What is Sandboxie and how / when to use it?

[AlexC]

I also recommend Sandboxie to people who insist to run keygens and say that the AV detections of this kind of software are always false positives.

By running them sandboxed they prevent that the OS get infected, and also are able to see what's going on behind the curtains.

All that is needed to do is to click in the taskbar icon and see the files and registry entries that would be created in the "real" system by the supposed "harmless" keygen...

[mick92z]

Quote:

Originally Posted by AlexC

I also recommend Sandboxie to people who insist to run keygens and say that the AV detections of this kind of software are always false positives.

By running them sandboxed they prevent that the OS get infected, and also are able to see what's going on behind the curtains.

All that is needed to do is to click in the taskbar icon and see the files and registry entries that would be created in the "real" system by the supposed "harmless" keygen...

While I agree that people should run possibly dangerous files sandboxed, the mentality of people running cracks and keygens, never fails to astound me. Sandboxie, itself is subject to being exploited. So are you advocating someone running a keygen for sandboxie, sandboxed ? One such person even posted on the sandboxie forum recently, and wanted to know why his ' key ' was rejected

[AlexC]

Quote:

Originally Posted by mick92z

So are you advocating someone running a keygen for sandboxie, sandboxed ?

Lool! No! Where did you get that? I only meant what i said in the post.

And Tzuk really deserves to be well paid for the exceptionally great software he develops.

Quote:

Originally Posted by mick92z

One such person even posted on the sandboxie forum recently, and wanted to know why his ' key ' was rejected

What a nerve!

[TomFace]

From what I have read, Sandboxie sounds pretty cool (I have a little knowledge so that makes me dangerous in a "runs with scissors" kind of way!).

Is http://www.sandboxie.com/ "THE" official website?

[mick92z]

Quote:

Originally Posted by Tomface

From what I have read, Sandboxie sounds pretty cool

Absolutely

Quote:

Originally Posted by Tomface

Is http://www.sandboxie.com/ "THE" official website?

Yes.

[TomFace]

Thanks mick92z-wanted to be sure-we'll check it out!

[mattbiernat]

A couple of other options to Sandboxie you might want to consider:
1) Bufferzone - very similar to sandboxie except that there is no configuration, everything works out of the box and new programs are automatically added to the sandbox
2) Rollback Rx (14 days free) , Comodo Time Machine (free) - basically this one takes a quick snapshot of your system, so if you get a malware or virus you can restore in 20 seconds
3) DeepFreeze (30 days free), Shadow Defender (works only with HDDs), Toolwiz Time Freeze (weak rootkit protection but free and probably will get one sooner rather than later) - these guys are light visualization. Basically they are like sandboxie but for your entire computer, that way you can install whatever you like into the Windows and after restart everything is back to normal.

[bo elam]

Quote:

Originally Posted by Tomface

From what I have read, Sandboxie sounds pretty cool

Tom, a lot of programs sound pretty cool, SBIE not only sounds pretty cool it actually it is pretty cool.

In my case, my internet experinece can be divided in two parts. Before and after Sandboxie. Before, I use to get infected all the time and always wondered why?, why, am I getting infected?, I was using the best protection/AV money can buy and still was getting infected. That changred the day I discovered and started using SBIE. Its been almost 4 years since my last infection and I know for sure that as long as I use SBIE the way that it is supposed to be used, infections belong in my past.

Enjoy the sandbox.

Bo

[TomFace]

Bo & Matt-thanks for your input, it is appreciated-Bo this may sound silly, but I will ask anyway, I trust SBIE = Sandboxie? (yes I am old enough that I have to ask )

[bo elam]

Quote:

Originally Posted by Tomface

Bo & Matt-thanks for your input, it is appreciated-Bo this may sound silly, but I will ask anyway, I trust SBIE = Sandboxie? (yes I am old enough that I have to ask )

I am like you, I never take nothing for granted. Yes, SBIE is Sandboxie.

Take care.

Bo

[RejZoR]

Anyone managed to find out how to click magnet links inside of sandboxed Firefox to launch an unsandboxed BitTorrent/uTorrent client?

I don't get it why this isn't transparent if you give direct access to uTorrent folders... things seems to break with the denied inject DLL thing and complaining about compatibility with avast!.

I really loved the restricted idea for browser but this incompatibility with Bittorrent/uTorrent is a real showstopper. Copying links and torrent files isn't exactly practical...

[Solarlynx]

Quote:

Originally Posted by mattbiernat

A couple of other options to Sandboxie you might want to consider:
1) Bufferzone - very similar to sandboxie except that there is no configuration, everything works out of the box and new programs are automatically added to the sandbox
2) Rollback Rx (14 days free) , Comodo Time Machine (free) - basically this one takes a quick snapshot of your system, so if you get a malware or virus you can restore in 20 seconds
3) DeepFreeze (30 days free), Shadow Defender (works only with HDDs), Toolwiz Time Freeze (weak rootkit protection but free and probably will get one sooner rather than later) - these guys are light visualization. Basically they are like sandboxie but for your entire computer, that way you can install whatever you like into the Windows and after restart everything is back to normal.

One thing - Bufferzone isn't compatible with Comodo Time Machine and most probalbly with Rollback Rx as they use MBR.

SBIE is compatible with all enlisted progs!

[jasonbourne]

Quote:

Originally Posted by Solarlynx

One thing - Bufferzone isn't compatible with Comodo Time Machine and most probalbly with Rollback Rx as they use MBR.

SBIE is compatible with all enlisted progs!

I had an issue when i tried out Bufferzone Pro with CIS ver5.8 on a Win 7 x32 system. The boot was long and it went on for about 25 minutes with a "Please Wait-Welcome-Preparing your desktop" afterwards blackscreen. Nothing. Can't see anything.

With Avast free / Avast IS (with firewall enabled) BZ was fine though in Avast IS it felt a bit sluggish. Maybe it was the HIPS that was conflicting with the BZ firewall.

Sandboxie is the best here with less compatibility issues.

[Solarlynx]

Quote:

Originally Posted by jasonbourne

I had an issue when i tried out Bufferzone Pro with CIS ver5.8 on a Win 7 x32 system. The boot was long and it went on for about 25 minutes with a "Please Wait-Welcome-Preparing your desktop" afterwards blackscreen. Nothing. Can't see anything.

Me too had exactly the same thing when tried Bufferzone Pro with CIS 5.8 and Comodo Time Machine on XP 32bit. I thought it was because of CTM.

[chronomatic]

Sandboxie will only be marginally effective. The reason it cannot provide real security is because it does not run at Ring 0 (i.e. it is not hooked directly into the kernel). Rather, it runs at the library level and does a lot of hooking. For this reason, an attacker could make direct syscalls and bypass it (because syscalls work at a lower level).

So I am not saying it is useless, but it cannot be as strong as something hooked directly into the kernel.

[3x0gR13N]

It does run from kernel.

[Get]

Quote:

Originally Posted by RejZoR

Copying links and torrent files isn't exactly practical...

Isn't sandboxing your torrentclient the smart thing to do? Download files sandboxed, scan it and when clean cut/paste it.

[chronomatic]

Quote:

Originally Posted by 3x0gR13N

It does run from kernel.

From my understanding with the newer 64 bit versions it does not (due to Patchguard).

[bo elam]

chronomatic, my personal experience using SBIE proves you wrong when you say that Sandboxie "cannot provide real security". I stopped getting infected the day that I installed SBIE for the first time, almost four years ago. Despite knowing very little about computers and stopping using real time antiviruses or anything else along SBIE, I dont get infected anymore. Sure, I must be doing something right, I must of learn something this past four years but most of the credit for my computers to be 100% clean, belongs to Sandboxie.

Bo

[3x0gR13N]

Quote:

Originally Posted by chronomatic

From my understanding with the newer 64 bit versions it does not (due to Patchguard).

http://www.sandboxie.com/index.php?E...ntalProtection