I am wondering something.

_____

You can commandline format your flash drives under Windows 7 into UDF (Universal Disk Format) & it stops all autorun viruses from infecting your drive (XP can only read from your flash drive, NOT write back to it). 7 can read AND write back to the drives.

Wonder how it would work to obtain 3 HDD drives, & format 2 drives in NTFS, & the other in UDF.

Install XP to 1 NTFS drive (complete with all drivers & programs you need), then 7 to the other NTFS drive.

_____

Boot fully into your 7 machine, then connect the blank UDF drive & the XP NTFS drive externally via USB to your computer.

Using Free File Sync (Uses Volume Shadow Copy to copy locked system files), clone NTFS XP to the Blank UDF drive.

Safe eject the drives, power down your 7, then connect the UDF XP drive you just made.

Boot up the UDF XP drive, & voila!!! No viruses can write to your computer (or anything else!!!).

_____

Your computer will operate in read only mode? Or crash?

I'd love to try this one day to see how it does. Wouldn't it be great to have an XP machine that is so secure, it doesn't even need an antivirus, & no malware or virus can infect it because it operates in read only mode?

Disable hibernation, system restore, etc., & use USB flash disk or HDD for storage?

_____

XP will be more secure than any newer OS ever can be!!! Hahaha!!! What's more secure than read only?

Because XP will be read only by using UDF format, it will prevent the need for any antivirus, antimalware, & Windows files can never be changed, erased, deleted, corrupted, edited. Your OS will stay rock solidly exactly as you set it up to be till the day your HDD dies.

XP will become more popular than ever, as people find that XP is the new security champion, & far more secure than Vista/7/8 or even the new Windows 9 they haven't released yet!!!

_____

People will plug in flash drives & use portable Firefox on the flash drive, & 0 browsing traces will be left on your HDD, so nothing will be left to clean, & nothing will need to be defragmented. Users will run Firefox cleanup (CTRL + SHIFT + DEL) to delete browsing traces stored on the flash drive, & that will be all there is to erase. You can even use portable CCleaner to wipe the Flash drive evidence!!!

Windows will stay permanently fast, permanently & you can run IE with active X on since it can't install active-X malware anyway.

Windows updates can be left off, & they can't install anyway.

If this gets out, XP may keep selling well into the year 3,000!!! LOL!

* Since software OS crashes are mostly caused by losing what Windows was writing, & since even hitting the power button won't affect a read-only OS because it don't have a choice but always stay the same, is there any need of TRYING to crash UDF formatted drive with XP? LOL!!!

I have had XP since I dumped Win 3.1. Never had a virus or bit of mal-ware I was not expecting. And I do not run anti-virus, or anti-malware on a few machines. But if you visit a known nefarious site with questionable content, anything can happen, with or without protection .

And you prepare in advance for those types of excursions via backup image. I never had to reinstall XP on a good number of machines. There is something to be said for good computing practices, backups, and maintenance. CCleaner with a nicely trimmed winapp2.ini file is integral to that.

My personal vintage daily-driver XP machine is 11 years running, and is as fast as ever with 30 second boot, with mechanical HDD. I don't burden a system with all kind of crap. And when you apply these old-school techniques to modern day hardware, man, the stuff just is just beyond faaast.

Now, *my* other way of doing a write-free, virus-free, infection-proof, is to do live CD. That and flash memory device for temporary writes and other activity that needs writable disks. Anything goes wrong, format the flash. This way I can keep my beloved NTFS environment; and do it with as little trickery as possible.

That's sort of what I've wanted for years after dealing with DLL Hell and the VXD issues in Win98 when I got WinXP. Problem is there wouldn't be an easy way of doing it, let alone having to deal with daily updates for software such as antivirus, etc., and the monthly updates from Microsoft. I'd imagine such a system would be completely hardware based, i.e.; no OS to install or possibly damage - sort of like an old CD/DVD based video game.

I skipped much of the 95/98 era, a dark time for sure.

I built a win XP live system running from SSD, with a physical write protect switch, akin to the tape strip on early floppies. I flip the switch when I need to effect writes such as app installs and updates. And even then I have an image on a totally separate device.

These are all well and good for experiments and whatnot. But I find safe computing practices work almost as well and are applicable to almost any system, new and old alike, without hassle. More important is always secure your user-generated data and have a restore plan for when disaster strikes.

More important is always secure your user-generated data and have a restore plan for when disaster strikes.

Indeed, and not all disasters are malware related there's still hardware failure to worry about. It's interesting though how some hardware failure issues have people immediately thinking it's malware.

I recently worked on a system that had NOAA stickers all over it. I found a bad dimm module. The symptoms - failing usb keydrives. They'd fail hw2test.

The very nature of malware/virus evolution would I guess mean that this would encourage writers of nasties to use other entry points to the system.

If you look here and have a little read you realise how clever and devious they can be

http://www.h-online....se-1738577.html

Some malware evade detection by going to ''sleep''

suspicious program only unpacks its malicious code after 5 minutes, then waits another 20 minutes before it inserts itself into the registry, and finally begins its network activities another 20 minutes later

Some even have virtual drive detectors built into their subroutines.

The goal of all pc users is to tighten up the security of their machine without compromising the usability and fun of having a pc. If your restrictions are so tight that 'normal' use of a machine happens it can put people off.

This wouldn't work. Several reasons:

- Programs need to write data to the registry at runtime.

- Browsers wouldn't be able to actually download anything, making them redundant.

- Windows Page File would be inoperable.

Much of my troubleshooting and advice is geared toward the individual user, home & small business. Mostly home.

What I always say, when the question of security comes up, is to use a simple (and not nagging!) security program, something like MSE or similar. That, and to always visit reputable websites you know are trustworthy. And standard disk imaging backups for bonus points.

If they wanna play risque' then be prepared to wipe your system at the first sign of trouble, or use a virtual machine that can be recreated at drop of a hat.

Boot fully into your 7 machine, then connect the blank UDF drive & the XP NTFS drive externally via USB to your computer.

Using Free File Sync (Uses Volume Shadow Copy to copy locked system files), clone NTFS XP to the Blank UDF drive.

Is it relevant to use "Volume Shadow Copy to copy locked system files" ?

I would not expect Win 7 to encounter any locked files on an attached but non-running Win XP drive.

Super, there is a way to do that for win xp. Powershadow. Its free, listed in the old freeware section of this forum. Sadly, it won't work for any system after xp.

That scraping sound is me getting out the podium.

Others will list other virtualization apps, and they are good, but PS is best. (The fight is on . . . )

I wouldn't recommend it unless I had used it for over 5 years. When PS is running, no changes to your system will stick after a restart. None. Nada. Zilch. Not registry edits, application installations, viruses, ... none. Just a simple restart and they are GONE, I'm tellin' ya.

The only downside is that you cannot install anything that requires a restart. But you can try out such apps in a virtual machine. If you like'em, install'em permanently before activating PS next time you boot up.

I think ?? PS runs your system in unused space on your HD, then discards changes at shutdown. No slowdown that I have ever noticed.

I know the changes are gone before startup, because I inspected the HD using Linux apps before restarting, and the changes I had made were gone.

Win xp is not going to last forever. < sniff. The hardware for it will wear out, OEMs will stop trying writing drivers that work. Thats happening already. Microsoft uses the car manufacturer's business model. Put out a new model every year . . . they'll buy it.

Just my opinion.

Fwiw, I think TheWebAtom is right, win xp needs to write to a bunch of places pretty much all the time, so write protecting doesn't work. I would love to be wrong about that, so let me know if I am.

This wouldn't work. Several reasons:

- Programs need to write data to the registry at runtime.

- Browsers wouldn't be able to actually download anything, making them redundant.

- Windows Page File would be inoperable.

Some of those have work-a-rounds. Even if XP cannot write to the HDD, insert a USB flash disk with portable Firefox on it. Problem solved. FF saves to USB drive.

Some of those have work-a-rounds. Even if XP cannot write to the HDD, insert a USB flash disk with portable Firefox on it. Problem solved. FF saves to USB drive.

Open Firefox while a disk access viewer program is running. You'll find that cache/cookies aren't all browsers write to disk. Windows logs everything; and there is no way to disable it. The I/O error stack would overflow immediately and it would crash rather spectacularly. Not to mention that when you have lots of tabs open; it would write the data to swap (which cannot be moved from the primary disk) which, again, would cause Windows to die with some funky error.

Sidenote: It wouldn't be that secure either, as Windows allows memory to be marked as executable. That means binary files (such as keyloggers) can be downloaded and executed without ever touching your disk.

Unnhhh, yeaah, what he said.

Seriously, though, Super, all I want is an OS that recovers easily from unexpected problems.

If I was working is an environment that needed super security, Powershadow might not be enough.

I suppose that all those windows tracks are still out there floating around on whatever part of the HD was used by PS, and could be found by expensive data recovery efforts. Even though I couldn't find them.

Don't care about that, not trying to maintain a system that eliminates all history, not hiding from anybody.

Just this: if a bug bites, I can restart and it is gone.

It has happened more than once in the past. All while I was visiting safe, normal sites, that common sense would say are OK.

And if some bug starts while in the virtual OS, I depend on my antivirus stuff to catch it.

Edit: What I would really like is an app that runs the OS in RAM, then flushes it at shutdown. That would be a true ninja system. Is there such a thing?

Edit: What I would really like is an app that runs the OS in RAM, then flushes it at shutdown. That would be a true ninja system. Is there such a thing?

Yes.

Choices include Live Linux or WinPE.

A WAIK such as KB3AIK_EN.iso is a free 1.7 GB download from Microsoft.

Macrium Reflect places only 10% of that into a Recovery Boot CD or Boot Flash drive to create a WinPE,

which executes in RAM Drive X:\ and provides a rudimentary Windows Explorer plus a CMD.EXE command line,

with all Windows drivers, API's and I know not what else,

that will support the Macrium Application,

which running under WinPE can select any desired partition image backup file,

and explore and/or restore the image to the computer,

and additionally can create a backup image of a broken computer.

[off topic]

I had modified my documents and before I could make backups,

a M.S. emergency patch update arrived without my permission and made my system unusable.

The Macrium Boot CD allowed me to image my broken system before I restored the last image from BEFORE disaster struck.

After Booting up my mended system containg obsolete documents I then mounted the broken system image,

and copied the latest document versions to my computer.

[on topic]

The 10% used by Macrium may have internet connection capability - I do not know.

The 90% which they do not use may well have Trident (the 3 pronged pain in the Butt I.E.)

and may support other browsers and may be enough for your needs

(Windows XP was less than 3 GB)

There are many websites that tell you how to grow your own WinPE.

I even remember

http://virtualfoundr...ith-defrag.html

as linked by Asphyxium at

http://forum.pirifor...showtopic=37107

Sidenote: It wouldn't be that secure either, as Windows allows memory to be marked as executable. That means binary files (such as keyloggers) can be downloaded and executed without ever touching your disk.

Understood.

But since most keyloggers install to HDD before they run, how much good would that do them?

And wouldn't the be gone after a reboot, since they cannot write to the drive?

Not to mention that when you have lots of tabs open; it would write the data to swap (which cannot be moved from the primary disk) which, again, would cause Windows to die with some funky error.

Wouldn't tab #1001 cause the same.

And wouldn't the be gone after a reboot, since they cannot write to the drive?

That's true; but if they stored themselves as browser cache on the removable drive where you installed Firefox; you have the same problem

Malware executing in a RAM drive is not restricted to the main drive.

It can also attack the BIOS / CMOS to subvert subsequent operations.

I think I first read about this 6 years ago.

Here are some links to more recent reports :-

http://www.pcworld.c...work_cards.html

http://www.theregist...kit_discovered/

http://www.ehow.com/...ios-can-do.html

Here is another link with interesting snippets

http://www.informati...stant/240006190

Previous examples of BIOS-infecting malware are relatively rare, but include the Windows-targeting CIH or Chernobyl virus, which appeared in 1998 and could flash a BIOS and corrupt it, after erasing the data on a PC.

The report warned that BIOS implementations could become more susceptible to such attacks in the future. "The move from conventional BIOS implementations to implementations based on the Unified Extensible Firmware Interface (UEFI) may make it easier for malware to target the BIOS in a widespread fashion, as these BIOS implementations are based on a common specification," it said, meaning that attackers could potentially hit more targets at once with a single piece of malware.

Malware executing in a RAM drive is not restricted to the main drive.

It can also attack the BIOS / CMOS to subvert subsequent operations.

That wouldn't work on a password protected BIOS, would it?

Also, @WebAtom, if you never installed Java & only use flash (it would resolve some, but not all) exploit issues.

Additionally, if you ran CTRL + SHIFT + DEL while portable firefox was running, couldn't you clear all the trash using inbuilt cleaner?

If not that, couldn't you simply run Help/Troubleshooting information/Reset Firefox?

_____

When I get time, I'm going to try it, & disable:

-> File indexing

-> System Restore

-> Active-X

-> Write behind caching (else re-allocate to another drive)

-> Recycle Bins

-> Error Reporting

-> Prefetch

-> Windows Defender

-> Automatic Updates

And maybe misc other that normally include write backs.

It may be possible to alter the swap disk location, but not sure on that.

Not worried about updates on a read only disk, since nothing could possibly write to a read only drive.

Will use portable Firefox on a FAT32 flash disk (FAT32 uses fewer writes, & should be faster... I think).

If it crashes, oh well, can easily reload FF on NTFS flash disk.

I do not really know what will happen, or what all I will need to do just yet, but I am sure it will be a very interesting experiment!