Avatar of Biggles1
Biggles1
Flag for United States of America asked on

An unusual situation.

I support a Resident Community which makes available to its residents (who don't own a PC of their own) 3 PC's (Win10 Pro) installed in a "common area".

Someone bent on playing pranks has been corrupting the computers by deleting programs and/or "resetting" the computers to factory settings, forcing a re installation of the OS and the programs (Word, Excel, etc....)

I have resorted to a program called "Deep Freeze"  which returns a computer to the state it was in at Log In, regardless what was done.  The program is password protected.

Somehow "someone" has gotten around the program and continues to perform their mischief,

Question:  Has anyone encountered a similar situation and found a remedy?  Please help!

Thanks,

Biggles
Installation* logSecurity

Avatar of undefined
Last Comment
Biggles1

8/22/2022 - Mon
John

Have I seen this?  No.

Can you put a much stronger password on Deep Freeze?   Would that stop the attacker from breaking Deep Freeze?
John

Also, I assume the residents are Standard Users (not Admin). Please make sure of that.
David Favor

What John said.

If you correctly set capabilities of users, they'll be unable to change anything.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
masnrock

I have resorted to a program called "Deep Freeze"  which returns a computer to the state it was in at Log In, regardless what was done.  The program is password protected.

Somehow "someone" has gotten around the program and continues to perform their mischief,
Now I have to ask some questions:
1) How strong is the password for Deep Freeze?
2) What sort of rights are on the account that the users have access to?
3) How strong is the password of the administrator account on the machine?
4) Did you lockdown the BIOS (they may very well be using a bootable device to tinker with the administrator account)
5) Have you considered utilizing Kiosk Mode for those machines?
Vadim Rapp

Surveillance camera might help.
McKnife

Please read about the limitations of Deepfreeze and tell me if those could apply to your setup: https://en.wikipedia.org/wiki/Deep_Freeze_(software)
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Biggles1

ASKER
From masnrock:

Now I have to ask some questions:
1) How strong is the password for Deep Freeze?
Answer: 9 Characters mix of letters and numbers (all lower case)
2) What sort of rights are on the account that the users have access to?
Answer:  User
3) How strong is the password of the administrator account on the machine?
Answer: 10 Characters mix of letters and numbers (all lower case) one special character
4) Did you lockdown the BIOS (they may very well be using a bootable device to tinker with the administrator account)
Answer:  No.  But I should try that!
5) Have you considered utilizing Kiosk Mode for those machines?
Answer:  No!  Excellent Idea!!!!  How do you do that?
John

Deep freeze: Try a password with upper, lower characters, a special character, and a number.

User is fine so they are not administrators.

Admin password: same advice as Deep freeze password.

Make sure you are using UEFI with Secure Boot ON.  That prevents others from starting the machine.
McKnife

Please respond to all suggestions so we have a clear picture.
As for kiosk mode: question is, what you want to do with that machine. A secure setup that no one can temper with needs modern apps (like the edge browser) in order to use windows' assigned access feature.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Biggles1

ASKER
I researched Kiosk mode and I have de3cided against it.

Next I will try locking down the BIOS.  For that I have to go onsite.  I will inform you all when I do that.
John

Kiosk mode is not really helpful to residents in a community. Please keep up posted.
David Favor

You asked, "Question:  Has anyone encountered a similar situation and found a remedy?"

John answered, "Ensure all residents are Standard Users (not Admin)."

So... you can use John's simple solution + problem is solved instantly.

Or you can use a complex/expensive/time-consuming solution like DeepFreeze... or many other equally complex/expensive/time-consuming solutions.

Standard users can't change admin level files.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Biggles1

ASKER
I researched Kiosk mode and I have de3cided against it.

I have tried  locking down the BIOS, its been 48 Hours.  I also changed the password (Login as well as Bios) to something really complicated.  In thew Bios I disabled the DVD/CD so no one will be able to use a "Password breaking" software which boots from a DVD.

So Far so good.

I will keep you all informed in a couple days.
ASKER CERTIFIED SOLUTION
McKnife

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Biggles1

ASKER
I also disabled booting from a USB.

Thanks everyone.  I guess this question is now closed.