Print
One of the biggest challenges Maximum PC readers often face is the never ending battle we endure when it comes to restoring the PC’s of family and friends. We often find ourselves bombarded with machines that may have once been configured by us, but have become infected or modified beyond recognition. The good news is that Microsoft finally has a solution and it comes in the form of a free add on for Windows XP and Vista which promises to restore sanity to your world.
Windows Steady State goes far beyond a simple group policy editor. It gives users the protection and peace of mind that until now could only be matched by a virtual machine. Simply put, Windows Steady State gives you nearly unlimited control over what can and cannot be done on a protected PC. With the ability to flush unwanted changes with each reboot every new session can be as fresh and snappy as the day you first installed the OS.
The obvious application for Steady State is anyone who maintains a large fleet of public computers, but I would argue that it works just as well for anyone who maintains a troublesome household computer with friends or family who just can’t resist opening email attachments. Steady State gives administrators full control over how users access the internet, how they import and export data, and even what programs they can use. Interested in learning how to master this amazing new utility? Read on to learn how to configure Steady State for your application.
What you'll Need:
A PC With Windows XP (Any 32 Bit Edition) or Windows Vista (Any 32 Bit Edition) The Operating System Must be Installed on an NTFS partition.
4 GB of Free Disk Space
30 Minutes
First things first, you will need to point your browser over to Microsoft and download your free copy of Windows Steady State. For those of you using Firefox (which I’m guessing is most of our readers), you may want to consider using Internet Explorer for this step. Microsoft will validate your copy of Windows to ensure it is genuine both before downloading and again during installation. Internet Explorer makes this first step easier since a one click ActiveX control makes the process pretty transparent. You can use Firefox, Safari, or just about anything else you can think of, but you’ll just have to jump through a few extra hoops in order to validate.
Once you have downloaded the installer go ahead and launch it when you’re ready. The installer doesn’t offer any installation options to configure, so we won’t bother walking you through the process of clicking next. I would however caution you to go slow and watch for the option to opt out of the Live Tool bar if you don’t want it.
Double click the Windows Steady State Icon on your desktop (shown here) which will launch the application into the main menu screen shown above. Once the interface is up and running click the Protect The Hard Disk option which is circled in red on our screen shot.
**WARNING**
Protecting the hard disk has known (but undocumented) issues with whole drive encryption technologies such as True Crypt. Users with encrypted drives should not use this feature and should skip ahead to step 3.
Even though this step is listed as optional, protecting the hard disk is one the most powerful features in Windows Steady State. When enabled disk protection earmarks a chunk of your free disk space (50% by default) and forms a cache where modified files will be stored during a users session. To be clear, Steady State isn’t creating an image of your hard drive, it simply quarantines any files that are modified during a user’s session to the cache.
When the operating system needs to read a file from the hard drive it first checks the cache to see if a modified version already exists, and if not, retrieves it from the protected section. Since the cache only contains modified copies of the protected files, when the machine is rebooted the cache is easily dumped and your computer will once again rebuild it as changes are made. This protection applies to the entire windows partition and cannot be customized to exclude individual folders. If you require persistent storage, data will need to be stored on a separate drive or partition.
Separate partitions are ignored by steady state and can be interacted with normally. If you find yourself wishing you’d had the foresight to create a separate partition on the machine in question, but don’t want to reformat and start over have no fear. We have a how to guide for that too. If you choose not to use the disk protection feature that is of course your choice. But if you’re serious about protecting the PC from users who don’t need to install new software very often it’s the safest bet. If you choose not to use disk protection, the privileges you grant your users in later steps will need to be much more draconian in order to compensate for this feature not being active. With hard disk protection enabled any mischief a user gets himself into will be wiped clean with every reboot.
Comments are closed on this article
dnepr
September 30, 2010 at 5:45am
Anybody know? When will release the Steady State for Windows 7? Днепропетровский форум
zippzom
April 24, 2009 at 8:17pm
Maybe this is stupid, but does it wipe files as well, or just programs?
Mathewpb
September 25, 2008 at 5:54pm
way to include the whole 64bit crowd...good job. there a lot of people who have the 64bit version of vista....and bought it...unlike windows xp pro x64 which was pirated.
Justin.Kerr
September 13, 2008 at 8:09pm
Steady State will lock your system in whatever state it's in when you install the application. It unfortunatly can't roll back the clock.
russ2650
September 04, 2008 at 8:59am
I've been using this on my own personal computer for years now. During my first install it was called the Microsoft Shared Computer Toolkit. The only reason I use it is for Disk Protection. An extra partition is the best way to keep your downloads (movies, music, etc), and you can also test drive the applications you want to install before commiting them to your hard drive. Good post!
Don't forget there are separate versions for XP and Vista
downster
September 28, 2008 at 12:16pm
Windows steady state is ok if you're on a tight budget. I dont like the 50% allocation it uses up too, but I would look at Faronics Deep Freeze and Fortress grands clean slate which are $ but superior alternatives.
Pyrophorics
September 04, 2008 at 7:25am
Take it this doesn't work for Vista 64bit? My whole network is 64bit.
ElectricJazz
September 04, 2008 at 11:49am
Unfortunetly is does not support 64bit. http://download.microsoft.com/download/f/c/6/fc6955de-0765-46fc-b2a9-47b4d4bcd160/SteadyState_2.5_Technical%20FAQ_updated.pdf
___________________________________________________________________________________
Maybe you gots ta do something for me, I gots needs too you know. - The Spirit of Jazz.
dentaku
September 04, 2008 at 4:50am
I'm going to try this out on my XP installation i use for testing stuff out. I know it will come in handy some day.
I have worked on public computers before but doing something like this was too much of a hassle. It's never caused too much trouble lately to just leave the system unprotected (I just have to uninstall any extra junk that gets installed once in a while) but in the past it was annoying how people would just fill the machines with useless junk not knowing how much damage they where doing to someone else's computer.
b3rn4rd
September 04, 2008 at 6:26am
I've been using windows Steady State on pc's connected to workgroups since 2 months for public users who mess around with the OS configuration and this has limited their privileges. It's worth it.
