I was reminded by a comment left this week about a practice that can help keep you safe on the internet. I have been using this for quite some time and operating systems are pushing users toward this. It is the practice of not running as an administrator, or “root” from the UNIX/Linux world.
This helps you, to put it simply, by not allowing arbitrary code to run or install on your computer. Windows started pushing this with Vista where if you try to install or run a new program, or one that is not digitally “signed”, you will be prompted with a warning that this could be harmful and do you want to proceed. If you are running as an admin it is easy enough to click “yes” and not think too much of it. However, if you are running as a standard user you will have to type an admin password to continue.
This is great protection compared to the old paradigm where you could click on a bad link, or even just visit a infected website and code would start running in the background on your system without you ever knowing you were bitten.
Newer versions of Linux, Ubuntu at least from my experience, default you to a lower privilege status forcing users to use the “sudo” function to run programs as root.
In Windows you can manage user accounts from the control panel which you access from the start button (at least until Windows 8). From here I would recommend creating a special “admin” account and giving it admin privileges and a good password. Then edit your user account to a standard user (still using a good password). You can still run programs as an admin by right clicking on a program and choosing “run as administrator”. This option only appears on programs where the functionality is needed.