"Virtual drive technology"

"Virtual drive technology" is just an expression to nominate solutions like Deep Freeze, Drive Vaccine, ShadowUser etc.
But it seems that the pro version can use virtual zones.Pro version of which above? I specifically asked DF this, and they replied that unlike ShadowUser, DF does not use a virtual zone.

As i said and i repeat it again: even with DeepFreeze, you're still vulnerable during a session.

Now ok, you've added PG to your set up:

The kid's mother is banking and doing shopping online.

With web application attacks, any data stored in the browser can be intercepted, modified and stolen on the fly and in real time (cookies, passwords, bookmarks). You'll have to be more specific about how this works. How is this data stolen?

1) Since I'm not using IE how does a web application attack know where cookies are stored?

2) on passwords: if not using IE, how would a web attack know where pw are stored? Anyway, the only 2 secure sites where I use a pw, verification is required, so the pw by itself is of no use.

3) No bookmarks here - I use a global history directory (Not IE so I doubt a web app attack could get to them) Anyway, of what value are someone's bookmarks?

Man in the Middle is an attack used in phishing:
the attacker has just to redirect the session to a fake https web site, and then no need to use a keylogger but just a sniffer to record any password.This is just silly. Anyone who doesn't keep a custom address list in their HTTPS firewall rule is negligent. There is no way here that my firewall will permit any surreptitious connection to another HTTPS site.

And with PG+DeepFreeze + AntiExe., you're still vulnerable to many attacks (see the image) like TCP hijacking, DNS arp cache poisoning, DOS/DDOS/DDORS, Buffer Overflows, java exploits and so on.OK, you've got me here - I tried enlarging your image but can't make it out.

I can speak to DNS cache poisoning - aka pharming - the customized HTTPS firewall rule takes care of port 443 attempts. Port 80 (regular browser surfing) can be monitored manually to check the IP address if something seems suspicious.

Java exploit is of no concern here, since it is disabled.

If some of the others you mention here work on scripts, with WSH disabled, that is some prevention.

If rootkits are not the ultimate malwares, DeepFreeze is not the ultimate defense: with or without DeepFreeze, there's NO 100% secure system in windows Home or Unix corporate environment.All Deep Freeze claims is that anything written to disk while in the frozen state is discarded. Anti-executable and anti-script programs prevent any trojans, etc, from running that happen to sneak in during the session.

And just remeber a simple theory:

1-A software is composed of piece of code,
2-but a piece of code can be broken;
3-DeepFreeze is a software,
4-then DeepFreeze can be broken.At present, the only possibility of breaking it is for someone to gain physical access to your computer and bypass your bios protection.

No doubt a clever person may find another way at some point... But if we used that as criteria for choosing a program, we would never dare choose anything!

Here's an exemple of set up to prevent Windows rootkits: (snip)Can't argue with this setup! If you can convince everyone to adopt a similar setup, cyberspace would be a safer place to visit!

You should send this setup to the author of the article ronjur listed at the top of this thread!

regards,