Interesting app from Mircrosoft - http//
Not had a chane to test as yet but two things sping to mind; what artefacts (if any) are left over once the shared user area has been "wiped" and secondly could this provide a free sandbox solution for analysts to see how dodgy apps, malware (and those damn Trojans!) behave?
Interesting, reminds me a good bit of "DeepFreeze"…
http//
Regards,
That's quite interesting -)
There are a few things that jump out
It uses a cache file that gets deleted -> I would guess that this would be the major artifact to look for, and, if it isn't deleted properly would contain quite a lot of useful data I would think, all in one place.
It is possible to set user to have persistent sessions in spite of the reboots, by moving their personal data caches to another partition - so the normal IE Cache etc, are still going to be available in those cases.
Not sure how good it is as a sandbox in comparison to VM Ware etc., I suspect that malware wouldn't run very well as the files it would want to change would have access restricted/redirected … It would certainly screw up the normal digital footprints, although the actual _behaviour_ might be the same …
I note thought that it has time restrictions for accounts and other things, that certainly makes me want to give it a try at home !
Nice find -)