Deep Freeze 7.5 Released to public

Hi aladdin

Not read, but reading [lots ], please read my new edited post [#23]?

By that I mean, lots of software [most] needs reboot before it is fully install and usable.

With Regards
Take Care
TheQuest

 

LOL! Still would like to know how to install software in DF which require a reboot?

Please keep away from Rollback Rx, as it tends to destroy systems.

Best regards,

 

Hi Aladdin,

Barbara Cline is Vice President of Engineering for Blue Ridge Networks so you are in good hands. Here is her company profile: -

http://www.blueridge.com/index.php/company/team/bios#cline

Kind regards

 

Hi aladdin

Will wait and see!, but you have given me even more reading.

Just seen a post about RRx altering the MBR and being flagged as Rootkit or Bootkit?, of which you a been discussing.

With Regards
Take Care
TheQuest

 

Dearest Pegr,

Thank you for the above information. Barbara and I have been exchaning emails all day today.

BTW, is your OS x86 or x64?

Please answer in the following thread of Appguard, so for us not to hijack the thread of DF.

https://www.wilderssecurity.com/showthread.php?t=294876

Best regards,

 

I had nothing but nightmares with Rollback Rx, like the others. There are quite a few recent threads about Rollback Rx, where I have shown my utter disregard to Rollback Rx.

Best regards,

 

Hi aladdin

Many thanks again to you my friend for your replies.

I will bow to your better knowledge, and leave Rollback Rx in a state of seclusion and isolation, by not using it.

In so doing have a very good nights sleep without nightmares.

With the very best of Regards
Take Care
TheQuest

 

Yes indeed! And I think you have made your point quite clearly in too many threads I'm afraid. You seem to be concerned about hijacking this thread by mentioning AppGuard but then you never miss an opportunity to bash Rollback Rx unnecessarily.

On topic: it is good news that DeepFreeze has an MBR protection now. It is a large company which will probably exist in the near future. Given the high percentage of developers 'disappearing' all of a sudden this is no small advantage. I have two licenses of DF that I used in the past, my only pain was that I couldn't commit things as with Shadow Defender although I could save files to a USB flashdrive. Cumbersome but safe.

 

I guess the Iglo is needed to commit changes but its complicated to use at least for me it was.I gave up on it.

 

ot posts removed

 

Can anyone explain the Data Igloo software cause I don't quiet get the point of that program...

So you can commit your user profiles, folders and registry keys to a different partiton. So if you have set up a user profile redirection and you save a .txt file to C:\Users\Username\MyDocuments and then reboot. After the restart will the .txt file be gone in C:\Users\Username\MyDocuments and instead be saved in like D:\Documents\

So why not saving the file to D:\Documents in the first place?? I don't get it...

For me it would make more sense if you redirect to the same location but I am not sure if it's possible to redirect to a frozen partition...

Also regarding DeepFreeze itself, what does "Set clone flag" do exactly??

Can anyone explain please

 

LOL, not straight forward like Shadow Defender but Your not alone.The Iglo got me scratching my head.I just dont bother with any of it just boot frozen or boot thawed for updates.

 

It is basically to image the drive in Frozen state, after setting the "Set clone flag" and rebooting. I prefer to image the drive in Thawed state.

Best regards,

 

Whilst you can manually save data to another partition, you usually have no control over where programs are storing user settings, which is most often somewhere within the user profile. If I've understood it correctly, I believe Data Igloo creates a junction point within the frozen partition so that all changes to the user profile are automatically redirected to a thawed partition.

As far as I have been able to determine, it appears to be mainly intended for use by system administrators in order to enable a master image to be deployed on workstations. The purpose of the clone flag appears to be to enable hardware re-enumeration to take place when deploying a master image made on one machine onto a different machine. If imaging and restoring on the same system, setting the clone flag is probably unnecessary, although officially it is still recommended.

 

Yea I guess it's more like a link to that folder on the thawed drive. I just installed Igoo and tried to redirect my mails that my browser downloads automatically. Without Igloo it downloaded more and more mails every day cause obviously there where all deleted on reboot. Now my browser downloads them just once and then they are stored onto my thawed drive.

I guess redirect is the wrong word actually. I guess Igloo created some sort of link from the frozen folder to the thawed location. So the folder on the thawed drive really replaces the folder on the frozen drive. If it only transfered my mails to the thawed drive I would assume that my browser downloads all the mails again cause the mail folder on C:\ must be empty. But my browser does not download them twice.

The program actually works nice, glad I installed it. I don't bother with whole user profile redirection cause I mean that's also kind of a security issue. I might just go with folder redirection for like save files of game stored in Appdata etc...

 

DeepFreeze is getting quite common around here where i live.
I've seen it on all college computers i've used.

 

Why the "rolling eyes" sarcastic emoticon ?

If Faronics Deep Freeze is being used widely by many universities/colleges across the U.S.A. [and Canada] is because many administrators have proven the product really works as advertised and, the students there who use the public computers cannot alter or modify the computer configuration or plant a virus on it because they are forced to log out once their session is up [if they do not log out by themselves] leaving the PC configuration unchanged.

I have similar config on my PCs/laptops at home with DF running on them and, my kids can do whatever they want on the PCs, such as delete shortcuts, modify the Windows registry, surf sites full of malware, etc., just a reboot brings the computer back to its original intended state, thus, DF works as advertised and now, the MBR guard that was added in this latest release [version 7.5] has done things extremely difficult even for rootkits such as TDL4 [TDSS] to modify the Windows MBR.

I tested the later this Tuesday against several TDSS samples I collected at malc0de and, TDSS was unable to modify the MBR after a computer reboot.

I think now with thie protection DF is a strong competitor against other light virtualization programs no longer being developed such as SD.


Carlos

 

Besides,some students deliberatley screw around with settings they should not be. I used to be campus security in a law school many many years ago the students where animals with the computers beside's being total pigs leaving food and trash all over.No respect for school property or perhaps even them selfs.I can honestly see why schools and library use DF.Momy and dady can buy there schooling but they cant by there self respect or integrity.

 

Thank you very much for the informations about your tests against TDSS rootkits.

 

so with this wouldnt appguard become redundant?, hell you could completely remove programs and on a reboot theyd be back just like new? , and saving firefox bookmarks with sandboxie would be sufficient in thawed state id recon, as much as ive seen theres a way to setup thaw points in order for your bookmarks from sandboxie to carry over too without data igloo, of course using webroot secure anywhere complete with comodo firewall ,trying to grasp the use of this program with all these security programs flooding the forum

 

All the security programs are redundant unless you are in thaw state.

Appguard is redundant in thaw state too, because you are installing/updating/deleting programs and the protection of Appguard will be set to "install or off" state.

As far IE bookmarks are concerned, you can move all your "user files" to a different partition including your IE bookmarks. Also, you can move your Firefox profile to this partition too!

Best regards,

 

Not true. Whilst malware can't permanently infect a frozen partition, it can still do damage while it is running until it is removed on the reboot. The system is likely to contain data that needs protecting, quite possibly held on a thawed partition. Without additional security, the user is also at risk of identity theft from banking trojans, keyloggers, etc. Virtualization on its own should never be seen as a complete solution - a layered security strategy is always best.

BTW I've now tested Deep Freeze 7.5 and it works really well, with no discernible impact on performance. When the time comes to replace Shadow Defender, DF will definitely be on the shortlist. I'm also involved in the limited public beta test of Returnil System Safe 2012 so that might also be a contender if it performs well.

Kind regards

 

I agree 100% with the first paragraph but when SD is no longer viable I'll have to find something other than DF. With booting the only way to enter a DF frozen mode I'd be restarting much too often! I never do that with SD; I only enable Shadow Mode on-damand.

TS

 

Returnil System Safe 2012 might be an option when it is released. The Returnil Multi-Snapshot Engine has now been incorporated into RSS 2012 so there is now the option to revert the system back to a previous state when the virtual mode (now called Sandbox) is disabled. The Snapshot mode also allows software that requires a reboot to be tested.

The combination of sandbox type boot-to-restore functionality and snapshot type ISR functionality in a single program is well suited to on-demand virtualization.

Kind regards

 

I got Frozen today in Anarctica when I tried iglo.I set up the user redirection and everything looked to be correct and then I booted Frozen from thawed and No windows 7.I powered down and rebooted in safe mode and No Safe mode,the option was there but gave black screen when selecting it.I had to power down and reboot back to safe mode and select last know good config that fixed it.Then I removed the eskimo's house and all is good again.