Software Virtualization (Thinstall/Altiris SVS)

Discussion in 'sandboxing & virtualization' started by [suave], Nov 25, 2006.

Thread Status:
Not open for further replies.
  1. Kapiti

    Kapiti Registered Member

    Joined:
    Aug 21, 2004
    Posts:
    274
    Location:
    Paraparaumu NZ
    Re: Thinstall - Anyone try it?

    Thanks for the information Wilbert - "Start Layer Automatically"

    I've continued to play and find I can export a layer to an archive which can be placed onto an additional hard drive, or burnt to a CD\DVD. I can then delete the layer and if wanted in the future it can be imported back from the HD or CD\DVD. This means I can keep any tested software indefinitely without it cluttering up the hard drive.

    Not sure about this but it would appear that the free version can't be updated.

    John.
     
  2. wilbertnl

    wilbertnl Registered Member

    Joined:
    Dec 29, 2004
    Posts:
    1,850
    Location:
    Tulsa, Oklahoma
    Re: Thinstall - Anyone try it?

    I started playing, here are some of my conceptual ideas.

    First I restored an OEM image, and updated the MS hotfixes. I saved the updated image.
    Then I added some applications that I need anyway or that are not supported well by layers, like Antivirus and Perfectdisk 7.
    I created a differential image, which results in a very small file size.

    I restored the OEM image, because the documentation advices to create VSA files in a lean system.
    So, there I installed SVS, and created layers of ms Office 2000, I updated the layer with the Office hotfixes. A layer of softmaker Office 2006, also with hotfixes. And a layer of ms Money 2004.
    I exported all the layers to VSA files and copied these files to another computer.

    Now, this is what I think: reinstalling the system is going to be a breeze: restore the appropriate differential image (why not have several differential images, each of which has a unique setup, for example different antivirus?) and after that import the desired layers.
    This sounds to me like modular system administration. Put some software components together and you get your customized software setup.

    It's like Firefox with all the extensions available to your desire, but now applied to Windows. :eek:

    What do you all think?
     
  3. Reposed

    Reposed Registered Member

    Joined:
    Aug 17, 2006
    Posts:
    62
    Location:
    Perth, Australia
    Re: Thinstall - Anyone try it?

    Even a simple profile system within the current setup (removed from login profile) would be nice, and relatively simple to implement I think, given the current ability to do this manually. A set of created profiles within Atiris, with associated applications for each profile that are activated , that deactiavtes virtually installed applications not in current selected Altiris profile.

    On another point, I've notice that if I get it to monitor all changes made by an application, sandboxie style, it slows my system significantly - this is why I still prefer sandboxie for certain applications.
     
  4. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,244
    Location:
    Sydney, Australia
    Re: Thinstall - Anyone try it?

    OK
    I'm just trying to wrap my little brain around this :blink: Looks very interesting: help

    So;
    1)Create a "base" install of OS and a couple of critical apps say AV, BOClean, Perfect Disc and Defence Wall.?

    2)Then install each utility in a new "layer" and activate each layer as required.?

    What about browser, firewall?

    I see someone has set up a Firefox Layer. Cool. where do any dl'd files end up?

    If I have a layer with Word installed and write documents where do those documents go when the layer is closed or deleted?

    Did I read correctly that each soft/group of softs installed in a layer can be exported to external HD and imported as required?

    How much space does each layer take?

    Having installed some soft into a layer used the tool/layer and then deleted that layer is every change rolled back?
    IE: have Firefox layer active and install some malware: where does it go?
    Does deleting the layer remove the malware?

    This may require some a lot of paradigm changes: :eek:
    I suspect I have only a very primitive grasp of this at this point o_O

    Regards.
     
  5. [suave]

    [suave] Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    218
    Re: Thinstall - Anyone try it?

    Hi Longboard,

    I can't answer all of your questions because I am still learning it myself (so perhaps someone more knowledgeable will answer them for you)

    I'll answer what I can.

    You create the base install with all your "everyday use" software (AV, FW and things like that). Then you can install Altiris and use it to install software that you would rather use on-demand (like browser, MS Word, P2P). Then you can just switch them on/off as you need them.

    I'm not sure if the following is true (so someone please correct me if I am wrong): All changes done to the system/registry from a "layered" application stays within the layer. So if you install some malware from your layered firefox, once you deactivate the layer the maleware is gone. But when you re-activate the layer the malware comes back unless you RESET the layer first. Same thing goes for downloaded files and saved documents. If you want to permanently save the files to the system, you can copy them to a folder via explorer before deactivating or resetting the layer.

    I think the best way to learn this software is to just use it in a test machine until you get the hang of it.

    And yes, layers can be imported/exported between different PCs. So it is easy to install something on one PC and transfer it to another if you need to.
     
  6. cthorpe

    cthorpe Registered Member

    Joined:
    Jun 30, 2006
    Posts:
    168
    Location:
    Texas
    Re: Thinstall - Anyone try it?

    I've been using Altiris for a couple of weeks now, and I love it. It works great with ISR, as I can keep a very clean frozen snapshot, and just import and activate layers to use other programs. One thing to keep in mind, however, is that you cannot install a system driver into a layer. That rules out AV programs, most firewalls, etc. Supposedly the next version will include support for drivers.

    As far as what happens to data that you create from a layered application:

    You can exclude directories (and subdirectories of the directory if you choose) from being part of the layer, so when a layered application creates data in that folder, it is actually created in the base filesystem. For example:

    I have an OpenOffice layer, and I have excluded My Documents from the layer. If I save a file to My Documents from an OpenOffice application, then deactivate the layer (and even delete it if I so chose) the document remains. If I use that OO layer and create a document in any other folder, then deactivate the layer, those documents will disappear. If I then reactivate the layer, the documents reappear.

    I use it for everything from graphics programs that I use only rarely, to media codecs, to the horribly buggy Sony software that I have to use to put music on my MiniDisc player. I'm not sure if someone has posted this link yet, but it's a great place to find a bunch of example layers to import. I've tried all of them and they all seem to work wonderfully:
    http://www.svsdownloads.com/
     

    Attached Files:

  7. [suave]

    [suave] Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    218
    Re: Thinstall - Anyone try it?

    Excellent info cthorpe :thumb:

    Quick question: How do you get to that "Layer Exclude Entry" dialog? o_O

    P.S: That's a good link. I checked it out the other day and found a lot of useful info. I noticed they have an Internet Explorer VSA that auto-resets on close. I need to figure out how they do that. I was just going to create a batch file that will reset the layer before activating it. But I never knew there was a "reset on close" option built in... o_O
     
  8. cthorpe

    cthorpe Registered Member

    Joined:
    Jun 30, 2006
    Posts:
    168
    Location:
    Texas
    Re: Thinstall - Anyone try it?

    To open the layer options, just double click on a deactivated layer in the main SVS window.

    If you haven't seen this site: http://juice.altiris.com/, you should check it out. Tons of useful information and utilities that make using SVS even easier.

    C
     
  9. Kapiti

    Kapiti Registered Member

    Joined:
    Aug 21, 2004
    Posts:
    274
    Location:
    Paraparaumu NZ
    Re: Thinstall - Anyone try it?

    I’ve found that some programme layers can’t be deactivated until the process that is currently running in the Task Manager is stopped. However, it gives the option to forcibly stop the process. If you agree, another message states that forcing the closure could cause problems. I’ve used this way to end a process that is currently running without any problems but I never liked the idea of closing a process without knowing what I’m closing. Reading the error message, and also the manual, I noticed that the error message also gives the process ID number, so to close the process from the Task Manager is a simple matter of comparing the ID number and ending the running process from the Task Manager.
    Just a little more information that might be useful to other new users.

    John.
     
  10. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    825
    Location:
    United States
    Re: Thinstall - Anyone try it?

    A friend pointed out this thread to me claiming it would be an interesting read. He was correct. Now that I'm caught up I have a few questions that I hope the graciously intelligent members of this forum will help clear up.

    As I understand it, there are two softwares being discussed here, Thinstall and Altiris’ product Software Virtualization Solution (SVS), with most of the attention being given to the latter. The first thing that I am struggling to understand is the tendency to prefer SVS over Thinstall, so would it be possible for a list of advantages / disadvantages of one over the other to be compiled?

    Second, I am concerned about copyright / licensing issues. Can anyone tell me how installing Office in a portable VM .EXE to be used on various machines does not violate license agreements and/or copyright laws (this rhetorical question may or may not apply only to Thinstall and is not intended to be answered, but rather considered).

    Third, is anyone aware of any other similar solutions that are not being discussed in this thread that should be considered? My opinion is that this is a very interesting concept that deserves thorough consideration and I propose that this thread be used to create an exhaustive list of comparable “layered virtualization,” “modular virtualization,” or any other term that gets assigned to this type of solution.

    Finally, Longboard stated that this is going to shift some paradigms and Peter2150, wonders how he would use this kind of technology. I agree with Longboard while I am with Peter2150 in saying, “This is cool, but what can it do for me that I can’t already do with what I already have?” My last request is that people keep posting ideas about how they are using these tools and continue discussing ways of utilizing this technology along with any potential problems (i.e. could this be used to create hidden layers masking malicious software that automatically resets itself upon reboot?)
     
  11. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,244
    Location:
    Sydney, Australia
    Re: Thinstall - Anyone try it?

    Ok going to start learning this.
    Thanks guys.
    There are some sophisticated users at their forum!
    I liked that post about using svs from USB stick: WOW: :eek: if that works: woo hoo.

    Any info about size of the layers and implications about space on HD.?
    Any limitations on layer size: say FF with 20 tabs open.?
    Opening big spread sheets in layers?
    What about memuse and cpu use?

    I have e-mailed thinstall re sme pricing options and might be able to give some info soon: they seem to already have options for running some tools from USB.


    If I might make a suggestion to the mods: this thread will prolly take up a life of it's own as the "wilders" latch on to it, with respect to [Suave], how about a title change or migrate the posts about SVS to a new thread with new title?

    regards.
     
  12. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,244
    Location:
    Sydney, Australia
    Re: Thinstall - Anyone try it?

    @DAllen :thumb: ..wavelength....:)
    yes

    Thinstall may be better developed but ? no free or desktop version obvious to me on their site??
     
  13. [suave]

    [suave] Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    218
    Re: Thinstall - Anyone try it?

    I was thinking the same thing. When I first started this topic I was mainly trying to get more info on Thinstall (I still don't know how I found it but boy am I glad I did). I didn't know if it was the only software of its kind but thanks to wilbertnl we found out about ASVS. So I'm even happier to have started this topic here at Wilders because of the positive outcome.

    Longboard, like I said, as a result of where this discussion is going, I also thought to myself today that this topic should be "RE-Named". I was thinking "Software Virtualization" would be a more suitable title. If you can think of anything better, PM me. If not, any Mod reading this, feel free to rename the topic if you agree or feel the need to :)
     
  14. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,887
    Location:
    Stockholm Sweden
    Re: Thinstall - Anyone try it?

    Here is a thread from earlier. I think Notok gives a good explanation of what it does. I would like to add that you be careful when thinking of installing security apps, like HIPS or advanced firewalls in a layer. I tried and ended up with a BSOD. I cant now remember which app it was and it might have been a glitch in that software rather than Altiris, but just for your info.
    If I recall right Altiris creates a folder named "fslrdr" on each drive and keeps the settings there. When uninstalling the Altiris software it leaves the folders behind, atleast it did on my machine.
     
  15. [suave]

    [suave] Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    218
    Re: Thinstall - Anyone try it?

    Well, my reason for using ASVS or Thinstall would be to keep my system clean. Sure, you can create an avs of Office and use it on two PCs, but you can also just as easily install Office on both PCs using the CD. So it's not like this software gives you any special abilities that you can't normally do without it.

    Like I said, I would install Office in a "layer" for use only on my own PC because it is not a program that I use daily. I'd like to have it only when I need it (maybe once every two weeks) and for the rest of the time it will be like it is not even installed on my PC. This way my PC will stay clean and free from software installation clutter problems if I keep everything in layers and only use them when I need them.

    Another reason for ASVS is like this: My little brother likes to go on some website that lets him play some wierd game (but it requires JAVA). I always hated JAVA for some reason so I never allowed him to install it on my computer. He needs to use his own crappy PC if he wants to play those games. Now I can let him play on my PC by installing java in a layer and letting him play his heart out. When he is done, it's like JAVA was never there :)

    Beautiful :D
     
  16. [suave]

    [suave] Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    218
    Re: Thinstall - Anyone try it?

    Thinstall can create virtual software packages in standalone EXE files that can be run on any PC (even off a USB) without needing the Thinstall software installed on the PC to run.

    With Thinstall, it is a simple double click and the program starts as if it is installed (but it really isn't). Furthermore, all changes made to the PC from the "Thinstalled" software are gone after you close the program. So it is virtiualized and isolated from the PC and it is as if the program was never there once you close it.

    With ASVS, the software can be saved as VSA files that can be read on any PC (as long as you install the ASVS software on it first).

    A big difference (and keep in mind I'm not entirely sure that I am correct here) between ASVS and Thinstall is that with ASVS you can save settings within the program even after it is virtualized and with thinstall this is not possible. So lets say you create a thinstalled firefox and you set it up the way you like. Once you are done you are left with an EXE file that contains your thinstalled firefox. Once you make that EXE file, you can't "permanently" change any of the settings within it. So lets say you run that thinstalled firefox and install some extension. That extension will be gone once you close firefox. With ASVS, you can install the extension and make it a permanent part of the layer or reset it back to the way it was if you choose.

    Again, this is all new to me so I may be wrong, but this is what I have been lead to believe after my research these past few days. So feel free to correct me anyone. And I'm sure there are a many more differences between Thinstall and ASVS that I don't know about.

    I second that ;)
     
  17. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    825
    Location:
    United States
    Re: Thinstall - Anyone try it?

    Thanks [suave]. I will be keeping up with this thread and over the next few weeks I plan on researching these two softwares in more detail. Until then. I hope everyone posts away. Personally, my initial impressiong has me leaning towards Thinstall.
     
  18. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,244
    Location:
    Sydney, Australia
    Re: Thinstall - Anyone try it?

    @sukarof:
    So you have had this since August?
    How does it go?
    What did you end up doing with it?
    The PCMag review is interesting Altiris

    Yes, not really thinking of it as security app.
    More about getting some of the "bloat" off my box!
    Heh: I seem to have accumulated an awful lot of "pending" tools that might be good to run inside this.

    The noted problems with driver installs may rule out a lot of testing of security apps and some others but as it is free there may be some good uses for testing and keeping other softwares 'in the pocket' rather than endlessly manipulating startup lists and services. The ability to keep changes is a killer function.

    @Suave:Saw your comments re thinstall and 'standalone exe' there are lots of portable USB apps available elsewhere I think, not keeping any changes; maybe more useful as sandbox utility.

    there may be a role for both?

    ADD: having e-mailed thinstall sales enquiry: they have sent me a firefox.exe to trial free
    Go for it guys.
    http://www.thinstall.com/company/contact.php
     
  19. [suave]

    [suave] Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    218
    Re: Thinstall - Anyone try it?

    Longboard, I have posted the thinstalled firefox here:
    https://www.wilderssecurity.com/showpost.php?p=890545&postcount=23

    Also available is a thinstalled OpenOffice :D

    Well, you see, I am attached to all my installed software and when it comes time to find a portable application, I always have a hard time finding one that matches my favorite installed software that I am so used to using. Well, with thinstall I can make almost all of my favorite software portable :D

    I'd rather use the software I like than settle for an alternative. Thinstall would give me that option.

    Yep, I'd also recommend that. Any security software or software that you constantly use on a daily basis should be installed to the base system. The layered installations would be for software that you need once in a while, but don't want to install permanently and at the same time have them ready for the times when you need them. Keeping the system clean from software installation conflicts and un-needed clutter would be the main goal for me.

    As a side note, I was just thinking how ASVS or Thinstall would have been useful to me a couple of weeks ago when Firefox 2.0 came out. I was still using 1.5 and I was hesitant to install 2.0 because 1.5 was working beautifully for me and I didn't want to screw it up. I could have just installed FF2.0 into its own layer and been able to switch back and forth between both versions until I felt comfortable upgrading to 2.0.

    Instead, I used my beloved imaging software to ease my transition between the two versions. But it would have been nice to be able to use both of them interchangeably on the same setup with the click of a button. So it definitely does have its benefits.
     
    Last edited: Nov 28, 2006
  20. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,887
    Location:
    Stockholm Sweden
    Re: Thinstall - Anyone try it?

    It is a nice app that does do what it claims. Great for testing software you know you wont keep. It worked great all the time (except the mishap with a security software) I used it for a while, but realized then that I didn't need to have programs in a layer and I primarily use FDISR for testing software (ie I rarely used it) But reading for example suave´s reasoning makes me rethink my decision.
     
  21. [suave]

    [suave] Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    218
    Re: Thinstall - Anyone try it?

    I've done exactly as you've instructed but I can't seem to get to the screenshot you posted > here < o_O
     
  22. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Re: Thinstall - Anyone try it?

    I've been using Altiris for a few months now, its great I really like it.
    Great for security, corruption by resetting an app, very flexable and instant.
    Just go here http://juice.altiris.com/ as cthorpe mentioned earlier for tips.
     
  23. cthorpe

    cthorpe Registered Member

    Joined:
    Jun 30, 2006
    Posts:
    168
    Location:
    Texas
    Re: Thinstall - Anyone try it?

    Open the main SVS program -> double click on an installed layer -> select the "Exclude Entries" tab -> double click in the empty box under "Type" and "Value." That should let you add exclusions (if you use ISR, think of exclusions kind of like anchored data)

    As for what to do with the program, like I said I use it for programs that I use only occasionally that I don't want to bloat my system with. I can activate a large layer (100+ MB) in a few seconds rather than a couple minutes booting into a separate ISR snapshot. A prime example of a bloated application that I have layered is the software I need to put music on my minidisc player. Sony uses DRM, and the software that can encode and transfer is buggy, a huge resource hog, and prone to sticking its fingers into places it doesn't belong. With SVS, I just activate the layer, transfer music, then deactivate the layer and go about my business.

    Here is a list of applications that have been successfully put into layers, as well as some apps that work but are "unsupported" by Altiris. Most of the apps have information in case there are special settings, etc. http://wiki.altiris.com/index.php/SVS_Application_Best_Practices

    C
     
  24. wilbertnl

    wilbertnl Registered Member

    Joined:
    Dec 29, 2004
    Posts:
    1,850
    Location:
    Tulsa, Oklahoma
    Re: Thinstall - Anyone try it?

    Like Suave, I'm still gathering information and learning too.
    Data can be layered in data layers, independent from application layers. So when you reset or delete the Word layer, the documents are save when you layer My Documents.

    Any file that belongs to a layer (DLL's) are contained in the layer, but visible in the original location when the layer is activated.
    This means that some DLL is visible in windows\sys32, but physical the location of the file is maintained by SVS.
    Conflicting DLL's can coexist.

    Concerning Firefox and malware, Suave is correct: reset the layer and the status is identical to when you created the layer.

    Altiris offers rollback features that work like a light switch.
    But don't confuse this with security, it's not security software!
     
  25. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Re: Thinstall - Anyone try it?

    This is really getting pretty darn interesting. I've thought of some really good uses. Things like Microsofts Streets and Trips. It's big and I don't use it often. Also would be a neat way to add it to new machine.

    This thread is one of the really neat neat things about Wilders.


    Pete
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.