I've always run as non-admin, what OS X calls a Standard user.
When I first started doing this (about 10 years ago) I ran into some problems if I attempted to authenticate from a standard user to an admin user when trying to do sys admin stuff. I'd get weird permission errors.
So now when I want to do admin stuff like install software, I don't attempt it as a standard user. I simply log in to the admin account and install from there. Also I always log in to admin account when doing software updates such as for Firefox.
If you adopt this mindset it's really very simple to stick to it, and it's hardly much of an inconvenience. At least not for me, I'm not installing software every day.
Also when I'm about to visit a dodgy website or run some suspect software I log in to the Guest user account. That doesn't protect against local root escalation, but at least it's something. Then when I log out, I hopefully leave my problems behind.
Finally I maintain yet another account solely for accessing my financial sites. That way if my day-to-day account gets compromised, I still have a modicum of protection.
I really should use a separate machine solely for financial transactions. But I don't. I doubt if even 1% of people do. Any old machine should work, no matter how slow, because it's not used very often.
> I really should use a separate machine solely for financial transactions. But I don't. I doubt if even 1% of people do. Any old machine should work, no matter how slow, because it's not used very often.
I think it has more potential for danger since it is not going to be used often, you would lack the security updates that might leave the computer vulnerable (e.g. shellshock). You might do all the updates before doing any transaction which is very troubling to wait for. But depending on the attack surface, there might be a window for attack between you connect to the internet and do the updates.
One example is you could have get attacked via shellshock from a malicious / infected router over DHCP.
> I've always run as non-admin, what OS X calls a Standard user.
Ditto. Only difficulties that come to mind are some installers failing to escalate, Adobe in particular.
Using separate accounts for dodgy and financial sites is a good idea, but I don't know if I'd stick to it. I fell out of the habit of using a separate account for building software.
If it's cumbersome, you could always edit the sudoers file to make things easier (although it's not a great idea if you're not using it often). If you do that, then you would have the best of both worlds - being able to sudo on terminal from your standard account (with or without password, as desired) while also using it with lower privileges for all GUI applications.
When I first started doing this (about 10 years ago) I ran into some problems if I attempted to authenticate from a standard user to an admin user when trying to do sys admin stuff. I'd get weird permission errors.
So now when I want to do admin stuff like install software, I don't attempt it as a standard user. I simply log in to the admin account and install from there. Also I always log in to admin account when doing software updates such as for Firefox.
If you adopt this mindset it's really very simple to stick to it, and it's hardly much of an inconvenience. At least not for me, I'm not installing software every day.
Also when I'm about to visit a dodgy website or run some suspect software I log in to the Guest user account. That doesn't protect against local root escalation, but at least it's something. Then when I log out, I hopefully leave my problems behind.
Finally I maintain yet another account solely for accessing my financial sites. That way if my day-to-day account gets compromised, I still have a modicum of protection.
I really should use a separate machine solely for financial transactions. But I don't. I doubt if even 1% of people do. Any old machine should work, no matter how slow, because it's not used very often.