anybody used this yet? i was wondering how u liked it and if u experienced any system slowdowns or other problems, aswell as the resource usage?

bump?

REVIEW (http://www.pcmag.com/article2/0,1759,2186621,00.asp)

The first sentence: ZoneLabs effectively invented the personal firewall as a software category.

I wonder where they find those writers.

{QUOTE-> anybody used this yet? i was wondering how u liked it and if u experienced any system slowdowns or other problems, aswell as the resource usage? <-QUOTE}

I used one of the betas a while back on XP. I liked it, but it only supports IE and Firefox and I prefer to use Opera and others. Hopefully more browsers will be supported as the product matures.

Of the sandbox software I've tried I like SafeSpace the best. It supports all browsers AFAIK and it's easy to understand and use.

{QUOTE-> anybody used this yet? i was wondering how u liked it and if u experienced any system slowdowns or other problems, aswell as the resource usage? <-QUOTE}

Running the latest version on VISTA and XP (with IE7)
No visible slowdown in browsing, slight slowdown in opening new tabs or javascript pop-ups window in VISTA.

I see one process in task manager: around 19MB

So far so good...

Cheers,
Fax

It would not work on my laptop that is running Vista Business. Worked fine on my desktop PC (XP Home). It slowed my browsing considerably so I have removed it.

{QUOTE-> It would not work on my laptop that is running Vista Business. Worked fine on my desktop PC (XP Home). It slowed my browsing considerably so I have removed it. <-QUOTE}

Yes, earlier version would simply crash on my VISTA business, latest version (193) didn't crash yet....
Well, its a beta don't expect a perfect software :)

Fax

Well, I couldn´t even make this thing work on my VM, I have never looked back since. The question which comes to mind is, do you guys think it´s better than Sandboxie and SafeSpace, to name a few? And yes, I know that ZAFF offers phishing and keylogging protection.

{QUOTE-> No visible slowdown in browsing, slight slowdown in opening new tabs or javascript pop-ups window in VISTA. <-QUOTE}

What about browser loading (startup) time?

{QUOTE-> What about browser loading (startup) time? <-QUOTE}

May be 1 second more than without it ? Difficult to say...

Tried Sandboxie sometime ago but rendered my system unstable and crashed few times. Sandboxie is covering more than the broswer, ForceField is just protecting the browsing... the latter is more near to my needs... i.e. a strong protection while suring the web.

Never tried SafeSpace... so don't know about advantages/disadvantages.

I did try Greenborder (when still alive) but it was slowing down the system.

Cheers,
Fax

I think I read on the beta program site that it works with Vista but it *deactivates IE Protected Mode browsing*! Hmmm, so it deactivates the native sandboxing that Vista supports at the OS level, just to replace it with a less-integrated (but perhaps feature-superior) sandbox?

I wouldn't go for that, especially while it's a Beta.

{QUOTE-> I think I read on the beta program site that it works with Vista but it *deactivates IE Protected Mode browsing*! Hmmm, so it deactivates the native sandboxing that Vista supports at the OS level, just to replace it with a less-integrated (but perhaps feature-superior) sandbox?

I wouldn't go for that, especially while it's a Beta. <-QUOTE}

Hi!
you have, as for other tools, a superior level of protection... as compared to default VISTA sandboxing.

The all point of installing such tools is to have something more than the EI7 Protecting Mode.
Otherwise there is no point of even take into consideration such tools... ;D

http://download.zonealarm.com/bin/free/information/forcefield/releaseHistory.html

Cheers,
Fax

I would say SafeSpace is more configurable and provides better protection.:thumb:

{QUOTE-> Hi!
you have, as for other tools, a superior level of protection... as compared to default VISTA sandboxing.

The all point of installing such tools is to have something more than the EI7 Protecting Mode.
Otherwise there is no point of even take into consideration such tools... ;D

Cheers,
Fax <-QUOTE}

Fair enough, but here's a question.

Would it be sensible/possible to make a sandboxing-type security product that *uses* and *builds on* Vista's built-in Integrity Levels / Mandatory Access Control / Virtualization mechanism? From what I've seen in Invisible Things and others, MS has provided a very powerful mechanism which is only minimally utilized in the default configuration of Vista. For example there's a tool with which you can set the properties of a folder like My Documents to disallow even *reading* by Low Integrity (sandboxed) processes.

It seems preferable to me to use the methods that MS has built into the OS (if possible), rather than starting from scratch.

{QUOTE-> It seems preferable to me to use the methods that MS has built into the OS (if possible), rather than starting from scratch. <-QUOTE}

Yep, it would be nice unless vulnerability of the OS would also compromise the system including the third party protection... then I would prefer an independent tool rather than an integrated tool.

Not sure it is technically possible... do you know any tool that does this?

Cheers,
Fax

{QUOTE->
Not sure it is technically possible... do you know any tool that does this?
Fax <-QUOTE}

I don't know whether any tool does this -- I was hoping you or someone else reading this thread would know. I haven't seen any "vista-only" sandboxing security products mentioned, but I haven't done an exhaustive search.

I suspect that nobody would come out with such a product until almost all users are on Vista. Except I wouldn't be at all surprised if MS themselves comes out with some recommended alternative configurations or tools for managing them, in ways that make the sandboxing more effective, like restricting read access and being able to roll back all the virtualized changes.

To me the important thing with a sandbox is to make sure you don't do anything sensitive within it. If you (inadvertently) do online banking inside the same sandbox as unknown sites, then it is not secure. See http://www.wilderssecurity.com/showpost.php?p=1153584&postcount=1

{QUOTE-> To me the important thing with a sandbox is to make sure you don't do anything sensitive within it. If you (inadvertently) do online banking inside the same sandbox as unknown sites, then it is not secure. See http://www.wilderssecurity.com/showpost.php?p=1153584&postcount=1 <-QUOTE}

Hi!
as far as I understand ForceField should also cover the issue above, apart from running isolated from your system it will encrypts all temporary files/data within your browser, this data cannot be read.

"...Temp file encryption encrypts the temporary files that are automatically created on your PC as they type information on the Web, so you cannot be compromised by spyware on your PCs."

Cheers,
Fax

{QUOTE-> ...
"...Temp file encryption encrypts the temporary files that are automatically created on your PC as they type information on the Web, so you cannot be compromised by spyware on your PCs."

Cheers,
Fax <-QUOTE}

I meant it should keep you from entering sensitive information within the sandbox at all, not just temp files. For example if you try to enter a 9-digit number (could be US SS#) or an 8-digit number (could be bank account), or certain specified passwords, it should intercept it and ask if you really want to enter this within the sandbox (which may be compromised). This may remind you to do your sensitive transaction outside of the sandbox.

{QUOTE-> I meant it should keep you from entering sensitive information within the sandbox at all, not just temp files. For example if you try to enter a 9-digit number (could be US SS#) or an 8-digit number (could be bank account), or certain specified passwords, it should intercept it and ask if you really want to enter this within the sandbox (which may be compromised). This may remind you to do your sensitive transaction outside of the sandbox. <-QUOTE}

Ah... well, if the sandbox is compromised I would not even make my transaction outside the sandbox... we cannot exclude to be also compromised.

I think we need to distinguish between sandboxing emulating systems and sandboxing only covering browsers. Your issue of compromised sandboxing seems to me to fit better with system sandboxing where malware can execute also outside the browser domain. Something note easily possible with sandboxing within browser unless specifically allowed.

I see your issue of intercepting more related to the capacity of the security tool to scramble screen and jam keylogging. So, even if the sandbox is compromised, malware would not be able to intercept keys.

I think you are turning around a general problem, no tool is 100% security proof. So, whatever approach (integrated or not integrated) may fail if targeted by malware. This is not a discussion related to ZA ForceField but to any security tool.

Cheers,
Fax
EDIT: spelling mistakes

{QUOTE-> I think I read on the beta program site that it works with Vista but it *deactivates IE Protected Mode browsing*! Hmmm, so it deactivates the native sandboxing that Vista supports at the OS level, just to replace it with a less-integrated (but perhaps feature-superior) sandbox?

I wouldn't go for that, especially while it's a Beta. <-QUOTE}

Looks like the latest beta (1.0.217.0) works with Protected Mode: ON ;D

Fax

http://www.pcmag.com/article2/0,1759,2186621,00.asp
The guys put a price for a beta? ??? ??? ???

I'm curious. Two different but slightly similar animals, ZA Forcefield and Returnil. Which one is the more secure?

{QUOTE-> I'm curious. Two different but slightly similar animals, ZA Forcefield and Returnil. Which one is the more secure? <-QUOTE}

To me they look really quite different... ZAForcefield is only focused on securing your browser experience by preventing your system and virtual system to be infected via the browser.

Returnil will not necessarily prevent the virtual sytem to be infected but will eliminate the consequences of been infected.

Both provide good protection but to me ZAforcefield seems easier to use especially for novice or standard PC users...

Cheers,
Fax

{QUOTE-> I'm curious. Two different but slightly similar animals, ZA Forcefield and Returnil. Which one is the more secure? <-QUOTE}
Neither, compared to a setup of ShadowDefender and Sandboxie. Works flawlessly.

But of the 2 you mentioned, no contest, Returnil.:thumb:

{QUOTE-> The first sentence: ZoneLabs effectively invented the personal firewall as a software category.

I wonder where they find those writers. <-QUOTE}
Lol, I wonder too, very bloated.

{QUOTE-> Neither, compared to a setup of ShadowDefender and Sandboxie. Works flawlessly.

But of the 2 you mentioned, no contest, Returnil.:thumb: <-QUOTE}

Hmm, so Returnil and Forcefield ought to be pretty good, if they work together. Or Returnil, and Sandboxie. Lord, here I go again. I thought I was over this crazed need to experiment nonsense. Thank Heaven for FD-ISR.

{QUOTE-> Lol, I wonder too, very bloated. <-QUOTE}

and if we are speaking about ...who invented the firewall.. here you have ;D

http://www.darkreading.com/document.asp?doc_id=143316&f_src=darkreading_informationweek

Fax

{QUOTE-> Hmm, so Returnil and Forcefield ought to be pretty good, if they work together. Or Returnil, and Sandboxie. Lord, here I go again. I thought I was over this crazed need to experiment nonsense. Thank Heaven for FD-ISR. <-QUOTE}
I would go Returnil and Sandboxie. But for me I am using Sandboxie and Shadow Defender and the 2 work great. My PC is on all the time so Sandboxie handles day to day protection, then every few dates I reboot to check for any changes and Shadow Defender handles the long term protection. My computer is as fast as it can get. Layered virtualization is the way to go.:thumb: ;)

I am trying out a combo of Returnil and Sandboxie and it is working ok for me so far.

hm, forcefield slows down the system extremely, it even manages that procmon reaches out of memory if you also use av and firewall+hip.

is this a good program to use with?

does comodo do the same? or is it quite unique and usefull to use?

{QUOTE-> Hmm, so Returnil and Forcefield ought to be pretty good, if they work together. Or Returnil, and Sandboxie. Lord, here I go again. I thought I was over this crazed need to experiment nonsense. Thank Heaven for FD-ISR. <-QUOTE}
You can't replace FDISR with Returnil, that would be a step back, I'm 100% sure about that.
Combining FDISR with Sandboxie OR Forcefield OR any other sandbox-software is something else.
In theory you have to try each sandbox software to evaluate the differences, but that is going to take alot of time along with alot of opinions and discussions. :)

{QUOTE-> I would go Returnil and Sandboxie. But for me I am using Sandboxie and Shadow Defender and the 2 work great. My PC is on all the time so Sandboxie handles day to day protection, then every few dates I reboot to check for any changes and Shadow Defender handles the long term protection. My computer is as fast as it can get. Layered virtualization is the way to go.:thumb: ;) <-QUOTE}

Why the GeSWall avitar?

own it so using it.;)

plus kees, Brian is a good man. Added Vista Mail as I asked. Would use this or SafeSpace over the topic of this thread in a heartbeat.

{QUOTE-> own it so using it.;) <-QUOTE}

OKay, but . . .

A) Disk virtualisation sandbox
B) Application virtualisation sandbox
C) Policy Sandbox with virtualisation (redirect) option

Isn't it time to put on your shorts and try a real sandbox ;)

ok, what would you recomend.;)

{QUOTE-> ok, what would you recomend.;) <-QUOTE}

Any sandbox will do, but do not forget the sun block and a cool beer.

{QUOTE-> Any sandbox will do, but do not forget the sun block and a cool beer. <-QUOTE}
Never do, of course a real sandbox has cat poop in it.::)

That is why I have a baby kangeroo as a pet, they are real mean against cats