• 0

How does Deep Freeze work?

Asked by Post-It Note,

 Share

Question

Mentor

Post-It Note

Posted
Posted

Deep Freeze ( http://www.faronics.com/CANADA/product.asp ) is a program that prevents changes to a hard drive. You can do whatever you want to the drive, but when you restart it will return the disk to its original state.

It does this without partitioning, taking up extra space, or having another hard drive to image across. Anyone have any ideas or theories on how it works? I'm going to install the trial and see what I can find out.

Link to comment
https://www.neowin.net/forum/topic/214696-how-does-deep-freeze-work/
Share on other sites

47 answers to this question

Recommended Posts

  • 0
Mentor

mzkhadir

Posted
Posted

ThawSpace

Deep Freeze Professional has the ability to designate a portion the hard drive as ?thawed? for permanent storage. ThawSpace can be set anywhere from 16MB to 2GB. Save documents and favourite Internet sites by mapping My Documents and Favourites to ThawSpace.

  • 0
Mentor

Post-It Note

Posted
  • Author
Posted

I'm just going to say that it's a secret how it works, so going through the website is not very helpful in finding out how it works. I'm looking for how YOU think it works.

Anyways, I've installed it and started testing it out by deleting things. (of course I imaged my drive beforehand.)

  • 0
Mentor

Post-It Note

Posted
  • Author
Posted

I've delete an entire Software regedit key, and I managed to right click->delete my recycle bin. :o. Now let me restart...

Yup.. No problems. I'm going to thaw, make a really big file, freeze, and see what happens when I delete it.

  • 0
Experienced

Another_Paul

Posted
Posted

Deepfreeze is awesome for public/school computers! I have been using it for several years without any hitches. Standard will "freeze" your whole hard drive preventing any changes you after rebooting. If you have multiple harddrives you can pick and choose which ones to be "frozen". Professional will let you have a Thawed folder that will allow changes to remain the same. But the catch is that you have to buy a minimal of 10 copies of Professional instead of just one.

It's only like a 5 meg install, I have no idea how they do it! Maybe something keeps track of all the changes and reverts to the original state after it reboots.

  • 0
Grand Master

John Veteran

Posted
  • Veteran
Posted

It installs its own disk driver for each of your hard drives I noticed. I believe this is key... But I haven't been able to crack it yet. Uninstalling the driver doesn't work :(

I was able to stop the DeepFreeze process by gaining SYSTEM priviledges through a very sneaky method :shifty: (which is now blocked with SP2 :pinch:)

As much as I played with it, I couldn't break it :/ Though I'd like to try again sometime...

  • 0
Experienced

The Burning Rom

Posted
Posted

I'm not sure how it works, but I know the program itself is a pain in the arse to work with. I worked at a college that had it running on around 800 student computers. And it can get quite annoying. One of the newer versions goes into what we called "hardening" mode...where the icon in the taskbar disappears after the machine has been on for a certain period of time. Sometimes it takes 3 or 4 reboots to get it back too :angry:

What mzkhadir was talking about..."thaw space"...is a new feature of deepfreeze which allows you to designate a "partition" for deep freeze to create, which allows you to save files in, and reboot without loosing them. The only downside is when deepfreeze is uninstalled, you also wave bye bye to your thawspace and the files it contained. I sure hope they changed that in the newest version.

It's a program I'd avoid if I could. But in some situtuations (like at the college), it's one of those things that you just have to deal with.

  • 0
Mentor

Callaway

Posted
Posted

It's a fantastic program for Windows. We use the console/enterprise version in our public labs extensively at UNLV. Essentially, as long as a user can't boot to a floppy or cd-rom (lockdown the bios), it's flawless.

Want to delete Windows directory? No problem.

Want to download a few trojans? No problem.

Want to download a virus that will infect the MBR? No problem.

Soon as the workstation reboots, reverts back to the previous settings. You can set up multiple passwords, onetime passwords, mainteanance times, and if you have the console installed, you can remotely thaw/freeze workstations with a click of the mouse (or run programs / install updates).

It kicks @SS!

If you need help, send me a /pm. I would encourage ALL Windows system admins to invest in Deep Freeze.

  • 0
Mentor

Callaway

Posted
Posted
I'm not sure how it works, but I know the program itself is a pain in the arse to work with. I worked at a college that had it running on around 800 student computers. And it can get quite annoying. One of the newer versions goes into what we called "hardening" mode...where the icon in the taskbar disappears after the machine has been on for a certain period of time. Sometimes it takes 3 or 4 reboots to get it back too :angry:

What mzkhadir was talking about..."thaw space"...is a new feature of deepfreeze which allows you to designate a "partition" for deep freeze to create, which allows you to save files in, and reboot without loosing them. The only downside is when deepfreeze is uninstalled, you also wave bye bye to your thawspace and the files it contained. I sure hope they changed that in the newest version.

It's a program I'd avoid if I could. But in some situtuations (like at the college), it's one of those things that you just have to deal with.

No offense, but you don't know wth you're talking about. The thawspace has been around since for years, and you don't even need it. All it is is a temporary partition which is created before Windows loads where changes can be made that will not be erased. It's much easier and faster for the workstation to simply create a logical partition and set that drive letter as unthawed or not frozen.

As for the icon, you can choose to have the icon show in thawed / frozen or not at all. Most admins will set it to display when the workstation is thawed, so that a quick peek at the desktop will tell them somoene forgot to lock the station down.

  • 0
Mentor

Callaway

Posted
Posted
Hmm, There has to be someflaws, somewhere.

Nope...none. Unless you can boot to a floppy or cd-rom, forget it.

We also use corporate edition of Ghost, which needs to rewrite the MBR in order to boot to the boot partition. If the workstation is still frozen, nopers....DF erases the changes and boots Windows.

One downside to the product is you can only make changes in thawed mode. So if you need to make a change, thaw, reboot, make changes, freeze, hope things are good...if not, thaw, reboot, make changes, freeze, etc.

One recommendation to admins, don't store the workstation file, configuration files, or console settings on the local workstation (depends on what version you're running). Quite easy to pull the passwords out of the files.

  • 0
Contributor

ultraviolet7

Posted
Posted
Unless you can boot to a floppy or cd-rom, forget it.

i consider this a fairly big flaw but not one that is the fault of the makers of deepfreeze. gaining access to booting from those divices is a rather trivial matter on most computers even if it is set not to boot from them and locked with a password. i don't really know anyway that deepfreeze would be able to stop this though since their drivers only can take over once the OS has booted.

  • 0
Veteran

pmh

Posted
Posted
Nope...none. Unless you can boot to a floppy or cd-rom, forget it.

We also use corporate edition of Ghost, which needs to rewrite the MBR in order to boot to the boot partition. If the workstation is still frozen, nopers....DF erases the changes and boots Windows.

One downside to the product is you can only make changes in thawed mode. So if you need to make a change, thaw, reboot, make changes, freeze, hope things are good...if not, thaw, reboot, make changes, freeze, etc.

One recommendation to admins, don't store the workstation file, configuration files, or console settings on the local workstation (depends on what version you're running). Quite easy to pull the passwords out of the files.

I don't care how carefully the code was debugged, I bet that there is some screw up in there. Just because no one has found it yet doesn't mean it doesn't exsist.

  • 0
Collaborator

genghis

Posted
Posted (edited)

this pice of software is like ah bad habit u just cant kick

i found the only way of getting rid of this is a complete low level format of your hard disk.

imagine tinking u have formated to reinstall windows only to reboot and find that nuting has changed.

or pc crashing on u while ur working on end of semester report and have to reboot!!!!! report vanishes !!!!!!!!!

i have been there!

on the up side if u have trial version software, install but dont activate

then freeze .

now everytime u reboot and run it, it'll be like first time...counter resets to zero.

Edited by genghis
  • 0
Collaborator

xTrinity

Posted
Posted (edited)

How to kill DeepFreeze:

I did this many times, temporarily disabling DeepFreeze to put files on the computer and then restoring it. It does NOT use an image of your drive. I'm not surely exactly how it operates, but its not an image. I believe it tracks every write to the harddrive and reverses it. That explains how this method works.

Win9x:

Use floppy to boot into DOS. Goto DeepFreeze folder and rename/delete it. Restart computer and volia! DeepFreeze is gone. Do anything you need want to the computer, and the changes stay. Boot back into DOS, restore the DeepFreeze folder and volia! DeepFreeze will forever restore the computer to the state in which you modified it to.

This proves that DeepFreeze does not use images or any kind of backup.

WinXP/2k:

A bit harder since WinXP/2k has no native DOS. You will need to use the Windows install disc to get into the DOS recovery mode thingy. Then do the above and it will work fine.

Although this only works if the sys admin is an idiot. Who in their right mind would install DeepFreeze and then allow someone to boot with a floppy or CD? As long as you can boot into DOS, you can remove DeepFreeze. If you cannot boot into DOS, there's no way to remove DeepFreeze. A smart sys admin would password the BIOS and boot only the harddrive. Of course, not everyone is that bright :p

EDIT: DeepFreeze is written in an extremely low level assembly. It makes direct calls to the processor and memory, bypassing Windows altogether. Have fun with SoftIce on this. There's a reason why this software is thousands of dollars :). But if you want to try, tokens are the key.

Edited by xTrinity
  • 0
Mentor

+orgitnized Subscriber¹

Posted
  • Subscriber¹
Posted

Very similar to Fortres Clean Slate and they both have their flaws.

Deep Freeze and Clean Slate both have incompatibilities with software, especially installers. And NO, it DOES NOT matter whether or not a thaw space is used, or the software is enabled or disabled.

I have it and have used it at a few schools.

Clean Slate and Deep Freeze are both a pain in the arse when it comes to managing a lot of the workstations at once. This is especially true in Novell networks. If you don't have the Client for Microsoft Networks installed it's a pain because it wants to read workstation names, which are exactly the same if you image the workstations. This is because the Novell client doesn't care at all about the "workstation" name, but more about the NDS or eDir name instead.

It serves its purpose in respects to using it on unmanaged networks or networks that aren't at all volatile. I make changes to 500 computers at the same time, and the last thing I want to do is load up another management console and try to disable some machines and not others, etc. To me, it's a pain. I have much better luck without the software. For stand-alone machines and what-not, I can see the purpose. Heck, even on NT networks with mixed clients I can see a better purpose. But on Novell networks, I don't need it at all. Everything is locked down with policies and backed up by imaging the machines anyway, so it's just a waste of money in that respect. Kids essentially could screw the machines up every night and it wouldn't even matter one bit. Not that they can, because policies restrict them from doing it, but it wouldn't matter anyway.

They did tell me that the driver was the biggest part of the program, so gameguy is on the right track. Since it's installed and loaded right at bootup, all changes get discarded. I stopped using it once we found a a way to break security in Fotres and Faronics-brand products that would render the workstation immediately inoperable. They fixed it when we called them about it (in their next release) but it just wasn't that impressive.

It does have its uses, but I would use it on something that's really unmanaged, like stand-alone machines that aren't governed by any type of security or administration.

  • 0
Mentor

Callaway

Posted
Posted
How to kill DeepFreeze:

I did this many times, temporarily disabling DeepFreeze to put files on the computer and then restoring it. It does NOT use an image of your drive. I'm not surely exactly how it operates, but its not an image. I believe it tracks every write to the harddrive and reverses it. That explains how this method works.

Win9x:

Use floppy to boot into DOS. Goto DeepFreeze folder and rename/delete it. Restart computer and volia! DeepFreeze is gone. Do anything you need want to the computer, and the changes stay. Boot back into DOS, restore the DeepFreeze folder and volia! DeepFreeze will forever restore the computer to the state in which you modified it to.

This proves that DeepFreeze does not use images or any kind of backup.

WinXP/2k:

A bit harder since WinXP/2k has no native DOS. You will need to use the Windows install disc to get into the DOS recovery mode thingy. Then do the above and it will work fine.

Although this only works if the sys admin is an idiot. Who in their right mind would install DeepFreeze and then allow someone to boot with a floppy or CD? As long as you can boot into DOS, you can remove DeepFreeze. If you cannot boot into DOS, there's no way to remove DeepFreeze. A smart sys admin would password the BIOS and boot only the harddrive. Of course, not everyone is that bright :p

EDIT: DeepFreeze is written in an extremely low level assembly. It makes direct calls to the processor and memory, bypassing Windows altogether. Have fun with SoftIce on this. There's a reason why this software is thousands of dollars :). But if you want to try, tokens are the key.

yes, but both of your scenarios require booting to somoething other than the hard drive. This is the only known means of bypassing DeepFreeze.

Try bypassing it without booting to another device.... ;) Any half-@ss admin should lockdown down the BIOS...

  • 0
Mentor

Callaway

Posted
Posted
Very similar to Fortres Clean Slate and they both have their flaws.

Deep Freeze and Clean Slate both have incompatibilities with software, especially installers. And NO, it DOES NOT matter whether or not a thaw space is used, or the software is enabled or disabled.

I have it and have used it at a few schools.

Clean Slate and Deep Freeze are both a pain in the arse when it comes to managing a lot of the workstations at once. This is especially true in Novell networks. If you don't have the Client for Microsoft Networks installed it's a pain because it wants to read workstation names, which are exactly the same if you image the workstations. This is because the Novell client doesn't care at all about the "workstation" name, but more about the NDS or eDir name instead.

It serves its purpose in respects to using it on unmanaged networks or networks that aren't at all volatile. I make changes to 500 computers at the same time, and the last thing I want to do is load up another management console and try to disable some machines and not others, etc. To me, it's a pain. I have much better luck without the software. For stand-alone machines and what-not, I can see the purpose. Heck, even on NT networks with mixed clients I can see a better purpose. But on Novell networks, I don't need it at all. Everything is locked down with policies and backed up by imaging the machines anyway, so it's just a waste of money in that respect. Kids essentially could screw the machines up every night and it wouldn't even matter one bit. Not that they can, because policies restrict them from doing it, but it wouldn't matter anyway.

They did tell me that the driver was the biggest part of the program, so gameguy is on the right track. Since it's installed and loaded right at bootup, all changes get discarded. I stopped using it once we found a a way to break security in Fotres and Faronics-brand products that would render the workstation immediately inoperable. They fixed it when we called them about it (in their next release) but it just wasn't that impressive.

It does have its uses, but I would use it on something that's really unmanaged, like stand-alone machines that aren't governed by any type of security or administration.

Deep Freeze and Clean Slate both have incompatibilities with software, especially installers.  And NO, it DOES NOT matter whether or not a thaw space is used, or the software is enabled or disabled.
Deep Freeze does not interact w/ any installers whatsoever. It doesn't interact at all with the workstation until reboot...You can do whatever you want with it and it could care less.
Clean Slate and Deep Freeze are both a pain in the arse when it comes to managing a lot of the workstations at once.  This is especially true in Novell networks.  If you don't have the Client for Microsoft Networks installed it's a pain because it wants to read workstation names, which are exactly the same if you image the workstations.  This is because the Novell client doesn't care at all about the "workstation" name, but more about the NDS or eDir name instead.

It serves its purpose in respects to using it on unmanaged networks or networks that aren't at all volatile.  I make changes to 500 computers at the same time, and the last thing I want to do is load up another management console and try to disable some machines and not others, etc.  To me, it's a pain.  I have much better luck without the software.  For stand-alone machines and what-not, I can see the purpose.  Heck, even on NT networks with mixed clients I can see a better purpose. 

We use 99% Novell on close to 5000 workstations, it's not even an issue with Deep Freeze (nor AD). The Console version of Deep Freeze kicks butt, serious commie butt. All you have to do is install the workstation seed, and you can see the workstations just fine. You don't even need the MS Client installed...The Console is beautiful.

But on Novell networks, I don't need it at all.  Everything is locked down with policies and backed up by imaging the machines anyway, so it's just a waste of money in that respect.  Kids essentially could screw the machines up every night and it wouldn't even matter one bit.  Not that they can, because policies restrict them from doing it, but it wouldn't matter anyway.

If you're administering some +1000 machines, I fail to see how having DF installed is a waste of money. If anything, it will save you money in manpower, time, and network usage by NOT having to reimage all your machines. Used in conjunction with any imaging software (like Ghost) and life suddenly became enjoyable.

This topic is now closed to further replies.
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Microsoft confirms Recycle Bin bug across all versions of Windows

      By spacelordmaster · Posted

      ...and the problems continue.
    • Weekend PC Game Deals: Cyberpunk 2077, Split Fiction, Sonic Racing, and more

      By LoneWolfSL · Posted

      Weekend PC Game Deals: Cyberpunk 2077, Split Fiction, Sonic Racing, and more by Pulasthi Ariyasinghe Weekend PC Game Deals is where the hottest gaming deals from all over the internet are gathered into one place every week for your consumption. So kick back, relax, and hold on to your wallets. The Epic Games store brought along two games from wildly different genres this week for PC gamers to claim. Robobeat is a rhythm-based action game that lets you become a bounty hunter that can wall run, slide, and bunny hop around his opponents. All you have to do is stick to the beat for the built-in or custom songs. Next, Citizen Sleeper is a sci-fi RPG adventure taking place in a ruined space station. It uses tabletop RPG-inspired elements like dice rolls and timers to change up how players approach its activities, factions, and storylines. The Citizen Sleeper and Robobeat giveaways end on June 25. On the same day, RollerCoaster Tycoon 3 and Voidwrought will become the next freebies. The bundle space expanded with two more collections from Humble this week too. The June 2unes bundle is up first, carrying plenty of rhythm games. This carries Kill the Music and Rhythm Witch in the $5 starting tier, followed by Trombone Champ, Spin Rhythm XD, and Thumper in the $7 tier. Paying at least $12 gets you the complete bundle, which adds on Kalpa: Cosmic Symphony, Everhood 2, NOISZ, and Sixtar Gate: StarTrail. The next bundle is for virtual reality fans. This carries Among Us 3D: VR and Zero Caliber VR for $10. The next tier brings in Tactical Assault VR, Ancient Dungeon, and Arizona Sunshine Remake for $15. VTOL VR, Zero Caliber 2 Remastered, Metro Awakening, and Thief VR land to finish things off for $18. Free Events It's a big week for free event fans, as Valve kicked off another one of its Next Fest events. This one carries thousands of gameplay slices from upcoming indie games The promotion is set to run until June 22. Standard free events are also ongoing this weekend. This includes the sci-fi grand strategy experience Stellaris from Paradox and the hit SEGA management game Two Point Museum. Asymmetric multiplayer horror title Dead by Daylight and the hit mech shooter MechWarrior 5: Mercenaries are also free-to-play over the weekend. Big Deals The Steam Summer Sale is a week away from launch, but there are plenty of publishers already putting their wares on sale to prepare for the event. Here's our hand-picked big deals list for this weekend: Battlefield 6 – $34.99 on Steam Sonic Racing: CrossWorlds – $34.99 on Steam Split Fiction – $32.49 on Steam Arma Reforger – $27.99 on Steam Sniper Elite: Resistance – $24.99 on Steam DayZ – $22.49 on Steam Two Point Museum – $20.09 on Steam Atomfall – $19.99 on Steam No More Room in Hell 2 – $19.49 on Steam Cyberpunk 2077 – $17.99 on Steam Sonic Frontiers – $17.99 on Steam Dinkum – $15.99 on Steam Stellaris – $14.99 on Steam Hi-Fi RUSH – $14.99 on Steam My Little Puppy – $14.99 on Steam FINAL FANTASY XII THE ZODIAC AGE – $14.99 on Steam SONIC X SHADOW GENERATIONS – $14.99 on Steam EA SPORTS FC 26 – $13.99 on Steam STAR WARS Jedi: Survivor – $13.99 on Steam FINAL FANTASY VII REMAKE INTERGRADE – $13.99 on Steam FINAL FANTASY XV – $13.99 on Steam It Takes Two – $11.99 on Steam FINAL FANTASY X/X-2 HD Remaster – $11.99 on Steam Axiom Verge 2 – $9.99 on Steam [REDACTED] – $9.99 on Steam Sniper Elite 5 – $9.99 on Steam Holdfast: Nations At War – $9.99 on Steam Arma 3 – $8.99 on Steam The Callisto Protocol – $8.99 on Steam A Way Out – $8.99 on Steam LIGHTNING RETURNS: FINAL FANTASY XIII – $7.99 on Steam MechWarrior 5: Mercenaries – $7.49 on Steam Slackers - Carts of Glory – $7.14 on Steam MIMESIS – $6.99 on Steam Need for Speed Unbound – $6.99 on Steam FINAL FANTASY XIII – $6.39 on Steam Sniper Elite 4 – $5.99 on Steam Tyranny – $5.99 on Steam Immortals of Aveum – $5.99 on Steam Far Cry 3 – $4.99 on Steam Zombie Army 4: Dead War – $4.99 on Steam Sonic & All-Stars Racing Transformed Collection – $4.99 on Steam Mass Effect Legendary Edition – $4.79 on Steam Titanfall 2 – $4.49 on Steam SimCity 4 Deluxe Edition – $3.99 on Steam Far Cry 3 - Blood Dragon – $3.74 on Steam Wreckfest – $2.99 on Steam Crime Boss: Rockay City – $1.99 on Steam theHunter: Call of the Wild – $1.99 on Steam The Saboteur – $1.99 on Steam Battlefield 1 – $1.99 on Steam Sonic Mania – $1.99 on Steam Golf With Your Friends – $1.49 on Steam Sid Meier's Alpha Centauri Planetary Pack – $0.99 on Steam Dungeon Keeper 2 – $0.99 on Steam Populous: The Beginning – $0.99 on Steam Citizen Sleeper – $0 on Epic Store ROBOBEAT – $0 on Epic Store DRM-free Specials The DRM-free store GOG has already kicked off its own summer sale. Here are some highlights: S.T.A.L.K.E.R. 2: Heart of Chornobyl - $41.99 on GOG Indiana Jones and the Great Circle - $41.99 on GOG Cronos: The New Dawn - $35.99 on GOG SILENT HILL 2 - $34.99 on GOG SILENT HILL f - $34.99 on GOG Kingdom Come: Deliverance II - $29.99 on GOG MENACE - $29.99 on GOG Cairn - $23.99 on GOG Frostpunk 2 - $22.49 on GOG The Alters - $20.99 on GOG Resident Evil Classic Bundle - $20.99 on GOG System Shock 2: 25th Anniversary Remaster - $17.99 on GOG Banishers: Ghosts of New Eden - $16.99 on GOG Legacy of Kain: Defiance Remastered - $16.25 on GOG METAL EDEN - $15.99 on GOG REPLACED - $15.99 on GOG Hollow Knight: Silksong - $14.99 on GOG Tomb Raider I-III Remastered Starring Lara Croft - $11.99 on GOG Chants of Sennaar - $11.99 on GOG Alpha Protocol - $9.99 on GOG DREDGE - $9.99 on GOG Crow Country - $9.99 on GOG Warhammer 40,000: Dawn of War - Anniversary Edition - $2.99 on GOG Keep in mind that availability and pricing for some deals could vary depending on the region. That's it for our pick of this weekend's PC game deals, and hopefully, some of you have enough self-restraint not to keep adding to your ever-growing backlogs. As always, there are an enormous number of other deals ready and waiting all over the interwebs, as well as on services you may already subscribe to if you comb through them, so keep your eyes open for those, and have a great weekend.
    • Acronyms....

      By WiltshireHam · Posted

      Lilly-Livered American Media Are Scared
    • Nothing kills CMF Phone 2 Pro's successor due to rising memory prices

      By Fleet Command · Posted

      Really? Despite the memory price rises, nothing can kill it? I thought something would.
    • Microsoft confirms Windows 11 26H2, urges IT admins to prepare for release

      By xillibit · Posted

      I think there will be a 27H1 for actual users of 26H1 The 25h2 supports ARM too : Snapdragon X, Snapdragon X Plus and Snapdragon X Elite

  • Recent Achievements

    • Week One Done
      Genuinetonerink- Dubai earned a badge
      Week One Done
    • One Month Later
      Genuinetonerink- Dubai earned a badge
      One Month Later
    • One Year In
      hhgygy earned a badge
      One Year In
    • One Month Later
      AMV earned a badge
      One Month Later
    • Week One Done
      AMV earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      514
    2. 2
      +Edouard
      171
    3. 3
      PsYcHoKiLLa
      82
    4. 4
      Steven P.
      74
    5. 5
      Michael Scrip
      72
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!