Sandbox programs

[YoKenny]

I do not find a slowdown with what I run and thats no Warm,greenish, excreta from a male bovine!!

But I did find a slowdown with Sanboxie and that's no Warm,greenish, excreta from a male bovine!!

Why would I pay for Sandboxi when I find it provides me no additional protection from what I have and that's no Warm,greenish, excreta from a male bovine!!
 

[normishmael]

Yo Kenny:
"Why would I pay for Sandboxi when I find it provides me no additional protection from what I have and that's no Warm,greenish, excreta from a male bovine!!"

In that case there is no reason at all for to pay,or even use the free edition.

The fact you PERCEIVE no additional protection remains Bull Shit.

[Roflmeister]

Okay time out you two, respect one anothers opinions. If Kenny feels that sandboxie doesnt quite cut it for him then thats HIS opinion, i myself honestly don't feel it's neccesary but hey i guess thats MY opinion. As long as you feel safe on your PC thats all that matters

[normishmael]

Okay time out you two, respect one anothers opinions. If Kenny feels that sandboxie doesnt quite cut it for him then thats HIS opinion, i myself honestly don't feel it's neccesary but hey i guess thats MY opinion. As long as you feel safe on your PC thats all that matters

I for one,will bow to the voice of reason and diplomacy.
I will not concede my point.

[Hard_ROCKER]

Arguing with fanboys is like banging your head against the wall. In both cases you will only get a headache.

[normishmael]

Yes so true.
You would not happen to be "fan" of any of the programs you use,
would you?

[normishmael]

David R said:

"Personally I have never found the need for a sandbox because I have a robust backup and recovery strategy."

Which is to predispose failure on the part of your security products or grievous user error/hardware failure,the last two not being security issues.

In that that case,I would ask,why do you feel a need for a real time Anti-Virus?

I use Sandboxie and Returnil Premium with a host of on-demands.,My "Backup Strategy" is my "My Documents" folder 7-Zipped, and burnt to DVD-R,and my Windows XP Pro disk.
Hardly robust,but I have never had to use it.

Yes, you can mis-configure a sandbox,and remove a measure of its protection.
You can do the same with Avast!,or any program that allows user configuration.

As far as infections,via downloaded files,it is a simple matter to force either
the download folder,or Windows Explorer in Sandboxie,and submit the downloaded files to the blacklister of your choice,from within a sandboxed environment.

The default Sandboxie setting are a high degree of protection,a higher degree can be obtained by limiting start-run/Internet access,using the "drop my rights" option etc.

Sandboxie is in some respects like a limited user account,one can can of course choose not to use it,for any number of reasons,you cant say it adds no security.

[Alan Baxter]

Sandboxie is in some respects like a limited user account,one can can of course choose not to use it,for any number of reasons,you cant say it adds no security.

Well, one can say it adds no security, but it would still be incorrect and misleading.  I'm glad you stood your ground on that point, normishmael.  I didn't know about Sandboxie until a few months ago, but added it to my security arsenal once I understood how effective it is in protecting my system from 0-day attacks.  It's functionality is orthogonal to Avast, i.e. they complement each other.  Obviously, at least a couple of users don't think it's worth the trouble for them, and I'm grateful when they share their experience with the program or explain why they feel they're secure enough without it.  I used the Internet heavily with a Windows machine for twenty years without an AV and I never had a problem, but I still finally decided to add Avast to my defenses.

It's apparent from the Sandboxie forums that some new users don't appreciate this caveat raised earlier.  It's important enough to bear repeating.

Another thing to be mindful of when using Sandboxie -- While sandboxed applications cannot write to the filesystem, the sandboxed applications can READ from the filesystem. Don't think you can play close to fire with this, you could still obtain a malware that might grab stored data and send it out your internet connection.

The default Sandboxie settings don't prohibit this.  This is where a firewall that controls outbound connection attempts comes in handy, that and the configuration tweaks normishmael enumerated.

Sandboxie doesn't protect us from the more sophisticated Web 2.0 attacks, but then again neither does Avast or most of the other tools.  It's an arms race.
http://hackademix.net/2008/01/12/malware-20-is-now/

[Bellzemos]

What about DefenseWall HIPS, is anyone using this? Or at least tried? Any comments?

[FreewheelinFrank]

A good browser is its own sandbox.

[Lisandro]

Just to report a very bad experience.
Installing Virtual Sandbox™ 1.0 http://www.fortresgrand.com/products/free/vsb_free.htm on a Vista 32bits give me two BSODS.
Boot in Safe Mode. Can't uninstall!
The only solution was System Restore to a previous state before installing it. Then manual deleting the folder...
Don't know if drivers or other system files was left behind... but, at least, I can boot.

Waiting for avast Sandbox into avast Internet Suite.

[Hard_ROCKER]

The way i see it, most of the risks Sandboxie protects you from, you are already protected from if you have Vista/7. Correct me if i'm wrong but i was under the impression that by default on Vista and 7 IE runs in protected mode which is kind of a sandbox is it not ? We have UAC(obviously i have this on) and on 64 bit versions there is the benefit of PatchGuard which basically makes those kernel rootkits useless and there is hardware DEP(i have it enabled for all programs) which by my understanding protects from buffer overflow attacks. Why would i want a sandbox program on my Win 7 64 bit install and also does such a program even exist for 64 bit Vista/7(Sandboxie doesn't do 64 bit) ??