Can I really trust in ShadowUser ?

Discussion in 'sandboxing & virtualization' started by HoLmEc, Jun 15, 2006.

Thread Status:
Not open for further replies.
  1. HoLmEc

    HoLmEc Registered Member

    Joined:
    Sep 30, 2004
    Posts:
    17
    Hi everyone,

    I need a piece of advice. I really like ShadowUser sandboxie, so I ask you all, what are your opinion on this product, will it accurately keep my HD intact after reboot, or is there any chance for a malware leave a piece of it in my HD ? I use a limited account but I'm thinkin' about switching for administrator, since it will permit me to run certain programs and my shadowuser will empty the changes after reboot... can i do it, or would it be risky ?

    Thanks
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,057
    You will probably be okay. Biggest issue will be when you want to commit something you don't want to lose. Thats when you have to becareful. But if you also have layered defenses you should be fine.

    Pete
     
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    HoLmEc,
    Before you decide to buy ShadowUser, trial FirstDefense-ISR first.
    Same price, but FirstDefense-ISR offers alot more than ShadowUser.

    Straight from the FirstDefense-ISR user manual :
    That sounds like ShadowUser isn't it ?
    And this is just ONE of the many functions of FirstDefense-ISR.
     
    Last edited: Jun 16, 2006
  4. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    One could argue that your response is to say the least OT, but then coming from someone who has been singing to the world for the last year how wonderful SU is without ever trying it, I find it incredible!

    @ HoLmEc

    You are often given advice by people who have never tried SU or have installed it for a couple of days just to see how it behaves on their system.

    I've had it for almost a year and not only I've never been infected but I could do without Antispyware applications. A simple reboot and everything is gone (reboot time: 2 minutes).

    I agree with Peter2150 about the layered defense: A Firewall with outbound control and an Antivirus are necessary to stop trojans calling home and viruses if you want to save something in shadowmode (mind you, people using other similar products ALSO have a layered defense of sorts).

    SU will also protect you from the so called 0 day viruses, therefore having a good AV you can get a very safe environment indeed.

    You can really trust ShadowUser, particularly if your prime use of it is to safely surf the net.
     
  5. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    0saban,
    SU is reliable, Peter already said that. So I don't have to repeat that.
    I don't work with software names, I work with functions when I choose software.
    If two softwares can do the same thing for the same price, than I start asking myself, which one of them offers more for $70. Maybe you don't work that way, but I do.
    Sorry for SU, but I found more in FD-ISR, that doesn't exist in SU.

    There was a time I was fascinated by SU's philosophy, but I wasn't aware that other softwares could do the same thing. I'm learning all the time.
    I was a member of SWI in those days and nobody was interested in SU at SWI. According qualified people at SWI, SU was even suspicious.
    Then I became a member of Wilders, where SU wasn't ignored, but Wilders also talked about RollbackRx and FD-ISR.
    RollbackRx would have been my first choice, but it has problems.
    I tried to break FD-ISR in any possible way and all I found was an old harmless bug.

    I'm just telling HoLmEc to consider other possibilities and if he made up his mind already, just like you did, that's OK with me.

    If this thread is only about confirming, that SU is reliable and an opportunity for all SU-fans to praise SU into heaven again, then this thread becomes quite boring.
     
  6. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    ErikAlbert, nobody is telling you that you should not change your mind about any application, and this is happening all the time with other members to try one program for six months and then switch to another one because of something negative on their system.

    Your fascination for SU is over, and frankly I for one I don't give a hoot whether you like it or not as I have no qualms about how successful SU is with others, but why not stay on topic: Can I really trust ShadowUser?

    "If this thread is only about confirming, that SU is reliable and an opportunity for all SU-fans to praise SU into heaven again, then this thread becomes quite boring." (Quote from ErikAlbert)

    This thread hasn't had chance to become boring, and I'd like to remind you that SU has no forum at Wilders unlike your newly elected gem (people don't talk about how good SU is in the FD-ISR forum).

    The truth of the matter is that you never had SU on your machine and can't possibly even try to answer matters regarding SU.
     
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    SU was a subject in the FirstDefense-ISR Forum as a possible combination :
    https://www.wilderssecurity.com/showthread.php?t=134504
     
  8. yahoo

    yahoo Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    290
    Location:
    nowhere
    ShadowUser and FD-ISR are doing the thing in totally different ways, although they can achieve similiar purpose. ShadowUser uses Virtual Volume to keep/discard system changes, and FD-ISR uses snapshots to store different system states.

    Functions good for one person may not desirable for another person. It is nice that FD-ISR can save different snapshots. However, I prefer to backup my system with Acronis True Image onto CDs/DVDs once for a while. Different snapshots of FD-ISR is useless to me.

    On the other hand, I put my system into ShadowMode right after disk cleaning and defragmentation. My disk will always stay at an 'optimal defragmented' state with junk/temp files discarded at each reboot. ShadowUser serves my purpose. The reboot into previous state with ShadowUser is faster than FD-ISR, and I like it.

    Different people have different preferences. It just does not make much sense to claim FD-ISR is better than ShadowUser and vise versa.

    Yes, the suggestion of FD-ISP can make this topic less boring. I can imagine the next question to be asked is, Can I really trust in FD-ISR? The original question may still wait more answers, here is another question to be answered!:)
     
    Last edited: Jun 18, 2006
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,057
    To put this thread back on topic. Yes I believe you can trust Shadowuser. The biggest risk inherent in any of these products, is still you the user. That is equally true for all of them.

    Pete
     
  10. HoLmEc

    HoLmEc Registered Member

    Joined:
    Sep 30, 2004
    Posts:
    17
    Okay guys, thanks for the replies :)
     
  11. divedog

    divedog Registered Member

    Joined:
    Jun 7, 2004
    Posts:
    265
    Location:
    Seabeck WA
    Here is my 2 cents. I used Shadow surfer for several months, I assume it is similar to Shadow User. It does work as advertised. I agree with the other poster, FDISR offers a lot more bang for the buck. The down side to FDISR as compared to Shadow User is FDISR requires a lot of hard drive space, it also has a higher learning curve, but it’s well worth it in the end.
     
  12. yahoo

    yahoo Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    290
    Location:
    nowhere
    Back to topic, I have been using ShadowUser for almost one year now. I have trialed several applications in ShadowMode. After a reboot, there were no traces of those applications left on my computer. I regard ShadowUser as a reliable product, and it does what is advised. It takes very small hard drive space. It is very easy on resources (less than 15M total Physical+Virtual memory). The reboot back into original state is very fast, just like the reboot without ShawdowUser installed. ShadowUser does not conflict with my other applications including O&O CleverCache (FD-ISR would conflict with O&O CleverCache, experienced by Erik if I remember it correctly).

    With the current discount on ShadowUser, the price of ShadowUser should come close or cheaper than FD-ISR. If I am asked to make a choice between ShadowUser and FD-ISR, I would go with ShadowUser without any hesitation. As stated before, the choice is only a personal preference.

    It is interesting that people, who have never used ShadowUser, are so enthusiatic to convert the OP from ShadowUser to FD-ISR.:cool:
     
    Last edited: Jun 18, 2006
  13. divedog

    divedog Registered Member

    Joined:
    Jun 7, 2004
    Posts:
    265
    Location:
    Seabeck WA
    I am curious as I only used Shadow Surfer in the past. Is there a way to test software that requires a reboot before installation is complete with Shadow User? I was unable to accomplish this with Shadow Surfer.
     
  14. yahoo

    yahoo Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    290
    Location:
    nowhere
    Yes, of course. That's the reason why you should try it to know it. :)
     
  15. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hi! u can,t do it with ShasowSurfer, however U can do it with ShadowUser but even here some softwares will cause conflict esp security software that install kernel level drivers( I experienced it). If u want this functionality, use RollBackRx or FDISR.
     
  16. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    BTW, I got ShadowSurfer free, don,t know the option is still there or not.
     
  17. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Just a not here. Even though Shadowuser and Firstdefense are very reliable I have personally seen both fail on different comps. So don't blindly put all of your eggs in one basket hoping a piece of software will protect them because it won't always do that.

    bigc
     
  18. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    1. You can install SU in a FDISR-snapshot. In that case you have the advantages of both softwares. So I still have the possibility to use SU, if I want to.
    2. The space of FDISR will be reduced with 30-50%, probably in the next version of FDISR (compressed snapshots).
    3. As for compatibility with other softwares, SU had also problems with other softwares according my readings. My problem with O&O CleverCache isn't common, other FDISR-users didn't have that problem.

    It's not about converting SU-users into FDISR-users.
    We offer several possibilities for one subject and it's upto the OP to try and to make his final choice.
    If I ask for a registry cleaner I get probably 10+ recommendations and I still don't have the registry cleaner, I want.
    I didn't buy FDISR because of the many enthusiastic posts, I've tested FDISR first to see if it really was that good.
    Talking about SU only is absurd, we already know that it is reliable, that's old news. A comparision with other similar software is more interesting.

    Besides that, SU (and the rest too) has a serious impact on your system and you have to reconsider alot of other stuff, before you start using it. :)
     
  19. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Never read about FDISR at least but it makes sense as no software is fool proof.
     
  20. dog

    dog Guest

    A reminder to stay on topic; this it isn't a comparision thread, so please don't expand the topic the that regard.

    Steve
     
  21. yahoo

    yahoo Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    290
    Location:
    nowhere
    I trialed ProcessGuard with ShadowUser in ShadowMode, and I got problem with it due to the kernal level driver installation as mentioned. I backuped my system with ATI, and trialed PG out of ShadwoMode instead. For most of the applications that I trialed, I had no problem at all.

    IMHO, FDISR is better to be used as a system recovery tool with multiple restore points. However, if FDISR is used as a multple point recovery tool, the security of the system between consecutive snapshots is still a concern. If FDISR is always used to reboot the system back into a Frozen Snapshot, I do not think FDISR has any advantage over ShadowUser either, as such reboot back into Frozen Snapshot with FDISR takes much longer time than ShadowUser. Let alone the time needed to create those snapshots. Additionally, when FDISR takes snapshot of the system, all changes (desired and undesired) are saved. With ShadowUser, one can choose to save only desired changes, which is much better for security.

    For the function of keeping the system in a frozen state while saving only the desired changes, ShadowUser does do a much better job than FDISR. FDISR has some other functions, but those functions are not asked for by the OP.

    Edit: Sorry, I just noticed dog's post after posting. I will not continue to compare FDISR and ShadowUser anymore. That's just a waste time of everyone.
     
    Last edited: Jun 18, 2006
  22. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,702
    Hello,
    I have no experience with FDISR, so only comments in SU.
    It's a nice program, solid, mature, light. It will do what it says. Can you trust its efficiency 100%? Never trust anything 100%, simple. But using SU does not suddenly become an excuse to test which trojan can survive the virtualization.
    Mrk
     
  23. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    "According to my readings, SU had also problems with other softwares" Would you kindly specify what softwares, you see this is the kind of boring information that I find very useful as an SU user.

    "Talking about SU only is absurd..." What do you know? You've never tested the software, you've only read things about it. I want to hear from REAL USERS their experience good or bad whatever that might be.

    "Besides that, SU(and the rest too) has a serious impact..." Let me reiterate that you have no grounds or elements to make statements like "serious impact" or " reconsider a lot of other stuff, before you start using it" Why don't you say what is it?

    If you find a single question about a single application boring, nobody is asking you to read or to participate to this thread, let alone post inaccurate statements.
     
  24. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    May I ask what was the outcome of your trial of ProcessGuard? I've had PG installed on my system for ages, but never had problems that could be attributed to SU being there too (I usually keep PG in learning mode at the startup of a shadow session, once booted I set PG in full protection).

    I'd like to know as well your experience backing up with ATI, I had some blue screens when trying to validate backup archives (it doesn't happen systematically but I often wondered about some conflict. Do you think SU might have something to do with it?
     
  25. yahoo

    yahoo Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    290
    Location:
    nowhere
    I failed to install PG while the system was in ShadowMode. However, once I installed PG (out of ShadowMode), there was no problem to run PG and SU together. Only few security applications need to install kernal level drivers. So it is pretty much fine to trial most of the applications in ShadowMode. Nothing is perfect. I did not continue to use PG just because I was still fine with TPF and decided not to switch at the time.

    I am lucky that ATI runs okay on my system. I backed up my system with ATI while my system was in ShadowMode. After I restored those images back again with ATI, my system ran in ShadowMode just as before. So SU should work fine with ATI. But I found that ATI has problem with my CD/DVD writing. What I did was to save those images onto hard drive first, and then burn the images onto CD/DVD with Nero.
     
    Last edited: Jun 18, 2006
Loading...
Thread Status:
Not open for further replies.