Power Shadow

Discussion in 'sandboxing & virtualization' started by Chuck57, Jan 15, 2007.

Thread Status:
Not open for further replies.
  1. Rivalen
    Offline

    Rivalen Registered Member

    Beautiful! Nothing sticks.

    Poirot - I used some of your instructions and it worked I am registered - thank you.

    In shadowmode start up shadowtip something wants to add to autostart and I tell Mike Lins Start up control panel to allow it, but since I was shadowed that change didnt stick - hehe. Same when I told PS to start shadowed so I should not have to change during startup - it didnt stick - I suppose I need to be unshadowed even to make changes in PS?? :D :D

    Havent seen the warningmessage again when rebooting - good.

    Since everbody phraised it so much I installed it right over my realtime apps (see my sig + roboform) and all was good so far. All of them seem pleased to run under shadow mode - great. Means that unshadowed I am still very well protected and shadowed I am superprotected!!!:cool:

    The few things I want to save can go to a USB memstick for temp storage I suppose - no probs for me.

    When starting the GUI the Shadowsetting want a HTTP connect to w-w.ensurebit.com and details are wineh-web-q09.xinnetdns.com (210.51.168.100) (maybe q09 is g09).
    I have allowed it temporary - will block it later when all continues to work well. Could it be a community thing to gather info how we users set PS up??

    This one looks really promising - thanks!

    Best Regards
    Last edited: Feb 6, 2007
  2. poirot
    Offline

    poirot Registered Member

    Rivalen i'm glad you got your registration.
    I also use a memory stick (1/2GBs) when i want to quickly save anything.


    In reference to what was said in the previous post i also want to
    thank Chuck57 who will have my gratitude for having started it all,and also Easter.2010 and Espresso among many others,who greatly helped.

    Reading this Forum is much better than reading a newspaper:
    here you can still have some hope towards the future....
    Perhaps a better world will be inspired by non obeying geeks.......
  3. Rivalen
    Offline

    Rivalen Registered Member

    Some say PS is protection that makes other security software not needed.

    Lets say I have my PC up for a whole day in shadow mode - when the day is over I get a fantastic cleanup, but during the day/session I still need to protect myself from ie keyloggers if I have some logging in/on to do where there is simple passwords used.

    So if protection is to not let malware do any harm in realtime - this isnt protectiono_O

    To be able to do a awsome cleanup and wipe all malware at sessionfinish - thats extremly valuable and kind of a longterm protection, but not protection here and nowo_O

    If we then add demands of ease of use on a PC that is used by several family members where some need to be able to save considerable data to C: and be able to surf safe at the same time, maybe PS will not be considered top notch until one can get unshadowed on the fly without rebooto_O

    I use it and love it so far, but I will not take off any of my security apps yet because I will need protection both when shadowed and unshadowed as far as I understand it.

    Can I expect ie Antivir and Cyberhawk to work as well shadowed as unshadowedo_O

    Pls correct me if I misunderstand something.

    Best Regards
  4. SafetyFirst
    Offline

    SafetyFirst Registered Member

    I'm not bashing the prog at all. In fact, I'm planning to start using it. What I'm saying is that we should consider another security aspect too (possibility of a backdoor). I never said this software is not good at doing what it claims. I'm just worried it might be doing something else it says nothing about as well (has anyone demystified it's phoning home?).
    Personally, I don't really care if Chinese agents (or any government's) copy all of my hard drive, they wouldn't find anything that might be of their interest. But for someone who would suffer serious consequences if their privacy were compromised (like that poor journalist) I think they should reconsider using it.
  5. Meriadoc
    Offline

    Meriadoc Registered Member

    Ensurebit software Inc

    Well they are known and used by various companies.

    I have an address in Beijing, Haidian District, telephone and fax numbers and email address.

    'ESI, are actively seeking commercial cooperation partners and have various OEM services for their software or custom made.'
    'The company has a abundant technical force in technology specialise in data security and digital entertainment.'
    They are recognised by the Science committee in China.
  6. Chuck57
    Offline

    Chuck57 Registered Member

    You're welcome, poirot but I only found it. Easter, yankinNcrankin, espresso and others did the real work. All credit should go to them.

    I got the free shadowsurfer and it didn't work well on my machine, so went looking for something similar that would do the job. Finding it was my only contribution. Anybody could have done that.
  7. Rivalen
    Offline

    Rivalen Registered Member

    How do you guys check if and for how long your FW is down during upstart or shutdown - remember I read something about that in this thread?

    OP settings changed during shadow is neatly not there any more after reboot so I guess PS does what it wants with OP at startup and shutdown.

    Best Regards
  8. kr4ey
    Offline

    kr4ey Registered Member

    My Firewall starts as Windows Service at startup so there is no startup or shutdown delay. Other FW's may be different.
    PS does not save any changes after a reboot from shadow mode, as far as I can tell it does nothing to the OP, other than clearing everything that was done while in shadow mode.
    As to your previous questions PS can make other security redundent while in shadow mode, but I would advise to still keep other security software when not using shadow mode.
    Malware can still install on system, but any traces will be gone after reboot.
    I save all my files to another hard drive, USB stick while in shadow mode. I do not leave my HD/USB connected while surfing for possiblity of someone gaaining access to files and I do not leave sensitive files on my C:\ drive.
    Your AV and Cyberhawk will work the same in and out of shadow mode.
    In my opinion PS is one of the best security programs I have ever found.

    Rick
  9. Chuck57
    Offline

    Chuck57 Registered Member

    kr4ey.....I think I understand what you're saying, but let me ask anyway

    I'm on DSL, I turn off the computer at night, but otherwise I'm connected. Does what you're saying mean that even if my browser is not up I can still be infected? I'm usually in shadow mode except for several hours a day when I'm actually pretending to be working.

    During those several hours in Word, I've got shadow disabled. So, during that time, something can still get into this thing, even if the browser isn't running. Am I understanding you right?
  10. kr4ey
    Offline

    kr4ey Registered Member

    Yes. You can still get infected, but when you reboot out of shadow mode its like nothing even happened (no infection after reboot).
    Yes. There are some vulnerabilties with Word so there is a possiblity. You can always set up a Firewall to block all inbound and outbound while using Word.
  11. chew
    Offline

    chew Registered Member

    kr4ey, Thanks for the PM. Folks, have you tried PS with your Limited User account yet? Cheers Chew
  12. Espresso
    Offline

    Espresso Registered Member

    I don't understand the fuss going on here. The only thing new about Powershadow is the price. Deep Freeze, Shadow User and others do the same thing and have been around for a few years so I don't understand why you think this is going to be of special interest to law enforcement. Powershadow doesn't encrypt or safe erase its temp file so it's no more immune to forensic recovery than an internet trace cleaner.

    As for the Chinese, you can buy ANY software you like for pennies on the streets of any Chinese city, not to mention the massive Chinese pirate software scene where every piece of security software made is just a mouse click away. I don't think the Chinese government is giving them a second glance.
  13. EASTER.2010
    Offline

    EASTER.2010 Guest

    Likewise. I don't give any program a second chance to make good first impressions and that is just another reason why my excitement & satisfaction peaks with Power Shadow.

    Shadowsurfer/User might been around longer sure, then there's no excuse for it's issues. Any program that exhibits serious concern to your PC normally booting gives rise to concern and doubt and is why this was an easy decision to turn to Power Shadow.

    So far as after-references to internet surfing, it's but an easy matter to employ the free crapcleaner, eraser or any other reliable program on that order if theres some privacy concern that one feels absolutely must be addressed.

    For me and my household Power Shadow simply saves time by it's shadow mode entry/exit feature and offers complete confidence those others cannot provide safely. I don't care if it was made on the Moon, it's safe, stable, and works fine for the purposes i use it for. Good program.
  14. Huupi
    Offline

    Huupi Registered Member

    Hi, For the last few days i put PS on my rigs, so far so good but what about keyloggers and phoning home thing,sure they can't write to disk but they can reaad !Try to surf completely "naked', its faaast sitepages exploded on my screen but then realise the reading thing and it sobered me somewhat,from now on i keep Boclean and firewall active and disable any av and as.Or is this a misconception on my part and maybe i don't understand the virti thing ?
  15. EASTER.2010
    Offline

    EASTER.2010 Guest

    Set a FIREWALL rule if an app is abusing "outgoing" connection attempts, very easy.

    Snoopfree Privacyshield is a very efficient and i might mention very "FREE" program to intercept keyloggers/screenreaders. Google for it if you desire.

    All the best!
  16. Tommy
    Offline

    Tommy Registered Member

    Hi Folks,
    i am running PS 2.6 (with the provided serial) now for several days. Imazing application and so far no problems with my security setup.
    Now i can easy test applications in the shadow mode with no traces left after reboot. I like it. I hope the soft will be developed in the future.

    Question: Where are the shadowed files stored, like changed bookmark files, etc.? Sanboxie has a nice feature to save the changed files before shutting Sandboxie down. Would be nice for PS also.
  17. Chuck57
    Offline

    Chuck57 Registered Member

    As best I can tell, nothing is stored unless you manually move something you want to keep to an unshadowed folder. I put the few things I want on my other hard drive or save them to a CD. Otherwise, bookmarks, downloaded programs, everything disappears when you boot out of shadow mode.
  18. Tommy
    Offline

    Tommy Registered Member

    Ok, but where are the files (system/running aplications/etc.) which are used and altered/changed during a Shadow session stored?
  19. Woody777
    Offline

    Woody777 Registered Member

    I have just gotten a popup from Comodo firewall that P Shadow Tip DLL is trying to connect to the internet. It further alerts me its a keyboard hook. Any idea what that is? Is this normal activity ?
  20. kr4ey
    Offline

    kr4ey Registered Member

    PS makes a clone of your system. http://www.powershadow.com/en/introduction.htm


    Phoning home. Block it with your firewall. It is normal.


    Rick
  21. yankinNcrankin
    Offline

    yankinNcrankin Registered Member

    Tommy Question: Where are the shadowed files stored, like changed bookmark files, etc.? Sanboxie has a nice feature to save the changed files before shutting Sandboxie down. Would be nice for PS also.

    Feature not implemented in 2.6, you would need to make the changes out of shadow mode I think where a feature that allows you to do this is where the program creates an opportunity to get breached when in virtual mode IMO.
    Its a bother but I usually save my book marks on unshadowed partition or TD and manually make the changes off line.
  22. tayres
    Offline

    tayres Guest

    Seems like a good question on a technical forum: How does it work?

    Does that make it more or less secure; or is there any evidence that it's more or less secure than other sandbox/virtualization software discussed here?
  23. Chuck57
    Offline

    Chuck57 Registered Member

    I don't know how it works, except it's a virtualization software. That's something one of the experts here might be able to answer. All I know is, it works and works well.

    Whether it's any more or less secure than other sandbox/virtualization software, it's been hit with some pretty serious stuff by Easter, yankinNcrankin. and others and nothing has beaten it yet. It's at least as good as any other software of its type. It might be in the top tier of them, in fact.
  24. yeow
    Offline

    yeow Registered Member

    Hi! I've a question that hopefully the experts here can clarify. I've tried PowerShadow2.6 and it was really simple to use, true enough! But would I be right to summize (from this discussion) that, even if "nothing sticks" after a reboot, the user still has to be wary of malware that may steal personal information or bypass/cripple firewall settings during shadowed mode? (so not recommended for friends who are basic users on windows firewall?)

    Thanks,
    yeow
    Last edited: Feb 7, 2007
  25. Longboard
    Offline

    Longboard Registered Member

    Good observations.
    Afaik Yes.
    The malware may/will still do its job if possible in shadow mode, keylogging, screenshots and call home per session. At the end of the shadow session, the mals will be obliterated.
    Also true.
    But any of these changes will be removed when shadow mode exited.

    The shadow/sandbox/virtualisation is not a magic bullet.
Thread Status:
Not open for further replies.