[geeks] filtering out web base trojan?

Nadine Miller velociraptor at gmail.com
Wed Mar 19 18:08:14 CDT 2008 

Micah R Ledbetter wrote:
> Phil Stracchino wrote:
> 
>> And made worse by the fact thatn in nine out of ten cases, the game 
>> doesn't NEED administrator privileges; it's just that the company that 
>> produced the game was lazy.  This is very common with educational 
>> games - often, not only do they require administrator privilege to 
>> install, but your kids can't even save games unless you give them 
>> write privileges to the game install folder because the game designer 
>> was just too bloody lazy to have the game save in a user-owned folder.
> 
> A lot of times, it also/instead has to do with the bullshit copy 
> protection that comes with your game as a free upgrade :). I seem to 
> recall something about a copy control scheme requiring direct hardware 
> access to get raw reads from the cd drive (or something), which 
> (apparently) needs Administrator access under Windows XP.

Yes, I believe that's SecRom and StarForce, and maybe SafeDisc.

Here's a couple of slashdot notes that might help, Geoff.

<http://games.slashdot.org/article.pl?sid=03/12/18/0146235>
--
secondary logon service (Score:5, Informative)
by happylight (600739) on Thursday December 18 2003, @05:57AM (#7752508)
Use the secondary logon service. Right click on the game program 
short-cut, select properties, under the "Shortcut" tab click on 
advanced, then check the box that says "run with different credentials".

It'll prompt you for the administrator password when you run it.

Re:secondary logon service (Score:5, Informative)
by SurgeryByNumbers (726928) on Thursday December 18 2003, @12:53PM 
(#7755161)
Let me give you some more details on WinXP that will let you work around 
having your kids login as admin.

1) Download (TweakUI) Powertools for WinXP from the Microsoft website.
2) Create an admin login with the rights required to play the game, and 
use TweakUI to disable that account. No one will be able to actually 
login as that account.
3) Set up the game to "run with different credentials," as outlinded above.

Regmon + Filemon (Score:5, Informative)
by EddWo (180780) <eddwo.hotpop at com> on Thursday December 18 2003, 
@06:10AM (#7752527)
Use Regmon and Filemon from sysinternals.com to discover which 
files/keys the program is trying to modify and is failing on. Then 
adjust the ACLs on those files/keys so that the Gamers group has write 
access.

One of the conditions for obtaining the "Designed for Windows XP" Logo 
is that the program must be capable of being run under a Limited user 
account. If MS's own software isn't capable of this then you ought to 
report it to them as a bug.

The situation with XP home which only has "Limited" and "Administrator" 
account types really does not help people adopt more secure working 
practices.

The situation ought to improve in future but at the moment it does not 
seem to be something that most developers test against.
--

I haven't had to do any of this myself, as I'm the only one that fiddles 
with my PC.  This kind of stuff certainly explains the popularity of 
imaging play CDs and the use of no-CD cracks, though.

=Nadine=

More information about the geeks mailing list