Disabling VSS in Vista

[HAL]

I see Volume Shadow copy Service (VSS) is enabled at Vista user profiles.

I would like to know how this is configured, as it seem only active at
C:\Users and I do not seem to be able to configure it (e.g. turn it off).

 

[Rock]

I see Volume Shadow copy Service (VSS) is enabled at Vista user profiles.

I would like to know how this is configured, as it seem only active at
C:\Users and I do not seem to be able to configure it (e.g. turn it off).

I'm not sure what you mean that it seems only active at C:\Users. It is
involved in the creation of System Restore points, shadow copies of files,
and backups. As a service it's in the services console.

 

[Rock]

I see Volume Shadow copy Service (VSS) is enabled at Vista user profiles.

I would like to know how this is configured, as it seem only active at
C:\Users and I do not seem to be able to configure it (e.g. turn it off).

Some aspects of VSS can be managed through the command line tool vssadmin.
Do vssadmin /? for info on the options.

 

[HAL]

I'm not sure what you mean that it seems only active at C:\Users. It is
involved in the creation of System Restore points, shadow copies of
files, and backups. As a service it's in the services console.

So, it's actually important to have VSS active? So if I want to turn it
off, it's actually better to just set the c:\ maxsize to 1mb?

 

[Rock]

So, it's actually important to have VSS active? So if I want to turn it
off, it's actually better to just set the c:\ maxsize to 1mb?

I don't know all the effects from turning it off, beyond no system restore
points, no volume shadow copies and no backups. Why don't you want it?

 

[HAL]

I don't know all the effects from turning it off, beyond no system
restore points, no volume shadow copies and no backups. Why don't you
want it?

I don't like the security issues. People may have documents stored on
their laptops and if it gets stolen, thieves may recover important
documents. I do not fancy the full laptop encryption either, since it's
new and not widely in use yet.

 

[Rock]

I don't like the security issues. People may have documents stored on
their laptops and if it gets stolen, thieves may recover important
documents. I do not fancy the full laptop encryption either, since it's
new and not widely in use yet.

I don't understand your reasoning. If the laptop is stolen, then they have
the data, so why does the presence of shadow copies and backups make it any
worse? It seems like your removing some useful features with little to be
gained by it.

 

[Robert Moir]

I don't like the security issues. People may have documents stored on
their laptops and if it gets stolen, thieves may recover important
documents. I do not fancy the full laptop encryption either, since it's
new and not widely in use yet.

VSS uses NTFS permissions from the area of the filesystem being
shadowed to control who has access to what.

If they can access the volume shadow storage of files then they can
also access the originals because they'll be logged on as the
appropriate user or an admin anyway, so disabling VSS won't buy you
much in this regard.

It's a security issue only if you regard it as a security issue that
once someone has stolen your car they can listen to whatever CD you
have in the player. Fair point, quite true, but I personally would be
worried more about the actual car.

 

[HAL]

I don't understand your reasoning. If the laptop is stolen, then they
have the data, so why does the presence of shadow copies and backups
make it any worse? It seems like your removing some useful features
with little to be gained by it.

Because a lot of programs cache local copies of files.

 

[HAL]

VSS uses NTFS permissions from the area of the filesystem being shadowed
to control who has access to what.

If they can access the volume shadow storage of files then they can also
access the originals because they'll be logged on as the appropriate
user or an admin anyway, so disabling VSS won't buy you much in this
regard.

It's a security issue only if you regard it as a security issue that
once someone has stolen your car they can listen to whatever CD you have
in the player. Fair point, quite true, but I personally would be worried
more about the actual car.

I'm not sure how SAM data exist on Vista, but I'm sure it's possible to
brute-force any credentials like on XP.