WinPE's can be injected with malicious code.. (quite easily,if you know what you're doing.. i can do it,but i refuse to demonstrate.. ;-) )
I am having a hard time with that. You can inject my USB key which is sitting here on my desk or when I boot to it with no network connection?
Like any other removable/swappable drive, it isn't vulnerable to malware so long as it's not connected to any possible sources as you say. As I mentioned above, however, most WinPE builds, including those built using the Macrium Reflect "wizard", are capable of network connections when booted and active. And they run as SYSTEM with all of its access privileges. The risk involved is therefore transient, but not zero. Of course, we'll only know whether the Macrium file type filter is included in their Reflect 7.1 PE builds when it becomes available for actual testing.
I have had Solid state drive and a data drive. I set Macrium up to backup the boot drive. I was going to use Files and Folders to back up the data on the D drive. I was thinking backing up the data once a week. I was going to make the initial full backup and then let it make either differential or incremental back ups. There was an option for that already set up. Or maybe I could let it make the daily changes, if it doesn't take a long time. Most of the data will be remain the same. Any suggestions on what might be best. I'm not sure if I should use Diff or incremental backups for the data. I was also wondering 1. should I put both backups in the same directory? Or should they have separate directories? 2. They both said they would delete the oldest backup first when they run out of space. So how should I manage this. Will each backup delete it's own oldest back up? Or will Macrium delete the oldest files regardless of who's backup it is. 3. Also, is there a way to limit how much of a drive each backup can use? Can I tell each to not use more than half of the drive for the backups? If so, how do I do this. Thanks.
Differential and incremental backups and their relative "pros" and "cons" are explained in this KB article. It's not necessarily an either/or choice. Reflect provides ready-made templates such as its "Grandfather-Father-Son" (GFS) template that will allow you to include all three backup types (full, differential and incremental) in a scheduled backup plan strategy. 1. Using separate (sub)directories for each backup set is not required, but it may have some advantages both for meaningful naming of each folder and for ease in managing your retention "housekeeping" rules. 2. You can set your retention "houskeeping" management rules to apply either to all backup sets in the same folder or to only matching backup sets in the folder as explained in this KB article. 3. You can set the amount of space that must be available on the target volume and tell Reflect to delete the oldest backup if the free space falls below that set amount. It's also possible to "split" backups into multiple files with a defined size limit. However, you can't tell Reflect to use only half of the available space on the destination that you tell it to use for the backup operations that you launch or schedule. You could, of course, partition the drive in order to use only half of it as your backup destination.
The last "official" reply to that question that I've seen was that it was being subjected to additional testing would be released "when its ready." That was several weeks ago. In fact, no Macrium Reflect updates of any kind have been released since the v6.3.1835 "bug fixes" on 26th June. I'm beginning to suspect that we might see the MS Windows Fall Creators Update and its anti-malware features before Reflect v7.1's MIG.
Yes, this could be right. Maybe they decided to wait and see if new OS update will break anything and they fix problems with 7.1 release.
Well, some of their past attempts to anticipate the likely behaviors of W10 update features based on MS "preview" releases haven't worked out well for them, and they certainly wouldn't want Reflect v7.1's launch to repeat any of the unfortunate installation and usage issues involved with v7.0's introduction of new device class filters, etc.
You're welcome. Any other questions, don't hesitate to ask. Some of those backup task definitions, plan templates and all of the variables involved in the related retention rules and strategies for the three backup types can be a bit confusing at first.
Quick question... I build my own systems and all is OK. I use V7.0 waiting for 7.1 Anyway, my wife is looking at a 17.3 inch HP ENVY Laptop with Windows 10 Pro and a 512GB SSD...no HDD which is OK with me. So, since HP (or anyone else it seems) does not give you any recovery media, I wonder if A FULL image of the SSD would protect us? I mean, I know HP creates a Drive D partition to recover, but am I correct in thinking that if I backup the whole SSD image with all partitions ( I assume that would include drive C and D) that I would be able to do a complete restore and loose nothing?
If you create Macrium Reflect rescue media for booting the HP laptop to a WinPE recovery environment and if you back up the SSD completely (i.e., ALL of its partitions including those without any assigned "drive letter") to some other physical drive, then yes you would be fully protected so long as that separate backup drive suffers no damage or corruption. Because the factory recovery partition provided by most OEMs resides on the same physical drive as the installed operating system its recovery assurance is less than complete in the event of catastrophic failure of that single drive. In fact, if you want to be really safe, you should have backup images on several drives and keep at least one of them off site.
Thank you. Yes, the laptop even has a DVD writer so I can create a recovery DVD. I can also write the Image to a USB 3.0 memory stick and use several in case 1 fails. My home systems use a SATA III to SATA III dock with a 4 TB drive.
Well.. The shady person could just render the software's WinPE useless, eg. it would make corrupted backups and mess with already done backups, just to make people ****** off. And at a worst case scenario, do something to the actual physical OS of the machine, it is ran upon... How are you gonna monitor what it does, when you boot the computer with it ? Ofcourse, this probably would not happen to an experienced user, but to someone accepting the WinPE image from some "3rd party person" But then again... if someone makes a virus which especially targets Macrium Reflect and it's WinPE's,then it could be another story..
Are you talking about infecting Reflect's own WinPE builder "wizard", or about introducing malware into some other WinPE builder such as ChrisR's WinBuilder projects? In either case, I can assure you that it takes no great genius to produce "useless" WinPE builds, nor even a "shady" personality for that matter. In fact, it's possible to "inject" almost anything into a WinPE build that can be included in a regular Windows working environment, but it seems like a rather pointless exercise in doing things the hard way. As I said above, we don't even know yet whether Macrium's new MIG protection will be included in Reflect v7.1's rescue media builds. My guess, FWIW, is that it probably won't be.
Frankly for me this MIG amounts to a useless feature. It only protects agains Macrium image files? I use Pumpernickel so everything on Macriums target drives is protected, and Excubits did it right.
That's my understanding and that it will accomplish that narrowly restricted protection by introducing another kernel mode device class filter into the Windows OS akin to their Changed Block Tracker (CBT) filter driver and service that was the "major" part of their v7.0 "upgrade". As you point out, there are other possibilities to provide much broader protection and the W10 "Fall Creators Update" will include its own. Personally, I think I'll wait at least a little while before risking any unanticipated "collisions". I'm sure there'll be many others who will eagerly fill the "latest and greatest" guinea pig role.
My opinion: Macrium is in competition with other software producers. Since Ramsonware / Malware was discussed in the mass media, a "normal" user who buys a backup program today will compare products and probably make sure this type of protection is available. Acronis sells backup solutions with integrated Ramsonware protection. That's why Macrium had to improve here ... first with advertising. In addition Macrium's target group are the users of their backup programs. Why should they take care of other programs and data? Thats where special programs or the OS vendor will step in. And by the way, we should not forget that the target group of Pumpernickel is the experienced PC users and experts. The "normal" user will therefore not know Pumpernickel. For me, it is probably no added value because I use the Macrium internal "network drive option" to save the backup data to a file server. Pumpernickel would not protect in this case ... on either of the two systems. On the other hand, I use Macrium Free on the file server. Backup files are therefore not protected against "local" attacks, this would require an additional license for Macrium on the file server in order to achieve this.
Have to agree with you KevinGer, especially on the "we should not forget that the target group of Pumpernickel is the experienced PC users and experts. The "normal" user will therefore not know Pumpernickel." observation that you make...well observed. Regards, Baldrick
If Macrium Reflect's marketeers are now advising competition based on pursuing the Acronis multi-faceted "paths to glory", that does not bode well for the future IMO. I find that thought downright scary in fact. Those looking for an everything-in-one product should seriously consider something like the Paragon Hard Disk Manager Suite. Its "Swiss army knife" combination of components do everything but cook dinner.
I hope Macrium doesn't follow Acronis, as if they do they will follow Acronis straight into the lower regions. You install Acronis, and only about 10% of the UI is devoted to Imaging. Since I am currently using CBT on v6 Macrium so far v7 offers me Zero. Not worth dollars.
Your estimate of 10% devoted to primary backup and recovery functions might even be generous. Here's a list of kernel mode drivers, filters and services that Acronis TI 2018 dumps on top of the Windows operating system: "Acronis Active Protection Service" "Acronis Scheduler2 Service" (autostart) "Acronis Nonstop Backup Service" (autostart) "Acronis File Protector" (autostart) "Acronis File Tracker Driver" (kernel mode - start=0x00000000) "Acronis Storage Filter Management" (kernel mode - start=0x00000000) "Acronis Managed Machine Service Mini" (autostart) "Acronis Mobile Backup Server" (demand start) "Acronis Mobile Backup Status Server" (demand start) "Acronis Snapshots Manager" (kernel mode - start=0x00000000) "Acronis Sync Agent Service" (autostart) "Acronis TIB Manager" (kernel mode - start=0x00000000) "Acronis TIB Mounter" (autostart) "Acronis Try&Decide filter" (demand start) "Acronis Virtual File Driver" (autostart) "Acronis Volume Tracker" (kernel mode - start=0x00000000) "Bonjour Service" (autostart) Macrium has a long way to go if they plan to compete by following that bloated "added features" path.
