Deep Freeze Experiences

I will do the recommended for posting the system status when I return to the lab on monday. As far as actual memory and processor speed, these computers should not lag under deep freeze, they are 2.8ghz processors with 256mb of RAM, I do think the RAM should be pushed up. I also think these computers need to be wiped out and restarted and partitioned. And as far as needing constant maintenance these computers are used for the publication of the yearbook so we constantly put on new tools, such as scanners, card readers, printers, etc... In the end of last year they installed deep freeze on these computers and the tools were obtained in intervals so the constant maintenance was required to install each.

Just a question, would it be more likely to run more securely and faster if you have one main partition for windows and all its components, then install all other programs on the second partition.

 

I agree, the systems you describe would seem a bit thin on RAM. But installing Deep Freeze should produce no extra drag on the system, according to Faronics, and that has been my experience also.

I assume they were reformatted at that time. That is the only way to insure a clean, lean system. Especially the Registry.

I see now what you mean by "constant maintenance."

Would it run Faster? It has not been my experience that it would be faster; what tasks seem slow? When you Thaw, do these tasks run faster? Does this happen with all of the computers?

More securely? As long as both partitions are frozen, it won't change the security status. Both *must* be frozen or you invite trouble with people messing with your programs' files on the second partition. Only the Thawspace Drive should be accessible by users.

You mentioned the 2GB limit for the Thawspace: If you are referring to your yearbook stuff requiring a lot of space, you could

1) make a separate larger thawed partition on the computer just for that data

2) use an external USB drive as a data partition and store off hours in a secure place.

regards,

-rich

 

Well, I figured that they would have wiped them clean but they didn't. The computers were never on the network, therefore no internet, so they just installed deep freeze as is. They run incredibly slow on just about every level for some reason. Every computer runs slow frozen, and noticeably faster thawed. The biggest slow points are with microsoft office, picture manager, ie, and other scan programs. I think that this level of security is unneccessary as they have websense, and sophos installed on these computers. The best I think for this environment is to image them, relay the image at the end of the year. Budget is pulled tighter as new cameras, and other tedious tools were purchased, so an external drive is out of the picture for now but has been looked at, if they continue to run deep freeze it'll soon become a needed item. A 2g thawspace is nothing when all these pictures are high resolution and take up major space.

As for having two partitions, one for windows frozen, and one for smaller side programs thawed, I figure you just leave windows frozen, the other partition thawed, and as long as drives remain unshared, and the firewall in order it should be safe.

 

You might format/reinstall one just to see if there is a difference.

This sounds workable in your situation. In a computer lab with hundreds of users daily, it would be a disaster, as the wannabe script kiddies would have a ball if they discovered an unfrozen partition.

regards,

-rich

 

Yes, thats what I definately am looking to try as soon as possible.

Point taken, I can definately say not in this generation but in following years it wouldn't be worth it, and assuming the district would cooperate with anything outside of their single partition format. The best method this situation is seemingly a fresh start, freezing, and a network drive for the best results lastly and if possible the bumping up of the memory.

 

I would be interested in what you notice different after formatting/reinstalling one machine.

You didn't say which OS you use - I'm guessing Win98 since your Thawspace has a 2GB limit.

regards,

-rich

 

No actually, these machines are XP, just the district is running deep freeze 4 pro, so its quite a different story, I myself have been testing the enterprise edition 5 at home, but am on a different system at the lab. And I will be sure to post back the results come time to the end of the production.

 

In that case, unless there is a limit in the older versions of DF:

"Workstations running Windows 2000 or XP can host a maximum ThawSpace of 1 TB when using the NTFS file system or 4GB when using the FAT32 file system. "


(Win 98/ME have a limit of 2GB)


regards,

-rich

 

Thats a strange issue, and oddly enough its still maxing at 2g, it must be something with how old this version is, I mentioned I was testing enterprise 5 at home and it is as you stated, and the version 4 pro, its limits seem a bit more restricting regardless of the OS.

 

Yes, it must be a limit of the older versions. DF is up to v.6 now.

I do like your thought about saving files to another media.

I'm going to purchase DF for my laptop which presently has just one partition. Rather than creating another partition (I would have to purchase a partitioning program), I think I'll just write files to a USB stick. Mostly word processing files, photo work, email, internet, while on the road.

regards,

-rich

 

look at this ~Link Removed - Ron No links to cracks allowed here on the forums~ Many people hate this software, because it makes irreversible problems in case you don´t uninstall it the way these pirates want it.

 

Wups, I did not see any cracks, I only read the text nothing else. The text is related to a old version of deep freeze I guess, today deep freezes simulates 2 floppy drives inject some kind of kernel sys into bios and blocks floppy from loading, so far my experiences what I´ve seen on my dos screens.

They run their bad code into cmos that creates the illusion of a second floppy and blocks all floppy drives and
you are treated like a minor citizen from this faronics company, incredible that no one actually went to lawyer
to obtain payments for the damage they do on many many systems with their cmos infiltration.

 

Saving to external media I think is one of the best things to do with this security style, because if deep freeze has any faults there goes your Thawspace...We already had this happen once in the lab, the problem we pinned down to the latency was by district setup fault. They run sophos anti-virus underneath the deep freeze, any common sense tells you an antivirus is needless on a frozen machine, but they had the auto update for every 2 or 3 minutes which as we all know background involved updates eat through memory. So today I thawed one, turned off the updates, then froze it back and it worked just fine. Thankfully this latency problem is fixed but its still I.M.O that this isn't the greatest possible security method for this lab.

More than likely upon reading the EULA when you install deep freeze on any computer you will see that they have somehow stated this. I haven't read it myself but usually if their going to do something with mal scripting or any other negative effect they write it in the EULA and lets face it, nearly no computer user actually reads it when they install a program. Lastly they see it fit to be a security measure, whoever installs deep freeze on a computer should be able to uninstall it, so if the computer was stolen and deep freeze mishandled its kind of like self destruction method.

 

Well, the latency problem is now understandable! However, you can make a case for running other security with Deep Freeze if the workstation is on a network. DF doesn't prevent the installation of malware, it just removes it on reboot. So, something could install and connect out, until the user rebooted.

However, AV is not the most practical, since it is not reliable, and needs the updates. Software restriction policies, running as limited user, and other means, would prevent the installation of an executable. These are the measures I'm familiar with in the school where I worked.

Yes, Thawspace is not the best setup for your lab usage. In our campuses, Thawspace is used by instructors to store classroom files, presentations, etc, which each instructor, of course, backs up. No one would store important data (like your yearbook files), or grades, student information, etc.

I wouldn't write it off - it's still great protection in institutional environments - just write files to external media and store in a safe place.

I'm sorry - I don't understand what you are saying in your last paragraph.

regards,

-rich

 

Thanks, its pretty understandable after all that, but the last paragraph was about the previous post, about deep freeze leaving a kernel in the floppy drives. Which in its own was kind of confusing

 

Somewhere I posted a dos screen about the df kernel in floppy bootloader sector.
You recognize deepfreeze cmos infiltration when you hear a little click or clack sound with every reboot.

Beside it is impossible to reflash this protected area, the first bootblock remains unflashed, no matter how many times you reflash the bios. Probably the only method to remove this sh*t without further knowledge about the assembler technique is to insert a new cmos chip.

And now someone should tell me that bios rootkits will remain science fiction, if such a unimportant security tool is already able to overwrite and infiltrate the cmos, what will then sophisticated rootkit code be able for??

Such a shame that motherboard companies are that kind of passive concerning this high risk.

Hopefully bios will not survive the new mainboard era in future. It´s the weakest point in on board hardware.

 

here the screen of deep freez mess:

http://i6.tinypic.com/1zh0l00.jpg

To fully understand what happened look at this thread

LINK

 

Are you sure about that?

Why would they try to stop a floppy from loading? If they did mess with the CMOS to stop booting from floppy, why would they state the following?

 

Once there must be a version that was vulnerable against floppy attacks, so they may have thought locking the whole floppy bootblock would be the right thing with fatal consequences for you as user.

That´s the core problem. They want to protect hardware things which is highly vulnerable (pirates or hackers thats how I call those guys, nothing more), if you manually uninstall deep freeze your cmos will likely irreversibly damaged.

Everyone should have the power to uninstall anything manually, we are no minor citizens, but faronics wants to degrade you to that kind of kid level that gets no possibility to change things by his own will. Silly and destructive methods. This is what you have to know before you play with dangerous software like this.

I remember that there was one guy who made anti-deepfreeze software and started a private fight against faronics, he always broke their latest version with a antifreeze software. So you see if you think you are secure with deep freeze you should test the anti freeze tool. It´s some time ago I don´t remember the authors name but google, maybe you will find him.

A tip for dfreezers: To manually uninstall deep freeze use multiboot environment and erase their driver from another windows.

 

how exactly do you do that and can it fix the blue screen of death problem if it occurs?

 

I know that very exact, because I already did it and followed a manual of the deepfreeze foe nr.1

Look what FProt tells about their bad methods:
(You can consider it as viral code they use to prevent cmos floppy access)

http://i14.tinypic.com/4876obd.png

 

I have to agree with SpikeyB on this - it doesn't make any sense that DF would do such a thing. Don't you think that if this were true, that others would have discovered it by now?

Over the years, I've noticed that disgruntled DF users fall into one of several groups.

1) those who purchase DF but don't read the Users Guide, and mess things up.

2) those who obtain a copy illegally and don't have a Users Guide, and really mess things up.

3) those in either of the above who fiddle around, deleting/attempting to modify DF files, and really, really mess things up.

4) those at schools who get angry because they can't use the school computer as if it were their own.
​

It's pretty much accepted today that when you "buy" most software, you are really purchasing a license to use it, and must indicate that you understand the license and agree to it. If it states how the program must be uninstalled, then the person who uninstalls in a different fashion has only herself/himself to blame.

As far as cracks - they come and go. As kareldjag is fond of saying, "A piece of code can theorically be bypassed and broken by another piece of code."

The cracks you refer to don't work on the current versions. In the past, they have required physical access to the computer, which makes it a non issue (or it should) for the home user.

regards,

-rich

 

Fact is DF messed up my bios floppy bootblock.

I used a demo, wanted to test this horrible software, then like often I uninstalled the software manually. I could remove anything except the cmos block.

Maybe in the latest version they have solved this problem, but I doubt.

I stay on my opinion that it is a damn dangerous software that can harm your bios and kill the ability to access the floppy forever until you change the cmos block.

 

so how do you do that?
what files do you remove?

 

Maybe you should try d. unfreezer, I don´t want to give exact comments related to this theme. Search yourself.