nonadmin – Home

It appears that we do not have to wait for Longhorn for LUA (Least-privileged User Account) in Windows. LUA is an accepted security practice to manage vulnerabilities. Microsoft has created a wiki to get the word out…nonadmin – Home This is a very effective method to manage vulnerabilites.

My main concern is with the vulnerabilities caused by Rockwell SCADA software. You cannot run Rockwell software without having administrative privileges on that system. Because of this the PC is vulnerable to many of the malicious and spyware threats. From what I’ve seen so far nonadmin – Home doesn’t have a solution for dealing with Rockwell’s problem.

A different process may be required. Though the process could be tedious it should be possible to run Rockwell software on a lab PC and map the specific PC resources required by the Rockwell software. The permissions on just those resources could be enabled for a less than Administrative account. Two big issues are that each Rockwell software application will likely require separate mappings. And each new version could change the requirements as well.

Why is this important? Remember the power blackout affecting the northeast a couple years ago? They have pretty much admitted that the SCADA software designed to contain the original problem did not. Now consider the timing…the MyDoom virus was at its peak. MyDoom spread to vulnerable PCs without any human action. Once infected the virus consumed most of the PC’s resources…in other words any applications running on the infected PC would be slowed down to a crawl. If that SCADA software on that PC should have thrown a switch to contain a problem, that action would be delayed. I should say that this is my opinion of what may have happened.