My cousin asked me to set up a computer for his mother. One specific request was to make it a little more difficult for her to install malware inadvertently. No problem, I set up the new computer with a “user” account and an “administrator” account. I finished it a week or two ago and my cousin came over this weekend to pick it up. I showed him that everything was working but I noticed something a little strange: no Windows updates.

Windows updates are like the tides: regular and (seemingly) daily. After the computer had been unplugged and sitting in a box for over a week, I was sure there were updates that it was supposed to be automatically applying. I logged in as administrator and sure enough, there were some critical updates waiting. At least I knew the machine was connecting properly and checking for updates! I did not install them, but instead switched back over to the user account and went to the Windows update website. I got a message in bold red text saying that I had to be logged in as administrator to update the machine.

The next few minutes of time are lost in my memory. In all the years I've been using Windows, I have never had an account that was set up as user! You only have two options: user or administrator (three if you count “guest”). A user cannot install software or update the system. Do you see a flaw here? Most people who use computers like to install software and update their systems. This is especially true for people using a popular system that is the favorite target of attackers, but users can't do either of those things if they are logged in as a “user.” What's more, the system doesn't even notify the user that there are updates waiting!

(Some further checking revealed that my guesses were not quite accurate. IF you set up automatic update FROM the administrator account AND the system is running at the TIME SPECIFIED to check for updates, THEN it can download CRITICAL updates while logged in as a user.)

That is why Windows “users” are almost always “administrators.” Any malware accidentally opened, any buggy code that makes possible an exploit, any crack in the system results in hostile software running with administrator access. In retrospect, this is why I've spent days or weeks helping family and friends remove malware from their machines.

How is Linux (Ubuntu in particular) different? Linux has a much broader definition of what a user can do. A user can install all kinds of software, but only to their own account. Much like Windows, a user cannot modify the system files at all as only an administrator can do that. The difference is that while I'm logged on with user privileges, I can check for updates or get notifications. If there are system updates, a separate process is launched which explicitly requires the root password. ("root" is the standard *nix administrator login.) That single process runs with extra privileges and those privileges cease as soon as the process stops. I can log in as root, but I have never needed to.

In this regard, switching from Windows to Linux is like removing a hairshirt I never knew I had.