PCDSKSEC.RVW 940207 Comparison Review Company and product: A. Padgett Peterson POB 1203 Windermere, FLA, 34786, USA (407)352-6007 eves Florida time (407)648-0733 fax DISKSECURE v 2.4 Summary: Low level hard disk protection to prevent access, by virus or otherwise, to hard disk. Cost free for non-commercial use Rating (1-4, 1 = poor, 4 = very good) "Friendliness" Installation 4 Ease of use 4 Help systems 3 Compatibility 3 Company Stability 4 Support 3 Documentation 2 Hardware required 3 Performance 4 Availability 2 Local Support 2 General Description: DISKSECURE replaces the partition table of the hard disk with code which performs load time checking and prevents access to the hard disk if booted from floppy, and offers software write protection to the system areas of the disk. I should state a bias here. DISKSECURE is a very powerful protective system, and, unlike many others of similar function, is completely confident in telling you what is being done. In reviewing antiviral and security software I have come to the point where I am positively afraid of running some of these systems: much more so than I am of any viral programs. DISKSECURE has, however, saved my hard disk a number of times from the predations of these other security programs and for this I am profoundly grateful. Comparison of features and specifications User Friendliness Installation Default installation is simple and can be accomplished through a supplied batch file. A "quick start" reference is provided along with the regular documentation. For protection of the hard disk only DISKSEC2 is required to be run, although this limits the possibilities for recovery. Novice users may not be sufficiently aware of the dangers inherent in this process, and it is highly recommended that the entire documentation be read. The program is replacing the partition table of the hard disk, and, if it fails, all information which the computer requires to access the disk and information will be lost, even if the information is not, physically, erased. Although the possibility of this is very small, a backup of the partition boot record prior to installation would be a good idea. This is, in fact, one of the options of the program, and should be accepted. Despite its power, DISKSECURE has caused very few problems over the years. The greatest number of problems are with those who know just enough to realize the potential problems of this type of program and who are afraid of it. I have, on several occasions, had people worry that it might have been a trojan program. These are the ones who have not read the documentation for the program. Ease of use Operation of the programs is simple. DISKSEC provides ample prompting and opportunity for the user to stop at any point. The program now has even more options and can fully control all aspects which used to require some manual intervention by the user. DSRPART can be used to recover the hard disk from "boot sector infecting" (BSI) viral programs of the type that overwrite the "master boot record" of the hard disk. (On floppy disks the first "physical sector" on the disk is the boot sector. On hard disks the first "physical sector" is the "master boot record" or MBR, which contains a short section of code followed by a description of the size and attributes of the disk called the partition table. Because of the limited number of floppy disk formats, the same thing is accomplished on floppies with only one "media descriptor byte". Thus, while using the SYS command can wipe out any BSI on a floppy disk, some BSIs cannot be so eliminated on a hard disk if they infect the MBR rather than the boot sector.) Help systems None provided. DISKSEC is well prompted and the other programs have no options. Compatibility The original program, since it was so intimately tied to the low level hardware and disk structure, would not work with non-standard disk formats. Padgett has worked very diligently over the years and the more recent versions will even work with such oddities as dedicated Novell network servers and Windows 32BitDiskAccess. The program even has the option of moving the TSR portion to avoid conflicts. The author warns against using DISKSECURE with QEMM in stealth mode. Company Stability Padgett is an unstable personality, and should be avoided when driving "The Judge." Company Support Padgett is well known as a contributor to VIRUS-L/comp.virus and is also a member of the GEnie "Virus and Security RoundTable". Documentation The documentation is quite clear to anyone familiar with MS-DOS operations. Occasionally certain points may not be clear to novice users (for example, the fact that "removal" of DISKSECURE is done via the DSRPART program.) Hardware Requirements None specified, but a hard disk and at least one floppy disk (which can be used to boot from) would appear to be minimum requirements. Performance The program is able to detect all known boot sector infectors, even some recent ones that use new stealth methods and little known interrupt hooking. Most infections can be removed by the program automatically. Boot infectors which modify the MBR can be removed through the use of the recovery information stored by the program upon installation. The program indulges in some "stealth" technology of its own: the partition boot record appears unchanged after installation. Local Support Padgett is available via the Internet and GEnie. Support Requirements DISKSECURE is simple enough for a novice user to run, and should provide significant protection with minimal risk. Recovery is quick and easy, as long as the user remembers the importance of DSPART.COM. Intermediate users should note the difficulties in running system optimizing software. General Notes This program should be a part of the DOS operating system. It has, in fact, been offered to three manufacturers of DOS: all three have rejected the opportunity. DISKSECURE was originally shareware. Very few people registered the porgram. In spite of this, Padgett has continued to improve the program and has now released it as freeware for non-commercial use. This is very much to his credit, and not particularly to the credit of the shareware using community. I definitely recommend that all MS-DOS users get and use this program, and that companies license its use. copyright Robert M. Slade, 1991, 1994 PCDSKSEC.RVW 940207 ====================== roberts@decus.ca rslade@vcn.bc.ca slade@freenet.victoria.bc.ca link to virus, book info at http://www.freenet.victoria.bc.ca/techrev/rms.html Author "Robert Slade's Guide to Computer Viruses" 0-387-94663-2 (800-SPRINGER)