Which is better Sandboxie free or Returnil personal edition???




This post and some of the following responses were removed from this thread (http://www.wilderssecurity.com/showthread.php?t=211707) as they were better suited for a thread of their own instead of taking the Question about Sandboxie! thread further off topic....Bubba~

{QUOTE-> Which is better Sandboxie free or Returnil personal edition??? <-QUOTE}
There are horses for different courses and both Returnil and Sandboxie excel in their intended purpose.

I use both. ;D

How are they different???

{QUOTE-> How are they different??? <-QUOTE}

I believe the main difference in simplest terms is that Sandboxie protects internet-facing apps and Returnil protects the entire drive/system. I use both also, although I'm not sure whether to empty out the sandbox or not seeing as how I reboot and put my system right back where I found it after a Returnil session, lol.

As mentioned earlier, Sandboxie can be configured not only so that it can configure, say only your browser to run in the sandbox, it can be configured so it's the only program that runs in the sandbox. You can also have sandboxie block access to certain folders and files by programs running in the sandbox (useful so sensitive information or files can't be accessed and say mailed out through your browser). I have it set to do all of this, as well as delete contents on browser exit, so everything gets erased.

Sandboxie is virtualization for a specific program, isolating it from the rest of the system.

Returnil is system virtualization, meaning it protects your system partition against changes. Meaning you enable it and then you can make any changes, install programs, etc, and when you reboot they're all gone. Returning your PC back to the state it was before.

So whats the diff betweeen Return premium and free edition???

Ok I installed Returnil. I have Z chosen as my virtual partition. If I go to use my Virtual Partition how can I go back to my C drive???

{QUOTE-> Ok I installed Returnil. I have Z chosen as my virtual partition. If I go to use my Virtual Partition how can I go back to my C drive??? <-QUOTE}

Cheater

You need to read the documentation. Every question you've asked has already been answered on the forums, and in the documentation.

{QUOTE-> Which is better Sandboxie free or Returnil personal edition???
<-QUOTE}
Both... it's better to use Sandboxie and it's better to use Returnil.

Cheers

{QUOTE-> Both... it's better to use Sandboxie and it's better to use Returnil.

Cheers <-QUOTE}

Returnil fit better for system wide protection (against user errors,yeah ultimately anything causing problems is triggered by user ;D ).
Returnil is useless if only used, against the phoning home thingy.
With Sandboxie you have control(in/out) to a degree of your understanding to configure it optimal.
But then first priority is a malware clean system,if otherwise Returnil and Sandboxie are useless.

Hi,

you know every category of security software has to start with Anti. ::)
Therefore I would say Sandboxie and Returnil are both from the Anti-Alteration category.

Both are able to protect your system from constant and systemwide alteration, but of course with different techniques and intended purpose.

Cheers

{QUOTE-> Hi,

you know every category of security software has to start with Anti. ::)
Therefore I would say Sandboxie and Returnil are both from the Anti-Alteration category.

Both are able to protect your system from constant and systemwide alteration, but of course with different techniques and intended purpose.

Cheers <-QUOTE}

With SBIE,just try to delete(user error) system 32 folder or a bunch of dll's in there,i guess you know what happen.
With returnil on try the same thing,no problem just a reboot and your back. ;)

{QUOTE-> With SBIE,just try to delete(user error) system 32 folder or a bunch of dll's in there,i guess you know what happen.
With returnil on try the same thing,no problem just a reboot and your back. ;) <-QUOTE}

Did you try with a Sandboxed copy of explorer??

Returnil is an Immediate System Recovery software to restore your system partition [C:] completely by using virtualization.
To put it very extreme and theoretical : if you don't care about malware at all, you only need Returnil without any security software to restore your system and get rid of any threat, including the damage it caused.
An extreme test would be a honeypot, full of malware and you only have to reboot to get your healthy system back. I'm surprised that nobody tested this already, they rather prefer traditional Miss AntiVirus contests than using their imagination and do something else for a change.
Such a test would also prove how good Returnil really is and make it stronger in case of failure.
However, if Returnil wouldn't fail, it would be a good advertising stunt, even more sensational than removing one single malware Rustock.C.

Of course, no user is going to use Returnil only, because
1. he doesn't want to reboot all the time due to damages caused by malware in his system.
2. he has DATA on his computer that needs to be protected : no infections, no destruction, no stealing, ...
This means that users need security softwares to protect their system and data IMMEDIATELY.

Sandboxie can be one of these security softwares.
Sandboxie doesn't recognize malware, but the user can put "any" (not all of course) installed application in a sandbox. In other words he creates a wall around the application and everything what happens inside that application is ISOLATED from the rest of the system.
Of course it's upto the user to decide in the sandbox, what to keep and what not to keep (to be or not to be) and that is THE main problem in Sandboxie : the human factor, but that is common for all security softwares.
If the user wouldn't exist, Sandboxie would be perfect. ;)

{QUOTE-> Did you try with a Sandboxed copy of explorer?? <-QUOTE}

Yes should survive,no doubt.But i mean just as Erik abundently explains to recover from possible malware with Returnil,its also a neat protection against user initiated system corruption. And here Sandboxie is limited to what is Sandboxed and was never meant to protect system wide included user error.

As a side note,If Returnil is meant to be used by the masses,the current build should sufficient. Save changes at reboot looks nice then but is also dangerous and for a great part defeat the purpose of ISR's in general.

{QUOTE->
As a side note,If Returnil is meant to be used by the masses,the current build should sufficient. Save changes at reboot looks nice then but is also dangerous and for a great part defeat the purpose of ISR's in general. <-QUOTE}
Yes, once you freeze the devil inside your system, you are infected forever, until a scanner finds it or you restore a clean image.

On the other hand this is common for ALL security and recovery solutions : in the end the USER is the weakest link.
If you backup and restore an infected system, you also have a problem.
NEW objects on your system will ALWAYS be a RISK. I'm thinking about that too to minimize that risk to the absolute minimum.

{QUOTE-> With SBIE,just try to delete(user error) system 32 folder or a bunch of dll's in there,i guess you know what happen.
With returnil on try the same thing,no problem just a reboot and your back. ;) <-QUOTE}
You know, that's why I said intended purpose.
If you use SBIE for your browser, you can protect your system from constant and systemwide alteration very well.
No drive-by download to your real system32 directory etc.

But of course, you can do similar things with Returnil and your locked partition.
I use both and both are hugely useful in my opinion.

Cheers

{QUOTE->
But of course, you can do similar things with Returnil and your locked partition.
I use both and both are hugely useful in my opinion.
<-QUOTE}
You can do similar things with Returnil indeed, but it's not the same protection.
1. Sandboxie isolates the malware and makes it harmless immediately (= security).
2. Returnil without Sandboxie let the malware install itself and do its evil job. Returnil will remove the malware indeed during reboot, but way too late.
In other words Returnil without Sandboxie = no protection, just good removal (= recovery, not security).

{QUOTE-> You know, that's why I said intended purpose.
If you use SBIE for your browser, you can protect your system from constant and systemwide alteration very well.
No drive-by download to your real system32 directory etc.

But of course, you can do similar things with Returnil and your locked partition.
I use both and both are hugely useful in my opinion.

Cheers <-QUOTE}

Will you read again my previous post please,i will advise you to learn more about the differences and intended purposes of these app.

I you willfully destroy Windows by screwing it up,can't boot,BSOD,how will SBIE save you ? :)