Proactive Security Tips

Living with reduced rights

I'd be remiss not to point you at the motherlode of information on running with reduced rights.

Running your internet-facing programs with reduced rights greatly enhances your security online. However, it can make it impossible to update, maintain or change the configuration of these programs. For that, you need to temporarily elevate their rights.

1. DropMyRights: You use special shortcuts for each internet-facing program in conjunction with DropMyRights to run them with reduced rights. First, close all the windows for the program you're working with. Then use the original shortcuts (you did save them didn't you?) to run those programs with original rights. When you're finished, close all the windows for that program again, and restart it with the DropMyRights shortcuts.
2. DefenseWall HIPS: First, close all the windows for the program you're working with. Then open the DefenseWall HIPS adminsitrative interface and go to the "Untrusted applications" tab. Select the line for program you're working with by clicking. Then click the "Run as trusted" button When you're finished, close all the windows for that program again, and simply restart it.
3. Online Armor Personal Firewall: See next section.

Tips on Working with Online Armor

1. Internet-facing programs: Programs that will access the Internet, particularly those that access content of some kind: Browsers, email clients, media players like Windows Media Player and Apple Quicktime, Adobe Reader, Microsoft Office, etc. All of these, and programs like them, can be used as an attack gateway.
2. Changing programs to "Safer" mode: Online Armor automatically places many internet-facing programs in Safer mode. If you want to put one there yourself, here's how:
   • Open the "Configuration" window for Online Armor.
   • (Make sure "Hide Trusted" is not checked.)
   • Select the "Programs" tab
   • Right-click the line for the program you're working with
   • Select "Advanced options"
   • Check the "Run Safer" option and then click "OK"
3. Elevating rights: Sometimes it's necessary to temporarily elevate a program's rights. For example, you can change email account details in Thunderbird when it is running in "Safer" mode but they won't "take". You must close Thunderbird, restart it in "Normal" mode, make the changes, and then restart it to return to Safer mode. Here's how to start in "Normal" mode:
   • Close all the windows for the program you're working with.
   • Open the "Programs" section in the "Configuration" window of Online Armor (from the Tray area of your Taskbar).
   • Right-click the program whose rights you want to temporarily elevate.
   • Select "Open normal", and it will open in "Normal" (full rights) mode.
   • When you're finished, close all the windows for that program again, and restart it.
4. When things go wrong: Online Armor does have a friendly side. Go to the line for the program (or the Firewall rule) you're having trouble with. Right-click it and select "Delete". The next time you use the program Online Armor will ask you what you want to do. When you answer the entry that you deleted is regenerated in correct form.
5. When things go horribly wrong: Put Online Armor in "Learning Mode". Restart your computer. Repeat what you were doing when you ran into the impasse. Online Armor should fix things. An example is connecting your computer to a router or different Internet connection. Online will generate the necessary new firewall rule if you follow this process.
   
   Finally, don't forget to take Online Armor out of Learning Mode (you'll need to restart your computer too).
6. Michael Horowitz has written up his initial experiences in using Online Armor. They may help you decide whether you want to try Online Armor, and if you do, how to cope with the rough edges. ;-)