Well, it might be true, i do not remember the pc port, i had only played a demo on pc. But from my experience with pc ports back then, having additional features and graphics on pc in 1997 wasn't common. It became common a little later, only to be dropped again in the ps4+ era.

Actually it is still true, I just installed Win 10 and Win 11 on separate computers and the default is an admin account.

Instead of going back and forth with everyone and because this article was about Nuclear Strike not how bad Linux security really is, i will end with this:







Make no mistake, Linux security is vastly over-rated,

No, you're doing a sophism to confuse your readers using similar words but with different meaning at different time.

Your not only claimed that Windows today had an admin account as a default account, you claimed that today on Windows such admin account has root privileges:

It is true that the default user is an admin user, but it is false that admin user runs with root privilege.

Starting with Windows Vista, that replaced Windows XP in 2006 (17 years ago), the default Windows account is a member of some admin group that allows the user to do administrative tasks with root privilege on explicit request, exactly like what Linux distributions do when the default account is in the sudo group, allowing the user to run admin tasks on request.

Such account on Windows do not run with root privilege, but can start processes with root privilege, and the user has to confirm.

One difference between Windows and Linux is that Linux with sudo or pkexec requires the user to type a password in a pop-up window, and Windows just ask to click a “yes” button in a pop-up window, so one may find Windows easier to fool users. But in all cases if an executable tries to do things that requires to be root, Windows will ask the user for confirmation, because the executable doesn't run with root privilege by default, and cannot without the user giving an explicit permission.

Also, even if I don't remember if it started with Windows Vista or Windows 7, but I'm sure it was already true with Windows 7, the administrator account is disabled by default and can't login and is not meant to be enabled at all, and is not meant to be used to open a desktop session. This is very similar to what does sudo in some distributions like Ubuntu, where the root user can't login but can be used through sudo.

On modern distributions like Ubuntu, the default account is also member of some admin group, and then considered admin, that only means the user using such account can use sudo, that does not mean that the default acount is running with root privileges.

Windows does something very similar by default since 17 years.

I have not responded to that, but you just implied that viruses are special executables that requires root permission to run. No, that's totally wrong! Viruses are executables that run with the current user privileges. If the user has more privileges, the virus will run with more privileges, if the user has less privileges, the virus will run with less privileges. That's all. If you can run a software, like web browser, a note pad, a calculator or a game, it means a virus can run too.

As I already said, viruses do no need root privilege to delete or leak or encrypt your data. We can also say that viruses do not need root privileges to run.

Saying “The […] account has root privileges […] so of course viruses are going to run” makes no sense at all. Virus are softwares like any other software and using an user session without root privilege will not make viruses magically unable to run, it will just run without root privilege, which is more than enough to do harm.

The root/user difference is only a guarantee that if an user is infected, the harm will only affect what this user has access to.

For example if, in a company computer network, someone gets a ransomware, the affected files will only be the ones of that users and the files on shared folders he has write access to. If that's a seller who is infected, the engineer may hope to have his own files being fine, if they don't share a common writable folder together. That's all.

There had been ways to lure the user to run malicious files on Linux too. For example, before they removed the ability to run arbitrary .desktop files from any folder, it was possible to trick Linux users to run executables with malicious .desktop files (Desktop entry file) sent and received by email, the exact same way Windows viruses were spreading through malicious .pif files (Program information file) sent and received by email. Here is an example of a proof of concept of malicious desktop entry file I wrote around 2007, before Linux desktop hardened the security by preventing such file to be run arbitrarily: https://github.com/illwieckz/chaton-mignon

Every fix for security issuees that are shipped on Linux applications very frequently are fixes for preventing such applications to run viruses with user permissions, because that would be very bad to let viruses run with user permissions.

This is very confusing:



​
So during install Windows creates "The Admin" account, then disables it just to create a different account that is a member of the Admin group that effectively has the same permissions and abilities as "The Admin" account.

Seems very half-assed to me, it would be like Ubuntu effectively disabling the root account by using a random string as the password, allowing you to create user account that is a member of sudo and then making sure that the account runs with sudo privileges all the time.

To me this is so stupid and something I never noticed because when you check the account type of of the first account made upon install it says it is an Administrative account.

If someone wants to explain the rationale of this to me that would be great.

[QUOTE=sophisticles;n1433204]

This is very confusing:



The rationale is that the Administrator account turned out to be a major security issue so they disable it but create a default user that is part of the admin group, akin to say Ubuntu where the first user is a member of the wheel group. Both setups enable the initial user to perform admin tasks but they have to jump through hoops (sudo on Ubuntu and the popup window in Windows) which the Administrator/root account doesn't have to do.

i had exactly this case in a support case i did month ago and the person i did support was very surprised that this is not the case in windows 10.

i showed her what the real Administrator account looks like boring and ugly it looks and this is made by purpose of microsoft make this account as ugly and unpleasant as possible.

what the people use in windows 10 by default is a USER account with the "name" admin/administrator this is a big difference.
it only has the name admin/administrator it does not have the same rights as a administrator account.

to activate the real administrator account you need to put a spezific command in the command console.

activate hidden administrator account windows 10:

Using a command prompt
Open “Run” with [Windows] + [R].
Type “cmd” and press [Ctrl] + [Shift] + [Enter].
Type “net user administrator /active:yes”.
The administrator account is now activated.
To deactivate: “net user administrator /active:no”.

what these people have is a user account who has the ability to get admin rights but by default it does not have admin rights.

if you start a application with that user account and your app is outdated(from the pre windows XP days) and needs administrator rights then the software fails this happens with games like SIMS2

then you activate "“net user administrator /active:yes”." and lock out of your user account and lock in this administrator account it is ugly as hell and looks like windows 2000 userinterface then if you start the game sims2 the game now had full administrator rights don't worry the game does not run anyway because of other problems. if you run this game in linux with Lutris the game runs well.

[QUOTE=sophisticles;n1433204]
This is very confusing:

its very simple what happened here the user base of microsoft windows plain and simple rejected the idea of having unique​ user names many where used to the basic "admin" account user name. but microsoft was under pressure to increase security the solution was a USER account (not admin account) with the name "admin" again its a user account with only admin in name only.

the only difference between a normal user name and this account is that you can get admin rights if you do spezific tasks like "Type “net user administrator /active:yes”." in the console to activate the real admin account.

i supported a windows 10 user month ago who really believed the game SIMS2 need to run because she runs it in her admin account but the game did need admin rights and her user admin account had zero admin rights.

"Seems very half-assed to me, it would be like Ubuntu effectively disabling the root account by using a random string as the password, allowing you to create user account that is a member of sudo and then making sure that the account runs with sudo privileges all the time.
To me this is so stupid and something I never noticed because when you check the account type of of the first account made upon install it says it is an Administrative account.
If someone wants to explain the rationale of this to me that would be great."

Microsoft really deal with Stupid people and this is not a metaphor there are Science IQ intelligence studies who proof linux users have the highest IQ then comes macos users and windows users are the most stupid people around.
and this is why microsoft can not "really" fix the problem because their customer base expect their outdated knowlege to still function if they use windows. microsoft has the pressure to increase the security but they also have the pressure to leave everything as it was because the user expect this.
thats why it looks so half-assed to you. it is not only for you "so stupid" microsoft really deals with a user-base and customer base who is really stupid.

the rational of microsoft is to improve security without change anything what the stupid low IQ userbase expect as the default user name must be "admin" and not like linux a real unique username.

if you use this “net user administrator /active:yes”." you can discover that this user account on windows 10 looks really ugly it looks worst than windows 2000 and microsoft really did make this ugly by purpose they do not want the users to use this account because well its dangerous to use this account.

"If someone wants to explain the rationale of this to me that would be great."

so whats the rational ? microsoft has to teach their userbase do not use this account “net user administrator /active:yes”."

in linux world you have a similar problem with outdated info you can discover if you read a 10-15 year old LPIC1 book
no systemD or wayland exist in these old book about linux then you buy a new LPIC1 book and magic now all the new info is there.

windows user have the exact same problem that windows change over time but nearly no one of the windows user/customer base buy new handbook and learn it freshly they all expect the old way still working..

thats why microsoft has a hard time to change anything. best example is the system settings section where you still can find the hardware device manager from windows 95 what did not change at all.. microsoft plain and simple can not change it because the user base is so used to to the old way.

I'd say the practical security difference between Linux and Windows (and by that, I mean beyond little things like "Extensions shown by default, must manually mark files as executable, no custom icons embedded in binaries, some file managers like Nautilus insisting on 'Open With' if extension doesn't match header-detected filetype, etc.") is that Linux has cgroups frontends intended to boost security like Firejail and bubblewrap and the Linux devs consider cgroups as a security mechanism which may have bugs, while, last I checked, Microsoft explicitly says that Windows's closest analogue is not intended to be a security barrier but, rather, a framework for Docker-esque containerization of trusted applications.

Running certain old games in Wine or Windows 11 is a real struggle. A lot of the old Nancy Drew games won't run on a modern OS without dgvoodoo2.