TweakTown
Tech content trusted by users in North America and around the world
5,670 Reviews & Articles | 36,049 News Posts

Shadow Defender to offer proactive system protection against future malware

Future Shadow Defender options to offer proactive system protection against sophisticated future malware

| Software News | Posted: May 1, 2013 6:49 pm

We have recently reviewed Shadow Defender, a light-virtualization program with a difference. SD (as it is known among fans) sandboxes whole disks/partitions and protects them against unwanted changes. All changes (including most malware infections and their effects) actually happen within the SD buffer, a virtual environment which resides in an area isolated from the real system. Upon reboot, the virtualization buffer is emptied by default and all volume changes are immediately discarded. The real volume remains untouched and Windows boots back to its normal clean state.

 

TweakTown image news/3/0/30088_1_shadow_defender_to_offer_proactive_system_protection_against_future_malware.jpg

 

SD is essentially a final safety net for Windows systems. It also features a handy RAM cache, which means that you can now have a superfast virtual Windows environment running directly from RAM. When using such a RAM cache setup, your disks take no write hits, something that is very beneficial for devices like SSDs and flash sticks.

 

SD is a great piece of code, but threats keep evolving constantly. It is essential for SD to also keep evolving in order for it to continue to be relevant. Since October last year, I had the pleasure of exchanging ideas with Tony, the Shadow Defender developer. Some of my ideas have now already been implemented in current SD versions, e.g. the user-configurable RAM buffer for the virtual system, plus cache encryption.

 

The next step is to try and make SD a bit more future-proof. I brainstormed forums for ideas and the SD fans have offered their suggestions. The most crucial of those came from a user named "The Shadow" at Wilders Security Forum. He suggested options inspired from the way Sandboxie works; but whereas Sandboxie offers application-level sandboxing, with SD we are able to sandbox whole disks. Just like Sandboxie, SD should be made able to strip admin privileges from programs and to block kernel-level driver installs and application hooks. With such features, SD will provide a more proactive level of security, essentially prohibiting all malicious installations. The virtual system would always remain clean.

 

The next question in my head was this: What happens if a future smart malware finds a way to bypass those new options and infects the virtual system after all? In this case, the software should ensure that there can be no leaks to the real system. So, how to stop a malware from gaining a foothold in the real system? This can only be achieved with 100% full disk virtualization. If all sectors are being virtualized, there will be no space where the malware can store malicious code between reboots. In my mind, this is an essential security feature that can possibly be implemented into a future SD version and other similar software.

 

TweakTown image news/3/0/30088_2_shadow_defender_to_offer_proactive_system_protection_against_future_malware.jpg

 

The SD developer is currently considering adding these features to a future version. Tony wants to keep SD simple and user-friendly, but there is an obvious balance there. SD has to keep updating itself with new features in order to remain current. The program is already the best against sophisticated threats. If Tony manages to crack those advanced features as well, then we'll be reaching a whole new level of proactive system protection.

 

Such options would give us a supercharged future Shadow Defender, one that offers comprehensive system security for both the real and the virtual system.

Related Tags

Further Reading: Read and find more Software news at our Software news index page.

Do you get our news RSS feed? Get It!

Post a Comment about this news

Latest Tech News Posts

View More News Posts

Latest Downloads

View More Latest Downloads

TweakTown Web Poll

Question: Did EA kill the Battlefield franchise with the terrible BF4 issues?

Yes, Battlefield is doomed

No, Battlefield will live on strong

I'm not sure, but I know EA needs to improve its game

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Get TweakTown updates via Facebook!
Just click the "Like" button below