Best security for personal use?

Discussion in 'sandboxing & virtualization' started by VictorNono, May 16, 2013.

Thread Status:
Not open for further replies.
  1. VictorNono

    VictorNono Registered Member

    Joined:
    Apr 9, 2013
    Posts:
    17
    Location:
    uk
    Rollback RX is the best for home/personal use! ;)

    Bought this laptop with win 8 pre-installed, so Rollback RX wouldn't install, because it is not compatible with GPT on 64 bit. But hey who needs GPT on a PC for personal use?

    Tried first Deep Freeze but the downsides were 1) Hibernation doesn't work; 2) it can not test and keep at the same time, so first one has to test in frozen state then reinstall in thawed mode.

    And Shadow Defender's got this big status image at top on desktop and is not so easy as RR to use.

    Returnil includes scanner etc. of no interest.

    With Rollback RX you can keep a baseline with first installation and updated drivers. From thereon you can just rollback to last snapshot and do upgrades. It's clean. And there's no need for virus scanner.

    It works best ofc. if system and features/other apps are kept on separate drives, because then there's only need to rollback when a new driver fails or to update on the latest snapshot. So you have to move programs/data, which has the benefit of keeping the system clean and faster and when you want to ditch the computer you can very easily take the programs/data on to another.
     
  2. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I have never tried Rollback RX.

    The only thing that I can think of that I would not like about Rollback RX is that for proper Windows System Partition Imaging I would need to also Image the "unused sectors". Imaging the "unused sectors" results in very large Image files sizes and the Imaging process takes much longer than Imaging only the "used sectors".
     
  3. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Hi Victor, in Administration (Shadow defender UI), you can disable the SD status tip. I never used RR but I can tell you that SD is extremely easy to use and effective. I recommend you take a closer look at it. Also, you might want to check out Toolwiz TimeFreeze. It is free, similar to SD, easy to use and works very well. I have used both programs without any problems.

    You didn't mention Sandboxie. SBIE is an application sandbox, it is what I use for security and there is nothing like it. If you really, really want to be safe when you browse or open programs like your PDF reader, video players or open files that you get in emails from friends and keep your system intact, use Sandboxie.

    Bo
     
    Last edited: May 16, 2013
  4. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I agree.

    Sandboxie is what I use. :thumb: :thumb:
     
  5. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,024
    Location:
    USA
    Victor,

    I hate to burst your bubble, but Rollback Rx is definitely prone to malware infection ...I know because I was a user who relied on it (because I believed their marketing BS) until my system partition was hosed by a rootkit! It turns out that Rollback Rx does not protect the MBR from infection. Nor does it prevent the rootkit from launching a direct (disk) I/O driver! Thus Rollback's baseline is subject to corruption and if/when that happens your system is toast.

    Bottom-line: If you do use Rollback Rx, also use an active AV and make a habit of creating image-backups of your system volume!

    Cruise
     
  6. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    That's why there is no reason to have Rolleback Rx. You might as well just keep one image back up and an active AV.
     
  7. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,024
    Location:
    USA
    Well, when it works 'as advertised' it can be very handy for instant snapshots and restores ...I'm simply suggesting to Victor that Rollback Rx does not prevent malware infections, does not protect the MBR, and that rolling-back to the baseline snapshot should not be considered a 'security blanket'.

    Cruise
     
  8. The Shadow

    The Shadow Registered Member

    Joined:
    Jan 24, 2012
    Posts:
    814
    Location:
    USA
    Indeed, those are words of wisdom!!!
     
  9. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    I use Rollback RX myself, it's a lifesaver for software and also for hardware testing. Still, what other users have mentioned is absolutely true: RX alone is not enough. You most definitely need multi-layered protection in order to be able to resist sophisticated rootkit infections.

    For me Shadow Defender and Rollback RX work great together but you'll still need a proper HIPS Firewall plus antivirus-antimalware software, plus antikeylogging software in order to cover yourself against most eventualities. Personally I also browse with Sandboxie and also use it to test unknown executables in a safe isolated environment. Many people also add anti-execution software on top of all that. It all depends on your degree of paranoia.

    Have a look at my LV/IRS tech intro and also at my SD and RX reviews for tips on everything you can possibly do to do with these programs. Long reads but trust me, it'll be worth it. You can do so much more with such software but there are also limitations, it's all here:

    http://www.tweaktown.com/articles/5...erall-safety-net-for-your-computer/index.html

    http://www.tweaktown.com/reviews/52...e-review-and-guide-shadow-defender/index.html

    http://www.tweaktown.com/reviews/53...tware-review-and-guide-rollback-rx/index.html
     
    Last edited: May 17, 2013
  10. VictorNono

    VictorNono Registered Member

    Joined:
    Apr 9, 2013
    Posts:
    17
    Location:
    uk
    Hey, thanks for the replies. Don't know why subscription doesn't work, it's enabled and email is correct??
     
  11. VictorNono

    VictorNono Registered Member

    Joined:
    Apr 9, 2013
    Posts:
    17
    Location:
    uk
    Why image the system? There are already tons of that, just get some installation disks or more simple use rollback rx. A snapshot takes seconds, while imaging takes for ever.
     
  12. VictorNono

    VictorNono Registered Member

    Joined:
    Apr 9, 2013
    Posts:
    17
    Location:
    uk
    Strange that computer security is developed better than teeth security, when holes in the teeth hurts more?

    The first reference about "Light virtualization software..." is very detailed. It could be easier than described, fx. moving user folders are not necessary. Even if your C: is frozen. Features and programs on C: that use app-data folder etc should have their stuff stored normally. Move it to USB because you want to have it portable with your portable programs, and you won't be able to login to windows, if windows doesn't recognizes USB drive before login. Furthermore to move your user folders without actually moving them just use junction: Redirect the folder for the specific program on launch.

    Deep Freeze looks better than Shadow Defender but still you have to unlock both to make updates, and isn't the MBR vulnerable then? Which mean you just have to make the virus work, when it unlocks.

    If this was about a public computer, Deep Freeze would probably be useful.

    But for personal use Rollback RX is perfect for a system that needs upgrades.
     
  13. VictorNono

    VictorNono Registered Member

    Joined:
    Apr 9, 2013
    Posts:
    17
    Location:
    uk
    The system has Rollback RX and windows security (UAC, Firewall ..). That should do it.

    Had it occurred to any one, that if something screws up the MBR it's not an installation but some kind of download/saving process interrupted by a freeze? Don't use C for downloads or data work (video editing..) Do that on an empty partition only.

    Sandboxie mix together every program virtualized. Fx. Launch one program do a save, that you want to keep in virtual space. Then install a new program that you want to uninstall again, but you can't rid it from virtual space without erasing the first one also. Didn't find it useful.

    There are only very few virus compared to "old" drivers and bugs that don't work. And "Windows 8" is a virus. But "if it ain't broken, you can't fix it".
     
  14. The Shadow

    The Shadow Registered Member

    Joined:
    Jan 24, 2012
    Posts:
    814
    Location:
    USA
    Although I'm not a Rollback Rx fan, what you said about having to image the 'unused sectors' actually isn't necessary for backing up a system with RBRx. ;)
     
  15. The Shadow

    The Shadow Registered Member

    Joined:
    Jan 24, 2012
    Posts:
    814
    Location:
    USA
    Surely you can't be serious. Rollback Rx won't be worth anything if your drive won't bootup to the RBRx console. That could happen as the result of a fatal disk error, MBR infection, hard crash, etc.

    Should that happen, I wouldn't want to think about re-installing Windows and my apps/settings, not to mention recovering lost application data!
     
  16. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    This reminds me so much of Comodo Time Machine, i always felt it had lots of potential.
     
  17. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    No one's mentioning AX64 Time Machine?
     
  18. VictorNono

    VictorNono Registered Member

    Joined:
    Apr 9, 2013
    Posts:
    17
    Location:
    uk
    If hardware fails so you're buying a new computer, you would want a new configuration anyway for the new system instead of recovering an image for another computer.

    Put all download software together with downloads on an empty partition. Finished downloads are quickly moved/installed. When it crashes finished downloads can be found with data recovery (why this partition should only be 50Gb for quicker recovery) and the drive can just be reformatted, cause only the download software needs to be reinstalled.

    Put only system software on C, because the system is not going to crash when there's no changes to it, unless it's a new driver in which case you got Rollback RX to reinstall the old driver + wipe out any app made savings anywhere. Freezing the drive is not popular for personal use, fx. if you got a dynamic theme, it won't be dynamic when frozen. Rollback RX is just a better Windows System Restore.
     
  19. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
  20. VictorNono

    VictorNono Registered Member

    Joined:
    Apr 9, 2013
    Posts:
    17
    Location:
    uk
    Okay, haven't tried that yet, so maybe that is better than Rollback RX.
    And since it's new it should have some time for feedback and comparison.
     
  21. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,024
    Location:
    USA
    Hi Victor,

    While it's easy to direct your downloads and personal data to another partition, it seems to me that besides the OS you would still have all of your application software (programs) on C as well as program data. :doubt:

    Cruise
     
  22. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    One plus right off is with AX64TM you don't have to uninstall to do a defrag like you do in RBRx.
     
  23. VictorNono

    VictorNono Registered Member

    Joined:
    Apr 9, 2013
    Posts:
    17
    Location:
    uk
  24. WSFfan

    WSFfan Registered Member

    Joined:
    May 10, 2012
    Posts:
    374
    Location:
    The Earth
    If you do have an SSD,then you will realise later that Rollback Rx doesn't provide full support for SSDs.
     
  25. VictorNono

    VictorNono Registered Member

    Joined:
    Apr 9, 2013
    Posts:
    17
    Location:
    uk
    No, the trick is to move it and not to move it ;)

    What you really want is 1) to keep data that are saved by applications on C (system apps) and 2) move everything else.

    1) is done by installing windows, configure & updating it and taking a snapshot with Rollback Rx or similar that you can rollback to in order to clear out anything else later. That's the best security.
    2) is done by moving stuff that is not system + save data to keep the system clean and so you can always use the portable stuff on another machine. There are automated software (like http://www.vmware.com/company/news/releases/thinstall.html) to do that, but it doesn't always work. Here's what always work:

    The toughest nuts to crack: a) requires a launcher, so there are 2 apps to move; b) requires registry entries with program version, directory location and registered program license code; c) must be installed in "c:\programs.." folder.

    Fx. On system drive you have C and a recovery partition and then nothing else, and then you have an external USB harddrive for all your personal stuff and which you divide into first a partition for downloads; second the biggest partition for applications and their data; and small third a utility partition with tools (Minitools Wizard, all .Net framework editions, DirectX setups, mxsml setup, physx setup, data recovery, visual c++ redist setups, portableapps (browser, systemexplorer....))

    So to move: Run the app and save something to find out where it stores data. Then copy the app folder and its launcher folder to new location, and copy also its saved data. Then enter regedit.exe and search the launcher name and also the app name. There can be plenty of unnecessary entries. Most apps start without using registry data at all. But just find its official entry with license code, version and directory location and export it to your portable device. Then rollback the system to clear out its installation.

    So to run app from portable device use junction, a batchfile and the .reg you exported.
     
Loading...
Thread Status:
Not open for further replies.