Has anyone tried this - or been using it for any length of time? If it actually performs as advertised, it could go a long way towards solving the crapware/spyware problem for people.
The mechanism is certainly sound, if correctly implemented.
"ShadowStor uses a unique method called ShadowMode to ensure servers and desktops are protected. ShadowMode is the means by which computers can be protected. By placing a server or desktop into ShadowMode, users can feel confident the system is going to be protected no matter what happens. ShadowMode activates the snapshot technology where each new write is redirected to another location on the Hard Drive. These sector changes can be permanently saved to the Hard Drive, or completely discarded with a simple reboot of the system. With ShadowMode, there is no need to specify regions on the disk for backup, or use BIOS functions to reserve space on the hard disk for OS images. ShadowMode is the most efficient and intelligent way to protect servers and desktops from downtime."
"By placing your PC in ShadowMode, all changes that are being made to the computer are not really being saved to the disk. For example, if a spy ware application is accidentally or maliciously installed, with a simple reboot, all the sectors that changed during the period of time you were surfing the internet, they would all be discarded. This is the same for internet tracks, Cookies, viruses and worms. All of these changes can be discarded upon reboot and you are completely safe from harm to the computer."
"ShadowStor solutions have zero impact to the current configuration of your PC. There are no modifications to the Master Boot Record (MBR), Partitions or disk structure. ShadowStor technology captures a snapshot of your system and runs an exact duplicate of your PC in a virtual state. This virtual state, called ShadowMode, allows the user to use the PC without actually writing to disk. If systems changes and folder or files changes occur during a ShadowMode session, then these changes can be automatically or manually saved to disk or discarded. This gives full control back to the IT professional and PC user.
ShadowMode doesn’t allow viruses or worms to be written to the PC. If you run in ShadowMode, the virus may get written to the Virtual Volume, but it can be discarded before changes are committed to disk. This approach is the first line of defense to security, data protection and disaster recovery and prevents problems from ever existing. This method provides a disaster prevention layer to your system rather than trying to recover a system by applying virus or worm updates after the disaster has occurred.
The ShadowStor approach eliminates the ability for unwanted changes and intrusive and malicious files from ever being written to the PC. You can then install your operating system and applications and configure it once for maximum performance. Then, by only committing system changes, folders or files to disk when you choose, you control what actually gets written to the PC. This approach allows you to preserve the original optimal configuration of the PC.
By running your system in ShadowMode sessions, you can eliminate the need to track and manage what changes occurred at different points in time. By entering a ShadowMode session, saving files to a specific location on the disk or network, you can end a ShadowMode session and have your system in the exact state it was prior to the session with your personal data intact. This solution makes the management of shared systems and system change tracking very simple."
Okay, a couple of things -
Make sure, when you're trying to enter your registration information, that you have "ShadowMode" disabled - otherwise, it'll be gone when you re-start the computer.
Start-up and shut-down are much slower than what they were with ShadowSurfer installed (doesn't seem to matter if "ShadowMode" is enabled or dis-abled) Of course, this might be due to the fact that I've got everything on my "C" drive (they recommend partitioning, probably just because of that).
Also note that, here, when I used Eraser to delete a couple of Desktop items that were un-needed - while in "ShadowMode" - (zip files, deleting the zips themselves that were already installed) - that they showed right back up again when I turned "ShadowMode" off and re-started.
A couple of emails that I received also dis-appeared (I haven't quite figured out how to make it retain things yet! lol!), but that wasn't a problem in this particular case since I'd printed them out before doing the re-start.
It's going to take some getting used to, but it's still an intriguing little program. It's definitely "RTFM" all the way until you get used to it.
Also, they're absolutely right when they say that "Defrag won't work while "ShadowMode" is running (got to 14% and then hung). Pete
PS - Did I mention that you have to have the .NET Framework installed?
Compaq Presario 7110US, 1.3GHz ThunderBird, 1GB RAM, 160GB HD, WinXP Pro w/SP2, TDS-3, WormGuard, Port Explorer v2.0, Process Guard v.3.150, The Cleaner Pro v.4.1 b.4252, TrojanHunter v.4.2 b.908, NOD32, XP ICF, ALL javacool programs, SBS&D, SPYCOP, Opera v.8.0 Build 7561, FireFox v1.0.4, ShadowUser v.2.5, SpyBlocker v8.7, RegDefend v1.300
I guess it would help if I actually put the image in.
Did you click on "Examine Certificate"? I just got the same pop-up in FireBird that you did "Examine"'d it, and the certificate looks totally legit to me. Pete
Last edited by StevenPeterYevchak; July 7th, 2004 at 04:49 PM.
Compaq Presario 7110US, 1.3GHz ThunderBird, 1GB RAM, 160GB HD, WinXP Pro w/SP2, TDS-3, WormGuard, Port Explorer v2.0, Process Guard v.3.150, The Cleaner Pro v.4.1 b.4252, TrojanHunter v.4.2 b.908, NOD32, XP ICF, ALL javacool programs, SBS&D, SPYCOP, Opera v.8.0 Build 7561, FireFox v1.0.4, ShadowUser v.2.5, SpyBlocker v8.7, RegDefend v1.300
I'll trust you if you say it's legit. I've never had a warning like that come up before. After reading about SP2 for XP due out soon I'm not in a real hurry to get it. MS is saying it's more of an upgrade to XP than a service pack and anticipates alot of problems with it. They have added additional support personnel and maybe a seperate phone number to call for help. This program, if it delivers all it promises, seems like a better alternative than another "fix" from MS. I would like to see what people who have used it say about it or maybe read some reviews about it. I've e-mailed Fred Langa about it and hopefully he may have some info about it in an upcoming newsletter.
Simply put, ShadowSurfer picks an un-used section of your HD to create an area which runs copies of whatever it is you run on your computer - whatever part of your OS you're using, a browser, a program, whatever.
Nothing you can do while in ShadowMode can get back to the original files in their parent directories - and when you "Deactivate" ShadowMode and re-start, that entire area of the HD that was used has all its' memory area returned to the "free/available-for-over-writing memory" state.
Now, if you're worried about forensic recovery of that space (which is possible) then you have to run a program such as "Eraser" or PGP to over-write your HD's freespace (ShadowUser will soon have another version out that will give the user the option to have whatever "ShadowMode" HD space that was used by the last session "erased", so it won't be recoverable).
The fact of the matter remains - nothing can "stick" to your computer's actual system files - nor can anything be changed, disabled, removed, added whatever - that won't be gone when you "Deactivate" ShadowMode and re-start into normal operating mode.
I've had exactly zero stability issues here - everything I chose to run in ShadowMode here runs fine, for as long as I want to run it.
You can see from the screenshot how much HD space ShadowVolume is using - that number constantly increases as time goes on, which is why it's necessary to do a re-start now and then (you never have to do one before the end of your computing day, but you should do one then to release the space and clear everything in case you tripped across anything bad during the day,night,session, whatever).
I'm quite happy with both programs, and I recommend anyone interested to try the 15-day free (fully functional) trial.
I'd like to point out that the screenshot I just made won't be in the MWSnap folder when I re-start - it'll be gone, just like everything else I do during this session. It's important to remember that - if you're a ShadowSurfer user, do not update any of your programs while in ShadowMode - the additions/changes won't be made to your programs/OS when you come out of ShadowMode. Pete
Compaq Presario 7110US, 1.3GHz ThunderBird, 1GB RAM, 160GB HD, WinXP Pro w/SP2, TDS-3, WormGuard, Port Explorer v2.0, Process Guard v.3.150, The Cleaner Pro v.4.1 b.4252, TrojanHunter v.4.2 b.908, NOD32, XP ICF, ALL javacool programs, SBS&D, SPYCOP, Opera v.8.0 Build 7561, FireFox v1.0.4, ShadowUser v.2.5, SpyBlocker v8.7, RegDefend v1.300
Pete - I've known you for a long time and respect your knowledge. This looks like a great product but ...
Every reference to the product I can find is the same publicity release.
The company is only a year old and I can't find any references to them although their web site offers other services.
The certificate issuer is not a recognized certificate issuer. The company appears to be a legit provider of back end services to on-line merchants. Perhaps they are entering the CI business... anyone can.
This may just be a new company, but I'm going to wait for others to try the product. How about reporting back your results (both payment and usage)?
I understand what you're saying, I was hesitant about the thing before getting it myself. However, I'm simply not seeing any kind of issues with it.
The payment went through fine (?) and I got my info and registered the product.
Usage presents zero problems so far, if used within the constraints I listed above.
I'm going to c&p a post I made elsewhere today:
"AFAICS, if you're running ShadowSurfer, you don't have to limit
anything - nor do you have to worry if your browser settings aren't
tightened to the max.
You can use JS, ActiveX - anything - while in ShadowMode - without the
fear of having your computer messed up.
It allows you to have all the "bells and whistles" - I guess that's why
I'm so keen on the program for the average user's use.
What are the reason's a lot of people resist "safe hex" while surfing?
"I can't get to my favorite site" (if it doesn't work right or they can't
get there, period, due either to tightened browser settings or a hosts
file -neither of which they'll bother to use for just that reason).
How about the people who help them by suggesting "Install THIS program,
keep it updated and it will help protect you"? When those same people come
back because that person has messed up that computer again, they generally
find that program "X" (whatever they suggested) is either seriously
out-of-date (update-wise), dis-abled or even un-installed because the user
"didn't like it" "didn't have time to learn to use it" "forgot to update
it", etc., etc.
That's the beauty of ShadowSurfer - if you can get someone to purchase
it, install it on a clean computer (even if you have to GET it clean, first)
and just let it run - then every time they re-start, their computer goes
back to a "clean" state, automatically.
Sure, they have to bring it out of ShadowMode to do any kind of
updates - and if they find a program, a song or a clip that they like and
want to keep while in ShadowMode, they'll have to re-d/l it when NOT in
ShadowMode to keep it permamently. Email will have to be set to stay on the
server for at least 48 hours in case they accidentally try to read it while
in ShadowMode (it'll be gone when they re-start, like everything else, if
they don't). (That doesn't aply to "web-mail", though).
I don't know - it just seems like a fail-safe catch-all to me.
Interested people might want the ShadowUser program, which - although
more expensive - allows on-the-fly "saving" of things like what I mentioned
just above (I up-graded to that one myself)."
As far as your concerns about the certificate - I've already brought that to their attention and they're working to get the certificate accepted by FireFox. I don't know about you, but I don't GET any warning about the certificate in IE - just FireFox.
As far as how old the company is, or who's running it - well, everyone has to start somewhere, don't they? Since they're new, they're struggling a little with the "marketing" side of it, but that's normal, I'd say.
There's a lot more information available on that page (or from the links on that page) than what you might think. Have you read ALL of them? They even give you a phone number you can call (not many of them do THAT!).
What else can I say about usage issues? It just works as advertised, AFAICS. Other than the longer shut-down time here (which is my own fault because I have everything on "C" drive plus I have my swap file set to clear on shutdown) - there are no "usage issues" - you can't even tell it's running after you fire it up - but you can tell that it's working exactly as advertised when you try to find something - anything - that you d/l'ed, ran or saw while in ShadowMode after you come out of ShadowMode - it's simply not there to be found, and your system is the way it was before you started ShadowMode.
It's definitely not doing anything hinky in the background (I've got PortExplorer monitoring the process when I'm running it).
Just let me know if you've got any specific questions and I'll try to answer them.
Compaq Presario 7110US, 1.3GHz ThunderBird, 1GB RAM, 160GB HD, WinXP Pro w/SP2, TDS-3, WormGuard, Port Explorer v2.0, Process Guard v.3.150, The Cleaner Pro v.4.1 b.4252, TrojanHunter v.4.2 b.908, NOD32, XP ICF, ALL javacool programs, SBS&D, SPYCOP, Opera v.8.0 Build 7561, FireFox v1.0.4, ShadowUser v.2.5, SpyBlocker v8.7, RegDefend v1.300
Reply With Quote
