Alter Ego - an alternate way for safer networking

[PepiMK]

The Problem: software run by an admin account can do anything to the system (Vista at least has UAC there).

The Solution: use a standard user account for daily work, and reserve the admin account for your rare administrative tasks.

The Alternate Solution: knowing that you would just nod your head and yet ignore it if we recommend that non-admin account, we turned a hidden feature of Windows around. Windows allows you to run single applications under a different user account. Usually, we would recommend to use that to run admin applications from a restricted user account, but since we mentioned we've 'given up' asking you to change to that, we've decided to help you using the most endangered types of applications (browsers, email apps, IM apps, multimedia apps) through a restricted user accout instead.

The Implementation: close your applications, run the Alter Ego wizard, click Next three times, click Exit. That's it, unless you want to fine-tune things. Run your applications as usual (shortcuts will have been replaced), your settings have been taken over to the alternate account, you won't notice a difference. Well, except that you won't be able to save your downloads in C:\Windows\, because your Alter Ego is not allowed to do so. But neither could malware install there.

Click here for an animated demonstration

List of supported browsers

• Microsoft Internet Explorer
• Mozilla Firefox
• Mozilla SeaMonkey
• mozilla-based Beonex
• mozilla-based K-Meleon
• mozilla-based Lolifox
• mozilla-based Netscape Navigator
• mozilla-based Wyzo
• Opera
• Apple Safari

List of supported email clients

• Eudora
• Microsoft Outlook Express
• Mozilla Thunderbird
• Mulberry
• PostMe
• SpiceBird (next release)
• Sylpheed
• The Bat!
• Windows Live Mail

List of supported instant messengers

• AIM 6.5
• Digsby
• Gadu-Gadu
• GMX MultiMessenger
• GoogleTalk
• ICQ 6
• Miranda
• NateOn (next release)
• Pidgin
• QQ 2003 SA
• QQ 2005 English
• QQ 2007
• Skype
• Tlen.pl
• Trillian
• VoipBuster
• VoipStunt
• Web.de MultiMessenger
• Windows Live Messenger
• Yahoo! Messenger 8.1

List of supported multimedia players

• Windows Media Player
• Apple QuickTime
• DivX Player
• Foobar 2000
• Light Alloy
• Qtrax
• QuintEssential Player
• RealPlayer
• Songbird
• VideoLAN Client
• WinAmp
• Zoom Player

Due to different users having their own profiles and therefore their own settings, most applications will get their settings for the current user copied over to the impersonated alter ego. This means that if you run your application under both accounts, they might run out of sync. There's no need to run these non-impersonated originals though, just keep that in mind, since this will be a beta release first of course

If you want unlisted applications added, please provide details. The code is quite modular, new apps can usually be added with a bit of testing (to see where software installs, what data files it uses, etc.) and less than a dozen lines of code.

Oh, wait, I've nearly forgotten one thing: the download. Will be here soon, just need to package the whole thing into an installer...

[PepiMK]

Ok, here's the missing download link: click for alterego.zip

No installer so far, since this is, well, such a simple application that there just isn't anything to be installed currently
An installer might make sense if it calls an undo function. But I'll wait for feedback for now

[nagan]

It would be just inappropriate to ask as you already have given an information.But still how do I revert to old settings incase.........

[nOInfectIOn]

@PepiMK
(Stelle es mal hier rein)

- Sehr verwirrend für reine User.
- Was ist z.B. mit den downloads? Habe mit dem "Internet (direct)" zwar ein Herunterladen hinbekommen -vorher mit dem eingeschränkten Opera ließ sich die Datei nicht speichern- aber die exe-Datei ließ sich wegen mangelnder Rechte nicht öffnen.
- Opera nervt bei jedem Öffnen und Schließen wegen des nicht eingerichteten mail-accounts, was direkt einen Problembericht für Microsoft auf den Plan ruft.
- Soweit mein allererster, halbe h alter Eindruck.

Die Idee finde ich aber klasse!!! Beste Grüße

[PepiMK]

@nagan: the old settings are kept untouched, AlterEgo sets up a new account (with restricted privileges) and modifies copies of settings in there only. The Uninstall button on the first AlterEgo page would remove any shortcuts to start your apps in that mode; or you could use the application tab to change how single shortcuts of specific apps behave.

@nOInfectIOn: immer noch verwirrend? Mist, dabei sollte das doch alles einfacher machen :D
Download sind aber ein guter Punkt... genauso wie der "My Documents"-Ordner... Vorschläge sind da willkommen!
Ich hatte z.B. überlegt, ob ich autmatisch im entsprechenden Ordner des aktuellen Benutzers eine Verknüpfung zum Ordner des neuen Benutzers anlegen soll...
Daß Programme sich wegen mangelnder Rechte nicht "direkt aus dem Browser" starten lassen, ist ja mit Absicht, die u.a. verhindert, daß Malware sich da groß starten lässt
Mit Opera-Mail hab ich nur grob rumgespielt, eigentlich sollten die Opera-Mail-Einstellungen mit rüberkopiert werden. Welche Opera-Version ist das denn?

[nOInfectIOn]

Quote:

Originally Posted by PepiMK

@nOInfectIOn: immer noch verwirrend? Mist, dabei sollte das doch alles einfacher machen :D
Download sind aber ein guter Punkt... genauso wie der "My Documents"-Ordner... Vorschläge sind da willkommen!
Ich hatte z.B. überlegt, ob ich autmatisch im entsprechenden Ordner des aktuellen Benutzers eine Verknüpfung zum Ordner des neuen Benutzers anlegen soll...
Daß Programme sich wegen mangelnder Rechte nicht "direkt aus dem Browser" starten lassen, ist ja mit Absicht, die u.a. verhindert, daß Malware sich da groß starten lässt
Mit Opera-Mail hab ich nur grob rumgespielt, eigentlich sollten die Opera-Mail-Einstellungen mit rüberkopiert werden. Welche Opera-Version ist das denn?

Thank you so much for answering in german here ! (and sorry for my german posting in the english-section).
- Is AE confusing in the beginning? I think yes, especially for normal users.
But I think one can "master" it.
- A link to the new "my documents" folder sounds good for me. But the problem was something different: The downloaded file was not executable under normal admin-account.
- mail-account-problem: Was Opera 9.27

---
In order to start the restricted XP-account I deinstalled AE: The old icons reappeared, but the (new) old (AE-) icons didn´t disappear. I deleted them by mouse.
---
To test it again - can I install it beside the restricted account?

[Eruption1]

How can i remove AlterEgo?

I cant find it in Add/Remove Programs or anywhere else

[drragostea]

Eruption1:

Have you read this link?
--
http://forums.spybot.info/showthread.php?t=28398&page=3
--

[PepiMK]

Ah sorry, I've overlooked your reply, nOInfectIOn.
And you've overlooked my explanation

It is full intention that downloaded files are not to be executed (or better: that software run from the restricted account cannot be installed).
Of course this means you'll have to spend one or two more clicks to install a software, but the intention behind it is that malware that automatically installs through browser exploits couldn't install as well.
If the restricted account was able to install anything, it wouldn't protect

[nOInfectIOn]

Quote:

Originally Posted by PepiMK

Ah sorry, I've overlooked your reply, nOInfectIOn.
And you've overlooked my explanation

Hello
thank you for the answer!
Maybe some talk at cross purposes :D

After failed download-procedure with restricted Opera 9.27 I went again to download-location with direct-link: There was no cmd:"inet" necessary. And I was not able to open offline that, with IE7, downloaded driver-file.
...
Ah, okay - is the direct-link also restricted (with pw already included)? But then maybe there is a bug.

To test again: Meanwhile I am using a restricted account (thanks again for your effort!). Is it possible to install AE parallel, or would there be system problems?