Wake up fellas!

My understanding of Sandboxie is that it takes everything downloaded from your browser (if you run the browser sandboxed) and puts it in a secure environment that can't access your system. It will do the same with your email if you run your mail client sandboxed. Then, when you delete the sandbox, all changes are gone. So any malware that may have made it on to your system will be gone when you flush the sandbox. This has nothing to do with Windows Settings, screensavers, wallpapers, etc.

So if you are looking for a way to protect your desktop from being altered, you are trying to use sandboxie for something it was not designed to do.

Why not just password protect your logon and log off of your PC when you are away from it? Simple, effective, free solution reequiring zero additional resources.

 

Thanks for the confirmation Mrk. I really like the speed of my system so slowing it down with too much "glue" isn't something I want.

 

Hopefully a few converts from this thread!

All AVs are sap sucking useless addons!

For a freebie a tiny app like Sandboxie will protect you better than any SAP sucking AV.

There are ALTERNATIVES!!! Got a few bucks and want the ultimate = Defensewall!

 

Even better than that is oneself. In other words, what you do and where you go on the 'net.

 

Yep LOL.
Go anywhere!

 

Franklin,

The problem with most sweeping generalizations, including yours above, is that they are flat out wrong.

Blue

 

Is this guy a joke?

Does he have any idea about the half-kazillion things you can't execute inside SandboxIE, and have to install on your real, unsandboxed system?

It would seem so.

 

Half a kazillion.My oh My you do need help!

 

Silent install?

 

I think you missed my point. Most safe surfers don't just "go anywhere". They use a bit of commonsense, and this is why I said protecting yourself from the nasties out there is down in part to oneself.

However, if one wishes to visit warez, porn sites et al., then maybe something like Sandboxie suits, but like I said, better protection than Sandboxie is likely to be oneself.

 

What a coincidence. I was just thinking the same about you.

 

Wasn't saying anything as such.Was mainly referring to the "StumbleUpon" toolbar which I use when my favourite forums go dead!

How dare dare anyone insinuate that I go over there!At least Sandboxie stops any infections!!!

 

I find myself in complete agreement with both of you. When I look at some peoples signatures I can't believe all the crap they have running on their systems. I think to myself... "oh my god why?" I think some people are overly paranoid about security. I mean if it makes them sleep better at night and their systems can take the resource hit in stride... then sobeit. I personally don't think the risk/reward is worth sacrificing performance & speed just "incase something ever happens".

I can't recall the last time my PC was infected with anything more than a tracking cookie or other mild miscelaneous adware. Probably way back in my dial up/AOL days.

Quite frankly I could probably do without an AV altogether. A couple anti-spyware apps on demand would probably be sufficient enough to remove anything that may get on my PC in the near of distant future.

 

I have that similar setup on a laptop and it has so far only gotten one annoying piece of spyware since 2005 and that was only because the user clicked on one of those popups.

 

These are most of the times overloaded and if even 20% of the population started to use these, they'd die a painful and quick death through a tragedy of commons.

Sure, it'll be nice some time in the perfect future when all AVs are free-as-a-service via the web with 99.9999999% availability, but that day is not here yet.

 

No Anti-Virus whatsoever for 6 months going strong and couldn't be more satisfied. The system no longer has to struggle with AV program updates or drivers/dll's/processes that hinder or can kill performance nor any need to depend on some arbitrary signature/heuristics database that's a crap shoot at best.

Reason?

HIPS! + Virtualization (PS) + Imaging Recovery App.

Never will use a sandbox either. Simply not efficient enough, period. Instability still plagues them.

 

I have gone long periods without an AV except for right click scan after downloading stuff. I don't have Avira's Guard installed just the on demand scanner. I have never used an email AV scanner. (Rather, I have always done the sensible thing, read in Plain Text only and download to disk all attachments and then scan, and never, ever open an email from someone I don't recognize (if uncertain, I read it via properties/details/message source in OE never actually opening it).

I do use the Proxomitron and ProcessGuard. PG is mainly to control what wants to call home...in particular IE which will start on its own, every now and then, and try to download WGA from WU unless put on a leash which I accomplish with PG. I'm far more concerned with breaches of my privacy from sources like Google and Microsoft than I am about getting a virus. I am opposed to Vista because it gives too much control to Microsoft. I want the kernel penetrated by a program like PG so that I am in control not MS...not to mention that I will not stand for DRM on the CPU chip or elsewhere so no Vista for me. These privacy violations are far more important, I think, than worrying about viruses and worms and using excessive applications to prevent getting them or operating always in a sandbox.

 

Indeed, much better than the sum of all scanners in the world, but these scanner fans, don't understand our approach.
It's beyond their comprehension and imagination. It will take a long time to convert them.

 

While I agree about the conceptual flaws of AV, and of any blacklist based solution in general, I do not believe sandboxes are the solution to everything.

A sandbox wrapping your browser won't stop remote execution exploits, tracking scripts and session riding/identity stealing attacks happening inside your browser through XSS and CSRF.
These kind of attacks are going to become prevalent, you know, and more and more harmful as the web becomes the platform for everyone.

 

I think this thread is another fine example of people who think that their solution is ultimate and one-size-fits-all.

None is.

It all depends on usage patterns, ability, time/skill available and software needed to be run (without conflicts).

For people who don't mind the conflicts with sandboxing and HIPS software or don't use special software that doesn't work well with them, the solution could be indeed much better than AV+AT+FW+tons of other stuff.

However, there are reasons why some of us still don't use SB/HIPS, even though we have trialed them (hint: incompatibilities at low level, not to mention constant need of tinkering/updating/fixing small issues).

 

I wasn't talking about sandbox. I replace my system partition (Windows + Applications) completely with a new one during EACH reboot in less than 2 minuts from desktop to desktop.
I just need security softwares to save the period between reboots, like anti-executables, anti-scripts, Firefox + Noscript, ... Even when these security softwares fail, it doesn't matter because I renew my system partition anyway.
Also my mistakes are corrected during reboot. I recently removed 300mb on purpose on my system partition, one simple reboot and I was back in business.

 

Hi, Easter. I am very pleased to learn that you have trimmed the fat. And I can assume that you have more productive cybertime to do your research now. Sans Signatures defense lineup will be oneday a norm for each single pc users, and that day will be not too far away. Those Fat AV dev will adopt that trend in order to meet clients' demand, but also reduce their human payload.

 

What is PS? You have VMWare or Microsoft's equivalent? What other virtualization is there besides those two? Why do you need HIPS if you run in VMWare? Or do you mean you have HIPS for the host computer?

 

I think the PS = powershadow

http://www.powershadow.com/

 

I think so too