A perfect security system?

Discussion in 'other security issues & news' started by devilish, Jan 11, 2006.

Thread Status:
Not open for further replies.
  1. securityx

    securityx Registered Member

    Joined:
    Dec 1, 2005
    Posts:
    149
    EricAlbert, Are you actually using ShadowUser yet? If so, is it living up to your expectations? And if not - it would help if you could tell us how it could be improved. I noticed from this thread (post 11)that you have been looking into ShadowUser since July of 2004(!).

    If you are finally using it, I would like to hear your impressions of expectations versus what it is actually like as a day-to-day user. I'm a Deep Freeze user and there are pros and cons, but overall I would say I am very happy.
     
  2. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    ErikAlbert,

    Structurally, there is absolutely nothing wrong with the scenarios posed. As I said earlier, it's a simple issue of being able to maintain discipline. However, most of us have experienced instances in which the heat of the moment has caused us to lose discipline. Maintaining discipline is such a key aspect of your approach, that it is natural to question whether it is a crucial hole.

    I can be very disciplined. I also know that in the past, while rushed, I have made absolutely insane mistakes. Sophomoric stuff that jumped out at me within microseconds of my finger leaving the Enter key. Analyzing how you would ideally behave, and living it on a daily basis are two very different things. It's only a reboot, but replacing dealing with multiple popup alerts (rather infrequent in my case) with multiple system reboots seems to be a trade that is neither balanced for convenience nor for safety. That's why I would certainly recommend some realtime coverage. It could be an AV/AT, or it could be an execution monitor, or a host of other approaches, but backup for the times when expediency wins over discipline and you're left vulnerable.

    Let's be realisitic regarding the threats we face. It's not a daily exposure for the bulk of us. Maybe a few times a year, maybe a time every few years. The problem is that the fallout from that single time can be sobering. Given that perspective, my own view is that it's not a question of if you will relax your discipline, it's only a question of how long after seeing no malware action for an extended period of time that the desire to quickly turn something around will inexorably start the modification of your strict usage discipline. At that point, you've started on a walk down the road to problems. Having backup that does not get bored, does not cut any corners, does not risk it because it's "just one time", seems to be a prudent reflection of reality for most of us, not overkill.

    As for ShadowUser being a strategy for immediate system recovery, it if works as described, it would seem to be a great, though somewhat pricey, solution.

    Blue
     
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    So until now there is nothing wrong with what I've said in my very last post and that's what I wanted to know.
    I put the human discipline aside for awhile, because that's another problem.
    I'm not finished yet, but I have to prepare and translate my next post first.
    I like to do this systematically without personal comments. Bubba already posted a warning and he is 200% right.
    Thanks for your answer.
     
  4. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    You haven't bought ShadowUser, there is a trial download period (30 days),
    You successfully talked to them (you try that with Symantec) you don't get a reply from tech support (not being a license holder) = ' I would never rely on ShadowUser'. Well congratulations for your accurate analysis!

    For the record as a license holder of ShadowUser, I had a problem, e-mailed them (only possible by supplying the registration number) and got a reply with the solution within the same day.

    My reply is not pertaining to the subject and I'm sorry but so is Peter2150's post.
     
  5. WonderBread

    WonderBread Guest

    EricAlbert:

    You missed the post from security-x asking if you've bought the program yet. I looked at that thread and he's right, you were getting ready to buy it back in the Summer of 2004, not 2005, but '04. Why are you waiting so long to actually USE Shadowuser?
     
  6. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Personally I don't think there's anything particularly wrong with running with a setup like that, but recommending it to others, especially those that are not technically saavy and won't understand the risks and what SU can and cannot do, is another story. I tend to think that somthing like DefenseWall would be more suited for those kinds of people, and might even be feasible in a business environment.
     
    Last edited: Jan 15, 2006
  7. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    It doesn't take a technically savvy user to understand SU/DF etc. The premise is very simple. The only thing that a novice may find hard is finding particular folders (eg email folder etc) to move/exclude so that they don't get wiped at reboot.

    I personally don't think such programs are for everyone because they do involve some degree of hassle if you want to change certain settings or install programs, but if you don't mind the degree of inconvenience they are very good at doing what they were designed to do.

    Security is as much about good habits (and I don't mean not visiting dubious sites...I mean not downloading files/clicking links received via suspect emails etc), and good settings as it about programs.

    But if you were looking for the perfect programs that would allow you to have bad habits and poor settings (on your OS, not your security apps), then the original idea isn't a bad idea - same with the thread 'if you could only have 4 security apps'...which is full of differing idea's on what constitutes the perfect security setup.

    The argument that all 'perfect' security setups can be beaten, while true, seems a bit silly to me. I doubt that any malware designer anywhere is going to try to design a piece of malware just to beat your particular setup (unless one knows you has has a vendetta against you personally I suppose).
     
  8. What a joke. Set aside discipline, while yelling to the world that SU is perfect for ignorant/unknowledgable/average whatever users seems unrealistic yes?

    If i want to set aside discipline , *any* solution would work.

    I'm starting to think that there is a big lanuauage barrier problem here or you are just trying to be stubborn. You see only sentences that seem to support your case, like when Blue says there is nothing wrong on principle BUT.....

    See posts by Notok, Nick etc as well for all the cons.

    Your view of the world with SU as the perfect solution for ignorant users for all uses Home annd corporate is way too simplistic and people keep telling you all the problems, but you refuse to listen and just sweep it under the carpet (set aside discipline...!!). I really pity Blue, who keeps bringing up the same points without any effect.

    And the worse thing is you keep misleading other people by making bold claims with no evidence. I'm sorry moderators if you think this is getting personal, but in this case, it's justified.

    There are certain people in the past who tend to tell the world that their choice of AV, firewall whatever is the best for everyone, that everyone should use it or risk getting hacked etc. That is bad enough.

    But never before have i since an indidivual so bold to make a claim for a product that he has never used before! And it's a maximal claim for ALL "ignorant" users for all conditions home user/corporate.
     
  9. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    To all:

    Maybe I'm old school, but it's never really justified to take the discussion personal, the same points can always be made more rationally by discussing the message, not the messenger.

    At some point it is occasionally needed for the participants to agree to disagree pending future developments. It is clear that we are at that juncture in this discussion with respect to implementing a ShadowUser/Firewall combination as a complete security solution. Within this thread, further rehashing of this topic will have little positive value until some field usage of the SU/FW combination is available. The respective points from all sides of this topic have been made, so why don't we leave further discussion of this specific topic for a future time when some field experience is available? Thanks to all.

    As for the initial topic and post in this thread, feel free to continue on...

    Bue
     
  10. What you mean is actually field usage by Erikalbert right? Field usage by others such as vikkor exists and their comments have being given. While positive (otherwise they wouldn't be using it) hardly paints the erik albert's rosy picture of a perfect defense that is more useable for IGNORANT users.

    One sample

    As i said before, it's easy to be critical and aware of stuff you use, but without using SU, you cannot be sure if what looks easy on paper won't turn out to be a bigger hassle than using AV.

    Until you have some personal experience it would not be wise to make even modest claims (that it works for you) , much less claims for ALL IGNORANT users, or that it would work in the corporate situation
     
  11. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Well, yes, since as I recall, many current users of ShadowUser/Surfer and related products augment that platform with conventional applications for some degree of in-session malware control such as a classical AV/AT, a HIPS (Online Armor/SafenSecure/AppDefend-RegDefend/etc.), and/or a pure application monitoring program (e.g. AntiExecutable for the DeepFreeze users in particular). The configuration that has dominated the current discussion is rather different IMHO.

    Blue
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi EricAlbert

    One could debate this subject until the cows come home, and to even try an establish what, if anything, is wrong with your logic is pointless. Just one last thing comes to mind and that is two quotes I love.

    1. "No plan survives contact with the enemy." (old military axiom)

    2. "For every human problem there is a solution that is simple, neat and wrong" (H.L. Mencken)

    All the best,

    Pete
     
  13. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I have to quit this thread, because I don't have the time anymore until I moved to my new apartment.
    Meanwhile devilsadvocate can learn how to discuss softwares without getting personal, like most members do. :)
     
  14. Dear Erikalbert, I apologise if you think I'm getting personal. Personally I don't think pointing out that you are making wild and bold claims based on no evidence counts as a personal attack.

    In any case, You can ignore everything i said, but that still leaves Notok, BlueZannetti, Peter2150, etc who are saying everything i said and more.

    Are they all "brainwashed" according to you? Are they all giving you personal attacks?

    In any case, I doubt this is the last time we will hear from you, i expect that we will be going over the same arguments again soon, with you crying about personal attacks, when you find yourself out of arguments.
     
  15. spiff5000

    spiff5000 Registered Member

    Joined:
    Jun 27, 2004
    Posts:
    49
    ErikAlbert's proposal is very interesting. However, that configuration defeats normal computer use. For instance...

    Updates, patches and hotfixes:
    These must be manually installed and planned in advance. Automatically installation is not an option.

    Multi-tasking:
    The prime advantage of a computer is processing multiple applications simultaneously. If, however, I have to "reboot my computer" so "keyloggers will disappear" then I've impacted my productivity by having to close Word, Solitare, TaxCut and all the other apps I was working in. The effectiveness of multi-tasking requires maximum uptime.

    Discipline:
    Sounds great until you download the worm that scans all your drives and deletes all *.doc files.

    Regards,
    Spiff5000
     
  16. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Very well put :)

    The last one I can definitely attest to. That's how I got into all this in the first place.. a trojan ended up deleting all my work, which was on a second partition, something like SU would not have helped.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.