A Loss Of Direction

Hi

A couple or three years ago Returnil was all the rage when virtualisation was taking off. Indeed I used the free version, and it was good. The only problem at that time was how did one deal with software that needed a reboot. This is still the case now.

Yet the developers of Returnil went into antivirus etc and for all I know maybe an integrated Firewall is on the stocks.

What still is missing is the Holy Grail, the killer function that would destroy Comodo Time Machine (for many) Rollback AyRecovery Shadow Defender et al.

So the incursion into the murky and very dubious territory of Anti Virus is mystifying. And as one reads from the forums, problematic and diversionary from the main thrust virtualisation.

I simply cannot understand, the approach the developers have taken, maybe in years to come it will be remembered as one of the big business decision failures of all time. Antiviruses are generally behind the curve and on a hiding to nothing so why?

Maybe the Holy Grail is unattainable, so thats why we put up with integrated antivirus software which fails to meet best of breed. Put another way, the product life cycle on virtualisation was very short so Antivirus inclusion extended it!!

Returnil in my view has lost its way. Shadow Defender, is much simpler and useable, but suffers the same lack of the Holy Grail but is at least unpretentious in its aspirations.

Come on Returnil put the thinking cap back on---Imagination

Terry

 

Hi Terry,

Though this is not a universally requested feature for the majority of our customers, it does have support from those looking to perform testing and more advanced types of evaluations. This is why we have been working on this for quite some time now. The code is entering an extended internal testing period and it looks to be progressing well.

We are looking to begin field trials in the next series so keep an eye out for the Beta when announced

No Firewall is planned though some aspects of them may be interesting in a limited way, just as there are interesting aspects of Antivirus...

Persistence of virtual sessions across restarts is not a holy grail, otherwise, Shadow User would an on-going concern...

It is an interesting feature, advanced, with a limited audience. With that said however, it does open possibilities that we find compelling in the corporate and research worlds. The average user has neither the need or motivation to use this type of feature.

Virtualization is not now, nor has it ever been a silver bullet. When used within an intelligent, layered approach, it can be the difference between a clean system now and over time rather than carrying the risk that malware will persist long term. Antivirus has the advantage of being the canary in the coal mine that gives the user an opportunity to get rid of it with a simple restart and keep their personal productivity high.

As has been said many times, virtualization can only drop all changes, save some changes, or save all changes. It cannot detect or block the content which can run unmolested in a virtual session. Our goal is to provide a means for the user to optimize their protection and only use one or two programs (besides a firewall and router) and still be more protected over time than using "X" number of on demand scanners and other programs.

For precisely the reason already stated: better protection over time while taking advantage of the expert analysis feature of the AV. Removal is trivial with virtualization active and the malware is in the virtual system. If it exists prior to the use of RVS, it still needs to be removed

It also serves as a transitional technology that the average user "understands" and uses regularly. Many of us here at the forums do not need the AV "crutch" to achieve the same results, but I think an average user would be well over their heads running just a HIPS and a router firewall...

Another issue is with corporate requirements: Thou shalt have an updated and frequently used AV or your request to join the network will fall on deaf ears. Endpoint security solutions are heavily biased towards traditional security because that is all that has been adopted by the majority of users. Though quite unsatisfying as far as true results, the AV is still required. With RVS, that AV requirement is fulfilled even though it has significantly less relevance than the virtualization...

The goal is attainable and has been attained. In the past, Shadow User and FDISR WS provided this but the products did not result in commercial success. Don't focus on the parts to spite the whole story. While virtualization is powerful, it is not all powerful - you still need some form of feedback on how well your strategy is working. The occasional full system scan provides this while the AV is there to only check incoming and newly created content.

Think of it this way - if you have cruise control on your car, why do you need a speedometer?

We are not going to turn this into an A v. B thread so please keep the references and discussion about competing products to an absolute minimum. Virtualization has been around for decades. In truth, longer than Antivirus and other security technologies. Why did the AV take off and virtualization remain in the "shadows"? The answer I arrive at is because of that very feedback issue I discussed above. How can you be sure your strategy is working unless you get some form of expert feedback on how well it is actually working? Sure, you can simply restart your computer and the malware is gone, and this is what an expert would take as a given. What about the average user?

Mike

 

Terry -

I totally agree with you.

Maintaining the virtual state across reboots would be fabulous. The virus scan, firewall (possibly) and other discussed enhancements are irrelevant.

I haven't done well with Returnil and dropped it several months ago. (I came across your post by accident.) They tortured me with registration problems with the last version, and then the current "lux" version crashed both of my home computers.

Reminds me of Acronis. Why can't these companies listen to their consumers as to what they want (and what irrelevant bloat they do not want )?

 

LenC,
We have been transparent regarding our intentions and the vision we have for RVS going forward and have not deviated from the plan. We also listen to our users and customers, otherwise there would not be any motivation to put resources and effort into realizing the features you are requesting. These features however MUST be consistent with our vision of a security solution that actually provides security rather than a knee-jerk reaction to a discussion in the forums...

Mike