New version of ShadowDefender

Discussion in 'sandboxing & virtualization' started by trjam, Dec 25, 2007.

Thread Status:
Not open for further replies.
  1. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,207
    Location:
    U.S.A. (South)
    In retrospect and on closer review, if this newer version ShadowDefender is all that it's coming to be from whats been mentioned for it, i will defintely be taking a turn in it's direction myself i think.

    The feature of keeping a software across reboots while remaining shadowed is a benefit worth attention.
     
  2. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    Have just tried out SD and although most of the features are of no interest to me the basic program worked well but with one major weakness:

    I forgot to turn off shadow mode when I tried to restore my image. Now with DeepFreeze 6 and the free version of Returnil when I forget they very politely refuse to be destroyed and simply return me to windows unchanged. Unfortunately, on one of my machines at least, SD just stopped Acronis working and would not allow me to go back to windows or restore. SD could not, of course, stop itself being destroyed by my boot CD allowing me to restore C:
    after all.

    Perhaps Acronis is to blame and someone who uses a better Imaging Program will find that SD plays nicely but from my point of view programs (DeepFreeze and Returnil) which allow for human weakness as program weakness are better than those (SD) that don't.
     
  3. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    They all do that don't they ? or are you saying that several reboots later you can then get rid of the installed program ? leaving the system as though it had never been installed ?
     
  4. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    You can stay shadowed across reboots with SD, but changes made are lost.
     
  5. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I use SP, and SD, but that isn't a test that I am inclined to try. Just not a good practice. You do have to be alert when using some of these different softwares. For example running the SP continous incremental, I'd never put any shadow program in shadow mode.
     
  6. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    you don't use shadow mode very often then ? I wonder what would happen if an incremental is performed whilst in shadow mode ? perhaps nothing ? anyway I have an intense dislike for continuous and incremental preferring to keep C: frozen except when making changes with images always being full and of un protected or unfrozen drives. Fortunately when my alertness wanders DeepFreeze and Returnil are very understanding and quietly tell me to do the job again correctly.
     
  7. RootAccess

    RootAccess Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    64
    I have never heard of this software before but it has been said it prevents low-level disk access. Does that prevent changes being made in the master boot record and by software like Julie Lau's sector editor?
     
  8. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    According to what I wrote here, yes. For the test I used Ms Lau's editor.

    Blue
     
  9. RootAccess

    RootAccess Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    64
    Thanks to your thread, I can more make a more informed decision in these types of programs. Well done, Blue.
     
  10. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Oh, and the vendors name is Tony, in case anyone emails support.;)
     
  11. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,207
    Location:
    U.S.A. (South)
    Does anyone happen to have a handy link that's not a website full of garbage to download Julie Lau's sector editor?

    I never seen such a travesty of jumping thru ads in all my life over a single app courtesy chinese mass media.
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    No, I don't. I use it when I am doing certain things that are higher risk. For normal browsing Sandboxie works for me, and there are no issues with imaging.
     
  13. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,207
    Location:
    U.S.A. (South)
    Never mind. I finally nailed it after plowing thru the mess of crap they hide it in. Stupid as it gets.
     
  14. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Just what is it anyway, or what does it do. Maybe I shouldnt know.:rolleyes:
     
  15. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    HI

    welp read most reply in here... but a big BUT goes 2 SD....

    copy it from vendor site ...==>>Version 1.0.0.130 - Decemeber 27, 2007
    New: defeat passdiskprotect_C.exe(a malware)

    i said WTF? ...isnt is supose to be a virtual suit? how come malware defeat it?
    and this is not the only malware who defeat SD....==>>Version 1.0.0.129 - Decemeber 25, 2007
    New: defeat robodog(a malware)

    deep freeze such situation never happned...SD is not much to trust.

    cheers:-*
     
  16. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    oh boy, guess I will give it a shot. You think that just because you use a virtual product you are 100 percent protected from malware. Nope and these are some real nasties. Oh, and SD proved to beat ones, others didnt.
     
  17. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    hi trjam... deep freeze by defualt beat them all.. is market target is INDUSTRY not for home users. read in there site they said 100% garuntie .

    cheers:D
     
  18. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    demoneye,

    Deep Freeze is a very strong solution and Faronics is a solid and long lived supplier. If you want rock solid protection and wish to protect partitions in which the content is primarily static, I can't think of a better solution. There are specific classes of PC's that fit this profile extremely well (institutional and public general access machines), and Deep Freeze is optimized for that situation.

    Home users can, in fact, mimic that scenario fairly well if they choose to. In those instances, it's a great solution and it has a substantial period of development and field use behind it - which speaks extremely well of it's stability.

    However, not everyone is willing to live within the rather strict confines that can be imposed by Deep Freeze. For them, a more dynamic solution may be appropriate with the appreciation that every convenience incorporated to allow for dynamically committed content provides a potential avenue for attack.

    It's really not a whole lot different than the situation with the Windows OS itself - many of the primary routes for productive attack follow paths that have been incorporated into the OS for seemlessly enhancing the dynamic nature of the user experience - a simple example of this would be autorun scripts on CD's or removable HDD's - completely unnecessary when you get down to it, but lots of users love popping a disc in a having everything handled automatically - for what? The elimination of a double click?

    Blue
     
  19. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell

    hi BlueZannetti

    so u admit deep freeze is safer than SD and all other home kiddo applz... and stronger in protecting your value data in the froozen drive :) (and public general access machines) hehe ...welp thats what none lamers box users are looking for ! :cautious:

    cheers:thumb:
     
  20. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    Sorry I got most of this but "welp thats what none lamers box users are looking for" defeats me. I'm not sure what none lamers box users are. Any chance of a translation into English, Spanish, French, or even American ?

    bon any nou
     
  21. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    hi Long View ....if u know what is the meaning of lamers y will understand that pro none lamers users use what work over 100%.... no kiide play....no kame skin for winamp...no kiddo behavior :)

    simple :'(
     
  22. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Admit? Admit what? Is this a cross examination?

    I'm just stating my impression of the situation. It's not like I have a vested interest in it one way or the other. It is what it is.

    On the other hand, I also view the situation as I would any other approach to protection - there's a trade-off between facile utility and intrinsic strength and the balancing calculation needs to recognize that, at some level, differences simply don't matter. Let's see, sitting here tonight, what is the chance I'll be struck by lightning? 1 in billion? Maybe if I go downstairs it will be 1 in billion^2? There are two ways to look at this: (a) Downstairs is a billion times safer or (b) Both are close enough to zero that, frankly, I don't care and I don't pay attention to the difference.

    Let's just say that SD vs DF is closer to (b) than (a) for me and if I'm wrong, the undo is trivial.

    Blue
     
  23. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    passdiskprotect_C.exe = unauthorized executable, which is immediately stopped by Anti-Executable.
    That's what I call a stupid malware, too easy to detect.
     
  24. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Probably because it wasn't malware, but a POC
     
  25. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Correct me if I am wrong, but seem a while back Faronics had a real problem with DeepFreeze, as certain malware was able to bypass it. All software has to get the kinks out, and the being smug about something, is the first step on the way down.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.