And when you run the program, and she requested administrative powers, we should think well, and whether it is necessary to you at all, such a program. By the way, to execute the law in many enterprises set up policies so that you can only run pre- enabled applications, and if the application has not previously requested administrative rights, UAC suddenly issued a warning, then the administrator should immediately said no and start to understand (the user is by definition not should be the administrator password). Law number 2. If an attacker has made changes to the operating system your computer is no longer your computer is really so. But with the help of a sniffer would be able to changes? In fact, only if you fail to comply with other laws. On the other hand, there are services who should be treated with caution, even following all laws. For example there is such a service as a NAP. This office, working on your computer can do with it, but really only possible through the System Health Agents, or at the level of NAP Enforcement Clients.
But to install these components on a particular computer is required to violate other laws. That is, it turns out, that the service itself NAP on one side carries the additional mechanisms by which to break the security. On the other hand if you introduce this service in a secure environment, the problems should not be. And if you look at what what service NAP, is the insecure environment in general it is not necessary. In this case, the same service despite the complete lack of protection components themselves klientsoy running on the machine, the information from the server and the server is passed protected.