Easily bypassed

Discussion in 'FirstDefense-ISR Forum' started by Huupi, Jun 1, 2007.

Thread Status:
Not open for further replies.
  1. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    From a another thread in software and services it become evident that Snapshot encryption can easily bypassed with file explorers,if they can, what you think about malware coming in ?
     
  2. screamer

    screamer Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    921
    Location:
    Big Apple USA
    As long as the "Owner" of the files is password protected, I wouldn't worry about it.

    ...screamer
     
  3. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    I am not so sure "encryption" is the right word, maybe "Snapshot file/folder permissions".

    Mike
     
  4. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    Never read this in the manual about,maybe i missed something.And if that works can you tell me how to do that ?
     
  5. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042
    Remember a couple of things.



    1) FDISR wasn't designed to be security software.

    2) Malware writers are in this for money, so why would they target the "hugh" FDISR data.
     
    Last edited: Jun 1, 2007
  6. screamer

    screamer Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    921
    Location:
    Big Apple USA
    Just be sure your permissions are not set to Everyone. Mine are available only to my username which is password protected.

    hth,

    ...screamer

    Good Point Pete ;)
     
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Quite a few members don't seem to see the difference between "security" and "recovery".
    They consider even PowerShadow as an anti-malware software.
    PowerShadow doesn't even see the difference between good objects and bad objects.
    PowerShadow is nothing but an immediate system recovery software, just like FDISR, only the used method is different.

    Sandboxie doesn't see the difference between good objects and bad objects either. Once an application is sandboxed, Sandboxie considers ALL objects as suspicious and if you close the sandbox, all objects are gone, including the good objects.
    So Sandboxie is also an immediate system recovery software, but not a total one like PowerShadow and FDISR.

    DeepFreeze = recovery software.
    ShadowUser = recovery software.
    Returnil = recovery software.
     
  8. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    PowerShadow is nothing but an immediate system recovery software, just like FDISR, only the used method is different.
     
  9. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
     
  10. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042
     
  11. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    I think we drift from the first post in this thread,There is some reason why other than current SS seems to be access denied,Leapfrogg has some reason behind that,but in daily live we can edit the notcurrent SS to ours heart content.With a most simple,regular file explorer its easy to do that,so what is the reason with this "encryption" if it is easily circumvented.

    Eric Albert its just a question, my observations and not a rigid statement !
     
  12. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
     
  13. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    @Huupi, are you telling us, "your spouse,mindhungry teenage kids whatever stays at your place", all have administrator accounts? :eek:

    I also always ran as administrator because I have brain.exe to protect me, and anyone who uses MY computer, has a non-admin account to use.

    Even as a administrator I have to do something on purpose to mess up the $ISR\0, $ISR\1, etc folders. They come installed with extremely strong permissions... did you change them?

    UPDATE: MOD, please change title of this post to "Easily bypassed?" ;)

    Mike
     
    Last edited: Jun 1, 2007
  14. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042
    Exactly. With the standard install on my XP Pro machines, I have to work at getting at them. No way the average "houseperson" could do that.
     
  15. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    You'r right guys,as you can read between the lines i have already taken these measures,but we are only a few among the big populace who take these measures.A more naggy question stays unanswerd : you can easily read/write to your other SS,but its my understanding that Leapfrogg placed "access denied"there on intent,but whats the reason than if you as a person with full rights can easily break through ? And why should you do so if you can is another question.
     
  16. EASTER.2010

    EASTER.2010 Guest

    Interesting exchange of opinions, BUT, irregardless "IF" any of your snapshots would become compromised, either by $M internal malfuctionings or whether by an unfortunate compromise from malware or even sharing your table with the same account. You should ALWAYS keep STORED ARCHIVES of those same snapshots either on an alternative/external drive or even plastic (Yuk) media like DVD. (Which i'm doing as we speak).

    That way you have an EXIT strategy. Simply put, and nothing really lost. It's all about details with recovery programs, including Imaging, KEEP EXTRA BACKUPS for emergency purposes if nothing else and you're always in the good. :) At least that's been my practice.
     
  17. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    In my situation, I almost find imaging not worth it. I really do not much care about any of the software, just the data.

    I have a 25 (about) Word doc that details ever piece of software on my system. I always file a paper copy in my gun safe. I also have it attached to a web based email I can access from anywhere.

    I rebuild my system from scratch a couple times a year, just to get ride of old stuff I tried and then removed. But, maybe because of FD-ISR, I will rethink about that.

    Malware does not want my Garmin GPS program, my EditPad program, my FastStone Image Viewer program, they only want my data.

    Mike
     

    Attached Files:

  18. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Know what is really neat about FirstDefense? It definitely is NOT a security program, yet it makes me feel more secure than any of my security programs. :cool:

    Acadia
     
  19. screamer

    screamer Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    921
    Location:
    Big Apple USA
    Here's a piece of advice if you're going to change File / Folder Permissions:

    If you give your "Username" full permission, Do Not Delete restricted permissions for Everyone. e.g. Leaving "Username" as the only party in the list.

    I did this yesterday and a few hours later FD-ISR was rendered usless.
    I could not copy / update SS = FD-ISR Disabled. I could not re-install = errors
    New D/L'd copy from LeapFrog would not install = errors.

    I didn't have the wherewithal to take a screeny of the error but it was along the lines of Installer issues. Re-Boot, try again, Read The FAQ or Contact Support...

    I was able to boot to any SS on re-boot (Pre-Boot worked), but thats as far as it would go.

    ...screamer
     
  20. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024

    Yes Screamer i will take that to heart !!! to be prepared for this and other similar disasters,its great to have a image to restore.
     
  21. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    Like I said...
    I repeat, DO NOT MESS WITH THEM! IF you must see what is in the folders, use one of the many READ ONLY viewers. ;)

    Again, where is your brain.exe when you need it this most? :eek:

    UPDATE: I also said...
    Mike
     
    Last edited: Jun 2, 2007
  22. screamer

    screamer Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    921
    Location:
    Big Apple USA
    hehehe!! How True

    ...screamer
     
  23. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042
    I for one can attest to just how much trouble we can get into by messing around, witness my mess of two weekends ago. In case you didn't see it I had myself to the point images couldn't be restored, and even the Windows XP CD bluescreened.

    A little caution isn't a bad thing.

    Pete
     
  24. EASTER.2010

    EASTER.2010 Guest

    That's strange but IS good advice. No novice should try it. I will say this though, i CAN commonly & safely COPY individual files OR folders out of ANY snapshots in the $ISR directory at will with XYplorer with no after affects, it's just that it's nice to have that option available in case one of those snapshots wouldn't happen to boot for whatever reason, or also if no snap archive of it was workable to rebuild from.

    But then, as great as this program is been for me so far, it's really at this point only a luxury.
     
  25. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I would never change anything in snapshots directly via $ISR-folders and using a special browser for this, simply because I don't know how FDISR's copy/update works, which must be an unique technology. If you start moving objects from one snapshot to another, you might hurt something else that might disturb this technology.
    There must be a good reason, why you don't have access to $ISR-folders. :)
     
Thread Status:
Not open for further replies.