You do NOT need any other security software...

OK with that, but scanners have several other serious disadvantages and most are due to competition and the user
is the main victim in several ways.

Let's hope PG will improve in the future. I'm not really a big fan of this software and PG isn't the only one
with annoying questions.

Here you have indeed a valid point, that is really worth to think about.

 

Peter, I think I misunderstood you. I thought you were talking about a person that works with you and would damage your PC behind your back. That happens too sometimes, but not that often.
We only pay attention to people, who have been fired by the company, because they are sometimes so angry that they format their own PC on the very last day LOL.
Sorry

 

There are types of virus that can't be flushed with Shadowuser. Folks can learn about them when their CMOS data is erased.

Acadia

 

You can operate ANY computer without any AV, as long as you don't use Windows. And not "arguably"; Viruses on UNIX systems, for once, are so few, and with such limited possibilties to do any damage, that they are a non-entity. And contrary to the usual misinformed rants by some Windows users (who never bothered to use UNIX in the first place), this is NOT based on the fact that UNIX is "not as popular as Windows so they don't make viruses". Viruses work in UNIX, but their possibility of action is unbelievably limited, so nobody in their right mind would bother developing one for destructive purposes.

 

Are you talking about these viruses ?
http://books.google.be/books?ie=UTF...viruses&hl=nl&sig=ce-Plu1sD9pC4y-zS_RneRSD6SA

 

We all know very well that the whole security business is based on the vulnerabilities of windows machines.

In 'What's your favourite operating system' poll, 90 members voted for windows systems against 3 who voted for unix systems. These are security minded people, in the real world the percentage is probably 99% for windows machines, so in principle you are right in reality your argument is irrelevant.

 

Could you elaborate? Is it hearsay or you've read it somewhere?

 

Sorry, you're either biased, or uninformed. Only the antivirus business is (for the greatest part). There is a whole amount of commercial applications for testing and hardening of UNIX systems. Not to mention that the job of system and network administrator involves securing UNIX systems in many, many cases.

Heh... Linux and MacOS are Unix-based (or Unix flavors, if you will) too, so that would be actually 15.

99%? Where do these numbers come from? In the workstation segment there is no comparison, ok, but do you honestly believe in the server section it's the same?

How so?

 

I'm almost convinced they exist according this link, but I don't panic over software.
http://books.google.be/books?ie=UTF-...y-zS_RneRSD6SA
But I think I need a better link.

If that happens, I think, a restore of an image backup will overwrite the damage on my infected harddisk.
That's the cure, but not the solution.

Quoting from ShadowStor's website, concerning ShadowUser
http://www.shadowstor.com/products/ShadowUser/

That means that SU protects you against viruses, when ShadowMode = ON.

I need an informative link about CMOS viruses and ask ShadowStor politely,
if these viruses can do any damage when ShadowMode = ON.
If not, case closed, otherwise ShadowStor MUST fix that problem in SU.
If they refuse, I will tell them I have to warn all security forums, that SU has a security flaw.

 

I would argue that Deep Freeze, and probably ShadowUser, is in fact a security solution. It's not the solution, but it's one of the best. When run with Anti-Executable or Process Guard, nothing (including keyloggers), can touch your computer. Something exotic like a bios virus? Maybe not. But, just like the real world, you shouldn't expect perfect security before you use the best available security. As far as I am concerned, SU/DF is just that.

 

securityx,

Perhaps you consider it simply a nuanced semantic issue, but that would place any image backup into the security arena, and I do think this can be a part of anyones security, but a backup doesn't make you safer, it simply hastens the rebuild. While system restoration via an image/SU/DF quickly resolves one possible aspect of a security incident, namely a PC who operations are compromised from either the direct infection or cleanup, it really does not directly mitigate the impact or occurrence of secondary events during an infection - things like harvesting of personal data, PIN numbers, and the like. If they are compromised, they're compromised regardless of how quickly you get on your cyber feet afterwards.

PG or AntiExecutable, on the other hand, are active security measures, so the combination is a very powerful approach. Clearly one needs to understand how to deal with PG alerts, or the equivalent AE alerts, for it to be effective. That might be painfully obvious to you (actually, it basically is to me), but to the majority of casual users, it is not.

The best available security is the best available security that one can use. If something like DF/AE passes muster for you in that regard, then I'd agree, for those so inclined, it is a robust solution.

Blue

 

You are right, Blue. That's really what I should have said. Nothing is right for everyone.

 

Thanks for the link

 

But it is a solution that I'd hope most frequent visitors to this site would examine. If I didn't configure my PC for a relatively homogeneous family LAN (to make debugging and setp easier for me), I'd take a very serious look at it myself.

Blue

 

But correct me if I'm wrong, ErikAlbert has not really tried Shadowuser yet right? At the very least he hasn't really tested the viability of it on a long term basis?

If so it seems premature for him to keep posting on this forum, how it is the best solution, while everyone using other methods are misguided.

Personally, I find such confidence by Erikalbert in advocating a method that he hasnt seriously tested yet, rather surprising. I wouldn't for one, make claims for something i havent tested yet.

Of course other people *have* tried the method on a long term basis, but none of them seem to be pushing shadowuser as hard as Erikalbert.

 

ErikAlbert has been quite circumspect in this regard, he has been answering questions and clarifying his situation, really no more.

There are quite a few explicit qualifiers around this approach, given that, I feel comfortable. If one waited for definitive and unambiguous evidence for every approach taken, the forums would be a rather quiet place. All approaches are works in progress dependent on the current circumstances (wmf - need I say more?). ErikAlbert's approach is no different, and getting a 3rd party reality check by mentioning the plans seems to be a prudent course of action IMHO.

Blue

 

deviladvocate,
I fully agree with BlueZannetti.
I always said in other posts, that SU was a PERSONAL experiment and I didn't advice anybody to do the same like me.
After all, each member has to decide for himself, which softwares he will use to protect his computer.
I'm not pushing anything, I'm just trying another solution for many reasons and I'm asking for people's opinions.
Isn't that normal in a security forum ? Or don't you like new approaches ?
Of course, if you don't read all my posts, you don't know everything.

 

That's kind of disingenous, since that's the same as what the rest of us are doing. The main difference is when most of us do it, we at least typically talk from some experience of actually using the software rather than from pure reasoning.

Moreover, the poster in question does not mere 'answer and clarify situtations 'in threads explictly mentioning shadowuser or similar classes of software, but even when the thread is clearly about other subjects, he continutes to mention shadowuser. Which I'm pretty sure counts as a recommendation.

For example in

What Av are you using free or paid

https://www.wilderssecurity.com/showthread.php?p=644342#post644342

Of course, he doesn't say it's a 'must have' but you must surely agree that
on these forums, sayign what you use, or would use if you had the choice definitely implies a strong recommendation. In the post above the implication is of course that scanners are not necessary.

https://www.wilderssecurity.com/showthread.php?t=99437&highlight=shadowuser

In this thread he recommends shadowuser, with the implication given the subject and vikkor's followup that it's as close as 100% secure, no mention at all that he doesn't use it.

And then there is the patented 'why scanners and HIPS' are bad speech that is becoming an erikalbert trademark (i trust i don't have to to show examples?) in threads that have nothing to do with shadowuser or similar software. Talk about which HIPS or scanner is best, and pops in Erikalbert with his patented speech plus shadowuser

I'm not saying the opinion is wrong, I'm just saying it seems to be a very strongly held opinion, on the basis of just reasoning/theory but *ZERO* experience.

If I claim i can surivive without AV, i back it up with an experience of going without AV, I certainly wouldn't dream of arguing with anyone , without having tried such an experience.

For the record, I think shadowuser and similar approaches might work, but i'm certainly not going to keep talking about it, arguing about it, when i have zero experience about it.

And IMHO erikalbert has long since crossed the line (particularly from the evidence in this thread) from merely asking questions or even stating a perference, to one who is a zealous supporter of the idea. All on zero experience.

I would agree that sharing experiences and opinions is okay. Though it seems slightly odd to me, that someone is clearly strongly supporting doing something (and if he wasn't why else would he argue so much in this thread against the naysayers?) and defending that approach has he has done in this thread when he himself has NO experience.

A pinch of experience is better than a ton of reasoning......

 

Yes, but given your posting in this thread alone, you are clearly sure that shadowuser will protect your computer yes?

For the record, I'm not against your approach. If you ask me to bet, i think it will work, assuming you dont go crazy and let down your guard 100% which you sugguested a long time ago you would do.

I have seen your posts from the early days where you were pondering about this approach until recently where you are clearly convinced it is a perfect (or near perfect) defense.

I don't know, if you are try to merely engage discussion by repeatedly mentioning shadowuser in other threads whenever someone talks about AVs, or HIPS, but i would guess that a lot of people are thinking you are advocating using shadowuser, why else woudl you mention it?

I would like to ask now, have you ever tried shadowuser? How many times/how long?

 

Sure, but your vote of confidence has been enough to serve as a recommendation of sorts, which is how this thread started.. someone noticed your statements and decided to announce to the world that "You do NOT need any other security software...". I can understand that it may not have been your intention to specifically promote the idea, but unfortunately that's how it turned out. If it were me, I would probably just take the opportunity to give more detail about my (your) plans, who they're appropriate for, and the risks involved and the precautions necessary to stay safe.

 

Exactly. I'm being saying this for a while already and it holds for everyone not just erikalbert. Notok, Peter, etc start a thread about product x, and as long as their reaction isn't 100% negative, other people will take it as a positive vote , and want to adopt it too.

When a person talk about their experience of trying and testing product x, as long as the post isn't 100% negative (eg product x sucks!), it is almost always taken as a vote of confidence for x.

And when you argue strongly for the product as Erikalbert as here and elsehwere any sensible person would take it as a very strong vote of confidence.

 

Do you really think, I'm blinded by ShadowUser ? In that case, you don't know me at all.
While most members are using ShadowUser as an additional software together with other security software, like scanners, HIPS or a security suite, I'm going to use ShadowUser together with a Firewall as only protection.
Why ? I want to know how good/BAD SU really is and the only way to do this is putting SU in extreme "dangerous" situations.
I like to see this with my own eyes, not second hand info. My evaluation isn't always the same evalution of other people.
I don't work with knowledgeable users, I work with indifferent users, who don't like to be disturbed by Anti-Malware softwares and don't want to listen to any security advice.
Quite a challenge to protect these users. Isn't it ?
Once I have SU properly installed :
I'm going to surf like a newbie, unaware of any threat.
I'm going to download & try any software (suspicious or not) on the internet.
I'm going to do some tests on my own.
My final goal is to crack SU in every possible way I know and if I succeed I will tell ShadowStor about it and it's upto them, to improve SU or not.
Do you call that blindness ? Consider me as a friendly enemy of SU.

Well that's my way to get reactions. Sometimes with results, often not.
I would like of course that more members were interested, because I'm not a security analyst.

No, because my old computer isn't good enough for partitioning, image backup and ShadowUser.
I ordered a new powerfull and fast computer.
1. I have to get used to winXPproSP2
2. I have to learn partitioning and choose a good partition software.
3. I have to learn image backup and choose a good image backup software.
4. I have to learn SU in practice.
5. I have to learn how to keep the GOOD changes of EACH application software and that won't be always easy.
So it will take some time, before I'm even able to test SU, probably half 2006.
Meanwhile, I'm asking questions and discuss SU as a possible security solution.
SU isn't even a security software, like scanners, HIPS, ..., it only restores your system in a different, but very easy way (reboot).
Between two reboots each threat can do its evil job, but that's another problem. I'm used to seperate problems from one another.
Nothing is new in this post, but I admit that most of it is scattered over too many posts. Nothing is perfect

 

Use Furl.net instead, it's much better anyway, because it archives the pages to be viewed from any computer, instead of just saving a link.