Faronics Deep Freeze Losing the Security War

Discussion in 'Computer Security' started by johntangelo@gmail.com, Dec 19, 2005.

  1. Guest

    Faronics Deep Freeze has all but bitten the dust at this point. They
    have been struggling to secure their program against a program called
    Unfreezer by Emiliano Torres (a black hat programmer in Santa Rosario,
    Argentina). In the last three versions of Deep Freeze, they have
    completely failed to stop Unfreezer from being able to thaw systems
    without the password. Each time they say they are "looking into it" and
    "analyzing the situation", blah, blah, blah. But each time they come
    out with a new version, Emiliano easily defeats it by updating
    Unfreezer almost immediately. They are also trying to keep the
    vulnerability a secret, saying nothing about it on their web site. They
    released a patch in a lame attempt to stop Unfreezer, but did not tell
    their customers it was available. Only those who requested help because
    their systems were being hacked were given the patch. Otherwise no one
    was told about it. In Deep Freeze Enterprise v5.70.220.1347, their
    latest version, intended to put a permanent end to Unfreezer, it only
    took Emiliano one week to update Unfreezer to kill even that version.
    You could say Emiliano put an end to Deep Freeze!

    Deep Freeze
    http://www.faronics.com/html/deepfreeze.asp

    Unfreezer
    http://usuarios.arnet.com.ar/fliamarconato/

    If anyone knows a way to help me secure my network of over 65
    computers, please advise here. I have lost complete confidence in Deep
    Freeze. Faronics is dishonest, lame, stupid, and refuses to properly
    secure their program against Unfreezer.

    What are some good programs to secure desktops that can't be hacked?
     
    , Dec 19, 2005
    #1
    1. Advertising

  2. Guest

    wrote:
    > Faronics Deep Freeze has all but bitten the dust at this point. They
    > have been struggling to secure their program against a program called
    > Unfreezer by Emiliano Torres (a black hat programmer in Santa Rosario,
    > Argentina). In the last three versions of Deep Freeze, they have
    > completely failed to stop Unfreezer from being able to thaw systems
    > without the password. Each time they say they are "looking into it" and
    > "analyzing the situation", blah, blah, blah. But each time they come
    > out with a new version, Emiliano easily defeats it by updating
    > Unfreezer almost immediately. They are also trying to keep the
    > vulnerability a secret, saying nothing about it on their web site. They
    > released a patch in a lame attempt to stop Unfreezer, but did not tell
    > their customers it was available. Only those who requested help because
    > their systems were being hacked were given the patch. Otherwise no one
    > was told about it. In Deep Freeze Enterprise v5.70.220.1347, their
    > latest version, intended to put a permanent end to Unfreezer, it only
    > took Emiliano one week to update Unfreezer to kill even that version.
    > You could say Emiliano put an end to Deep Freeze!
    >
    > Deep Freeze
    > http://www.faronics.com/html/deepfreeze.asp
    >
    > Unfreezer
    > http://usuarios.arnet.com.ar/fliamarconato/
    >
    > If anyone knows a way to help me secure my network of over 65
    > computers, please advise here. I have lost complete confidence in Deep
    > Freeze. Faronics is dishonest, lame, stupid, and refuses to properly
    > secure their program against Unfreezer.
    >
    > What are some good programs to secure desktops that can't be hacked?


    Well, there's always Linux-on-a-floppy combined with a central server
    that holds the images... would require some custom work, but the price
    cannot be beat.

    Joachim
     
    , Dec 19, 2005
    #2
    1. Advertising

  3. Donnie Guest


    > If anyone knows a way to help me secure my network of over 65
    > computers, please advise here. I have lost complete confidence in Deep
    > Freeze. Faronics is dishonest, lame, stupid, and refuses to properly
    > secure their program against Unfreezer.
    >
    > What are some good programs to secure desktops that can't be hacked?


    ###################################
    You've mentioned Emiliano and the freeze problem before. I had responded
    that I really didn't consider him a black hat. Putting that aside for a
    moment, if anyone would know which program works, it would be Emiliano
    himself. I would ask him directly. Who else would know better but the guy
    who can crack the system?
    donnie
     
    Donnie, Dec 20, 2005
    #3
  4. megaxstu321

    Joined:
    Nov 11, 2006
    Messages:
    1
    Possible solution to the unfreezer intrusions.

    I wanted to test this unfreezer 1.6 on a local ROP machine.
    It had successfully thawed the computer.
    My Instructor was glad that I had found the security flaw, instead of
    yelling at me for attempting to mess with the machine, he said I didn't have to work on anything in class until the semester was over..
    Anyway, I had an idea. Since Deepfreeze cannot be removed (properly which causes boot problems) through using Emergency recovery disk software, nor can the hard drive be formatted. Why not implement a secondary security force, working with deepfreeze software. That way, no matter how many version Emiliano generates, it will remain secure.

    Over the six years, I have spent all my life comparing and studying different types of software and programs. Under security,1 CLick and lock helps increase security because it locks safe mode,Taskmanager, and all other keys on the keyboard. At startup it prompts for a password. The passwords are not cached, and since safe mode is disabled, the person cannot run programs in any other booting cd or what not. The funny part is that if they try using boot cds to remove 1click and lock from the registry, deepfreeze,regardless of what they do, will restore the prior registry/services settings.

    IF you install 1 click and lock after installing deepfreeze, enable all security features on 1clickandlock before freezing the harddrive using deepfreeze. The program will prompt all users at startup for a password restrict any possible (workarounds), and they will not be able to run anything because the screen appears too quickly,(provided startup programs must load first before others can). What's more, the program is very inexpensive and proves an exceptional addition to the everpopular deepfreeze.
     
    Last edited: Nov 11, 2006
    megaxstu321, Nov 11, 2006
    #4
  5. aldin_sk9

    Joined:
    Apr 10, 2008
    Messages:
    1
    sites

    hey those sites for unfreezer are not working what shall i do my school is protected by deep freeze and how i can uninstall it how to remove??please help:saint:
     
    aldin_sk9, Apr 10, 2008
    #5
  6. Pitbullz

    Joined:
    Sep 18, 2008
    Messages:
    1
    Emilano needs a job. Wow your so amazing for hacking DF, I wish people would do something more useful with they're time. What a loser.
     
    Pitbullz, Sep 18, 2008
    #6
  7. luminairex

    Joined:
    Jul 14, 2009
    Messages:
    2
    Admins bring this on themselves

    This is a system configuration issue, not a Deep Freeze issue. If you give your users complete, unobstructed access to do whatever they wish to your public computer willy-nilly, you deserve what you get. Just be smart about it and take precautions - use Group Policy to disable access to the command-line or remove the ability to kill processes. Better yet, don't allow them to run as an administrator at all, regardless of the freedom Deep Freeze allows you.

    Unfreezer isn't a big enough problem to shitcan Deep Freeze completely, since going without DF is a lot like not wearing your seat belt because it makes you uncomfortable. It's a fairly obscure program and requires technical expertise that's beyond most users, and unless you're dumb enough to allow remote access to your public computers, your attacker would have to be physically present in order to perform the exploit.

    Deep Freeze isn't perfect, but it sure does make system administration for public computers much easier. If you don't like it, deploy a Ghost image over your network once a night.
     
    luminairex, Jul 14, 2009
    #7
  8. luminairex

    Joined:
    Jul 14, 2009
    Messages:
    2
    Stop trying to damage school property and go to English class.
     
    luminairex, Jul 15, 2009
    #8
  9. KevinS

    Joined:
    May 22, 2013
    Messages:
    2
    I know this is a Fairly Old post, however we use a program called Drive Vaccine in our school Pc's. It works way better then Deep freeze. We use to use deep freeze until we ran into too many issues with the unthaw Issues and updates. After doing research we Got hold of Drive vaccine which works great. Much easier to use. Faster, cheaper way cheaper and the cost is one time fee not Annually like deep freeze. and thats a big plus for our school district. Hope this information helps someone out looking for alternatives to deep freeze.
     
    KevinS, May 22, 2013
    #9
  10. smjack813

    Joined:
    Jul 23, 2013
    Messages:
    2
    Location:
    Los Angeles
    Faronics is a winning champ

    I did some research before renewing our maintenance with Faronics and I think this was the story of past but as of now, I don't think there is any unfreezer available to forcefully disable Deep Freeze. Even the external boot concept does not really work. We've been using Deep Freeze for some time now and it works perfectly fine within our environment giving us the ability to allow our students to play with the computer as desired and then once they are done, simply restart the computer back to restore it to the original state. As far as the pricing is concerned, I think they offer quite competitive pricing as compared to our products (including Drive Vaccine). Must have for environments with public facing computers.
     
    smjack813, Jul 23, 2013
    #10
  11. KevinS

    Joined:
    May 22, 2013
    Messages:
    2
    " As far as the pricing is concerned, I think they offer quite competitive pricing as compared to our products (including Drive Vaccine). Must have for environments with public facing computers."

    What does this mean? to our products? do you work for Deep freeze?
    also "Including Drive vaccine"? are you saying that Drive vaccine and deep freeze is the same company, if so I would say you are pretty wrong on that statement. Faronics Is the creator for Deep freeze which like i said We use to use and Horizon Data sys is the creator for Drive vacine just incase you maybe got things confused.
     
    KevinS, Aug 1, 2013
    #11
  12. smjack813

    Joined:
    Jul 23, 2013
    Messages:
    2
    Location:
    Los Angeles
    Typo mistake

    It was a typo from my end - I don't work for either of the company. I'd actually meant was "compared to other product and not our products". We've been using Deep Freeze and was recommending it as compared to other products which work on the same platform. I've seen the Drive Vaccine product and it sucks badly - too much buggy and half baked product.
     
    smjack813, Sep 5, 2013
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Deep Freeze In Deep Trouble

    , Oct 25, 2005, in forum: Computer Security
    Replies:
    3
    Views:
    22,140
    Donnie
    Oct 26, 2005
  2. Replies:
    4
    Views:
    9,772
  3. JC
    Replies:
    1
    Views:
    2,112
  4. nunkashta1
    Replies:
    2
    Views:
    1,774
    nunkashta1
    Apr 25, 2012
  5. christaylor24

    Deep Freeze Cloud by Faronics

    christaylor24, Jan 31, 2014, in forum: Software
    Replies:
    3
    Views:
    735
    joeymadness
    Jun 3, 2014
Loading...

Share This Page