OK, my friend is an idiot...

[drakebasher]

You also need to send your friend to the following link.

http://thethin.net/thanks.swf

LMAO

Seriously, tell your friend he may not have to reinstall so often.

"thanks.swf" should have been flagged: "NSFW". It's embarrasing for the whole office to hear my computer tell me I'm an idiot!

[Krendoshazin]

The nature of the multiuser capabilities of a unix system is for the exact purpose of disallowing the modification of the system outside of a user's home directory.
Running as root invites all kinds of trouble, such as the fact there are a couple of viruses for GNU/Linux but because there is no flexibility for it to spread then the nature of it becomes useless, running as root gives access to the entire system, that means write access to binaries and the ability to modify them accordingly, also not to mention rootkits, I doubt someone so misinformed about the effect of root is taking any precautions to make sure he gets his stuff from an official source or md5 checking them.

Also not to mention surfing the net as root and any other internet bound applications there may be, bugs happen, anyone who keeps up to date with the security mailing list will be aware of that. If you run as root you might aswell run windows, it throws the entire point of it being a true multiuser system out the window, true multuser is one of the main reasons that GNU/Linux, Unix or Unix derived systems so secure, there are other reasons but there's no need to go into those right now.

Always use a regular user account and never login as root, use sudo if you need it and su only when you need to, a system is only as secure as you make it.

[LondoJowo]

You also need to send your friend to the following link.

http://thethin.net/thanks.swf

LMAO

Seriously, tell your friend he may not have to reinstall so often.

"thanks.swf" should have been flagged: "NSFW". It's embarrasing for the whole office to hear my computer tell me I'm an idiot!

Sorry about that I forget some are in the office viewing, you could forward that to someone in your office who deserves it

[d38dm8nw81k1ng]

George, give Krendoshazin his IP address and let him do his work

[drakebasher]

Sorry about that I forget some are in the office viewing, you could forward that to someone in your office who deserves it

Did that already...

[borromini]

i say dont do anything and when his system gets hosed sit back with a big "i told you so" grin on your face.

I'd say: crack his system - make sure he can't find out it was you, but make also sure he cannot deny he has been cracked - and then you come along with the big "I told you so" grin.

[carlosponti]

the first thing i do as a linux user after install is to create a user and use that one unless i HAVE to use root for some administration pupose.

[Dude500]

I run linux being root all the time using suse pro 9.1, of course I don't use linux for the internet, anyways I know what I'm doing

[oz]

If he reinstalling all the time anyway, and he's not really concerned about getting hacked/cracked/infected, maybe you don't need to say anything else to him because nothing that could happen really matters to him.

Just let it go...

[Workaphobia]

I personally don't use sudo (I don't think it's configured for my machine and I never bothered to set it up). I'll often su in a GUI terminal emulator (which may be a little insecure if my user account has been compromised), and login as root in a console terminal.

You might want to explain to your friend that a firewall offers limited protection, and that by executing any program whatsoever he is trusting that program to be secure and benevolent. This cannot be guaranteed unless he has a look at, and comprehends entirely, the source code for binaries and the text contained in shell scripts. Since this is impossible, his choices are to remain blissfully naive about security, or to sensibly use his user account as a shield between viruses and his OS.