Macrium Reflect

Most likely, Reflect will also need a separate process for any periodic merging (to be automatically scheduled through the Windows Task Scheduler <WTS>), but the actual continuous incremental function should be easily handled just as it is now through the Reflect UI and its existing interface with the WTS.

 

@TheRollbackFrog -- Easily handled just as it is now through the Reflect UI and its existing interface with the WTS?! Jeez, Froggie, you have much more confidence in their understanding of the WTS v2 API functionality than I do, or than they do themselves for that matter. Last I heard, they were still had a project under way "to investigate how to detect if Reflect was started as a missed scheduled task, ..." and their "several questions to MS" about it had gone unanswered. They promised me to "re-run [their] tests and post a follow up so you can see [their] process and results", but they never did. Considering also their apparent internal disagreements, I can only conclude that they still haven't been able to sort it out completely to their own satisfaction.

What do you make of Nick Sills categorical statement that "Reflect doesn't use the WTS Run if missed"?

 

Sorry for the misunderstanding... my scheduler comments are primarily based on v6, the version that I currently use. Yes, the v7 WTS v2 API has had some real wrinkles since they went from v1 to v2, and like you I believe they have some misunderstandings concerning the v2 implementation. Some of those issues may be due to lack of M$ supplied documentation on the v2 interface, I do not know that for a fact.

I haven't spent enough time "inside" of v7 to comment on the WTS v2 API use, but when using the WTS v1 API, that WTS option was never set even if you selected the "If missed then run at next startup" option in the Reflect UI schedule setup. That function was always handled by the "MacriumService.exe" module.

 

Well, one thing is certain. Any program that employs Microsoft's Windows Task Scheduler API can only accept and work with the internal programming of whatever version they choose to use. Any TS API user can configure individual task entries accordingly, of course, but having done so, the invoked application can't simply "opt out" of whatever consequential TS triggering behaviour has thus been set. At best, the application may be able to intercept and "interpret" the TS triggered commands and apply some "special handling" such as Reflect's order-of-precedence rules. But that would require a more clear and consistent understanding of how the TS v2 API works than I've seen in any of their communications on the subject to date. Admittedly, that excludes any of their internal communications which I'm sure have been much more vociferous.

There is certainly some ambiguity in the MS documentation and I can definitely understand the Macrium developers' uncertainty resulting from unanswered questions. I sure don't blame Mike A for that, but it does raise some serious questions about the extent to which such misunderstandings may have found their way into v7 and about what's being done about it. Their most recent sloppy patch production is not a great confidence builder so far as any follow-up management is concerned.

According to Nick Sills, it works the same way in v7. At least that's how I understood his comment.

 

Second thoughts: Well, maybe it could, but only if it were able to distinguish very clearly amongst all of the various TS invocation options, and that seems doubtful to say the least.

 

Arvy, my friend... you've peaked my curiosity on this one

I'm going to fire up the current v7 (on my test System) and see what this WTS v2 API is all about as far as Reflect is concerned... wish me luck

 

You should be safe enough on a test system, but good luck anyhow. You'd need to allow a missed task or two to test the MacriumService behaviour under various backup task setups such as order-of-precedence handling. I think that's where Gork ran into a few problems that haven't yet been resolved AFAIK. Not sure whether or not the WTS "run if missed" option was involved in his case, nor what his "configure for" settings were.

In some "wake-up" handling cases, it also seems to involve W10's own power configuration which definitely does relate to the WTS "as soon as possible if missed" option. So, despite Mr. Sills' comment, that setting isn't totally out of the picture one way or another. Frankly, the conflicting statements have me quite confused. If you're able to figure out the actual current v7.0.2199 status, please explain it to me.

 

Just came across this (published by Nick Sills of Macrium on 30June) for those concerned with RansomeWare and their REFLECT backups...

https://blog.macrium.com/better-safe-than-sorry-ef32d8605830

 

Sounds good. Just wondering out loud if this will force those of us still with V.6 to move up(?) to V. 7 in order to receive the upgrade. Will just have to wait and see I guess.

 

I currently use Excubits Pumpernickel (FIDES) for this, but MIG looks good, if it's free, and if it will be available also to V6 users.

 

I think I might have a little more confidence in Macrium's forthcoming "image guardian" if they'd secure their own web site properly. According to my Firefox browser under both Windows and Linux, "forum.macrium.com uses an invalid security certificate". I did mention some residual HTTPS security issues to Stephen some time ago, but that warning, like others, doesn't seem to have much effect.
http://virtech.org/notsecure.png http://virtech.org/notsecure.png

 

Oh well Pete, I prefer Pumpernickel Bagels...
(If this is OT go ahead and remove it )

 

It would sure be nice if Image Guardian were free...especially to all of us who have put up with our V6 to V7 purchase! Also, it only does 1 thing, and even FIDES is only 12 EUR and does more than just protect an MR Image..

 

Mine are well protected and isolated in cold storage of sorts. Like v6 and like to stay with that too.

Motto on this end is if it ain't broke and works well then it don't need fixin' or updating unless the gas runs out.

 

Looks like I won't need to setup Device Guard (if that's the right feature) for Macrium Reflect... I may switch from Windows File History to Macrium Reflect for my data files if this becomes really advantageous.

 

A couple of months ago some here made light of a similar Acronis feature (https://www.wilderssecurity.com/threads/testing-backup-software-anti-ransomware-insurance.393370/). But now that Macrium has announced something similar it's gathering interest?

 

Scott, as Pete has mentioned, this is Macrium trying to protect its own imaging files. They feel that their imaging is already the 1st major component in protecting a System and its DATA against RansomeWare... now protecting the image would be the logical next best step in that process.

Acronis, on the other hand, has set itself up, basically, as a RansomeWare Prevention application... that's a whole different ballgame. It's one thing to attempt to protect one's important imaging functions/files (I would applaud this for any vendor, Acronis included)... it's a whole 'nuther ballgame to attempt to protect all vulnerable FileTypes against such RansomeWare nasties. There are many vendors already out there on the bleeding edge of this prevention technology, and that's the business and expertise they're engaged in. Acronis is not engaged in that technology... and as they become so, they will learn a very hard lesson, it's not an easy game to be playing in. Cloud storage and "Try & Decide" features are one form of fluff to try and enhance/separate a product in its marketplace, EXE/memory resident module lockdown is a whole different effort.

I see Acronis' new anti-RansomeWare tehnology as nothing more that just another bell & whistle, just like the many others they've created in the past since v9.1 ECHO, to try and set them apart from other imaging vendors... most of them not very useful at all in most cases (IMHO). They should concentrate on backup & imaging features (differential restore operation, volume change surface tracking and flexible scheduling) for the previously mentioned set apart... the product would become much stronger. And they should listen to their users and solve their many related System problems (and uninstall leftovers)... that would be very helpful as well.

 

OK, here we go again,,,,,I am using both Appguard and HitMan Pro Alert to protect against ransomeware, is Pumpernickel something I should add? I like the idea of Macrium protecting its images. My Macrium files are in constant contact with my PC but I have weekly images with Paragon that are separate from the PC except when the images are being created so protection of the constant contact drive is important. Would P be better with what I am running now than the Macrium dedicated app or am I OK as I am with or without the M app?,,,,,, or should I add P?

 

Barry, we have not seen the structure of Macrium's MIG process so it's too early to evaluate properly at this time. Pumpernickel (FIDES) can be "difficult" to configure for "ordinary" users so its use will require some significant patience (and possibly help) in setting it up. It's use would not just be for Macrium images but any protected files/folders that are important on your computer... but it takes some work to set it up properly and test it for success (just ask @Peter2150 and myself ).

If Macrium's MIG feature is done right, and its mgmt is handled automatically for the user... I think it would be a win for ordinary users who currently rely on Macrium to protect them (System & files) from RansomeWare.

...and, of course, if you practice SAFE NET and keep that OS regularly updated, you may not even have to worry about RansomeWare.