Board Thread:Wiki discussion/@comment-6702872-20131021075607/@comment-4812386-20141226033034

Applications that run on one’s computer with one’s user account can usually access all the input (keyboard, mouse, etc.) coming from that user and read all files the user account has access to (usually everything except other users’ files), as well as modify all files the user is allowed to modify. More generally, an application running on an user account can usually do everything that user can do.

This is one reason why it is best to not use an administrator account for daily use of a computer, and also why it is best to run applications you can’t really trust in a virtual machine, on a separate operating system or computer, or in some sort of sandbox that prevents it from doing stuff you don’t want it to do and accessing things you want to remain private. Or at least, if that is deemed to be too much trouble and effort, these applications should be run in a user account with as least permissions as possible and used only for running them.

On Mac OS X, some restrictions are applied on applications that prevent them from accessing parts of the user input unless the user authorizes it by enabling access for “assistive devices”. On Linux and BSD systems using Wayland, this is pushed further to the point that applications are not allowed, without the user’s permission, to take screenshots, record the screen continuously, inject or filter keyboard input, modify the mouse’s position, simulate clicks, receive keyboard input when not focused and paste clipboard content. Of course, this solves the problem of keyloggers and some other malware, and the world would be a much better place if everyone had realized decades ago that this was the way to go.

In almost all cases, though, if you run software on your computer, you’re giving it access to all your confidential data. That’s why you shouldn’t run applications downloaded on the Web unless they are open source, they are published there by a corporation (which usually implies liability) or you really need them.

There’s no need to be paranoid, but some thought is necessary when administrating a system to prevent trouble. Also, antivirus software can’t replace good security practices, and, if not worthless, will almost always not be worth its cost or the load it puts on one’s computer.