PC Administrator':
Now you are asked to pick an account type, you should pick 'Computer administrator', before clicking 'Create account':
Now you can set the password. Click on the new account:
From the list of options, select 'Create a password':
Now you have to choose a password. It should not be one you use elsewhere, nor one that will be easily guessed. I've used the registration number of my parents' first car, and put up 'Austin 7' as a clue. Then click on 'Create Password':
If the other users do not already have separate accounts, you should create new ones for them now, repeating the sequence above, but setting the accounts as 'limited', not 'computer administrator'. Now you can log off, before logging in to your new account:
This will take some time to set itself up, but once it has, exactly as before, open the control panel. Now select your original account:
And select 'Change the account type' from the list:
Select 'Limited' and then click on 'Change account type'
Now you repeat that, changing all the original accounts on the computer bar the 'PC Administrator' account to 'Limited' accounts. If you take the time to do this, and keep your password secret, other users will not be able to install any software that poses any risk to the computer.
It's best to insist that all the accounts use passwords (these are set up in User Accounts via the control panel) but each user can set their own. By default, Windows leaves the Guest account turned off, and it is best to leave it that way, unless you want to run the risk of visitors having (limited) unauthorised access. You can set up a separate limited account called 'Visitor' that has its own password for people to whom you allow occasional access.
No computer is impregnable, but these precautions minimise the risk of uninvited software being installed. Owners who prefer not to take them should be prepared to shoulder some responsibility for the consequences of that decision.
Sunday, 20 July 2008
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment