Trustware’s Holiday Giveaway- BufferZone Pro for Free

[Ibrad]

After reading into this BufferZone seems like a rather good application. I grabbed a key and I think I will try this when I have some time. It may be the application I have been looking for.

[buckslayr]

Quote:

Originally Posted by IceCube1010

What I needed to do was remove the mydocuments entry in confidential files. I was able to attach my files locatedi in mydocuments with gmail. At first I didn't see my files. I believe you will still be protected in the bufferzone.

Ice

I though about that but wondered if it would leave my documents open to any malware inside of bufferzone?

[IceCube1010]

Quote:

Originally Posted by buckslayr

I though about that but wondered if it would leave my documents open to any malware inside of bufferzone?

I know, it's a little misleading. Probably, if malware was to run inside the bufferzone, it would be able to read those files now. I really don't give a hoot about that since I don't keep any important info in that particular directory. You basically want BZ to protect your system from getting infected. Any important stuff you need to attach via email you would have to move out of confidential files. I'm not an expert with the software by any means but it seems pretty good, along with a good free AV and you have a pretty secure setup. I also like SBIE and GeSWall which has simillar protection.

Ice

[Franklin]

Bufferzone is leaking badly here and I dunno why as Boyfriend tested and has no leaks.

Uninstalled the Pro version and installed the free version and still seeing the same in files being created on the real system.

If anyone else is setup for testing and willing to try out what I'm seeing then send me a pm.

[vhick]

I also see also the files being created in the real system like files that I download but with the extension of ".virtual". Its a small in size and you need to put this file outside the bufferzone to see the real file.

Please correct me if I'm wrong.

Thank you..

[cm1971]

I was planning on using this on a laptop but if it is leaking files then that defeats the purpose of having it. I think I'll just put Sandboxie or GeSWall on it instead.

[Ibrad]

I looked up a review on YouTube and I did see it leak out what I think is a SpyEye trojan: -http://www.youtube.com/watch?v=AgWf15HsoJU-

Though it should do a rather good job teamed up with an AV/Anti-Malware

[Franklin]

Quote:

Originally Posted by cm1971

I was planning on using this on a laptop but if it is leaking files then that defeats the purpose of having it. I think I'll just put Sandboxie or GeSWall on it instead.

It could relate to just my setup which I'm trying to sort out.

[Franklin]

OK, I "think" I've got it sorted.

A setting under Configuration - Advanced Policy was to save all signed installers outside the BZ.

Changing this setting to save all signed installers to "in Bufferzone" and no more elcrappo is being created on the real system.

The third pic shows the exes that were created outside the BZ so they must have signed installers.

[cm1971]

That is good to know.

[emmjay]

Just checked the BZ Forum today. They have confirmed there is a problem with BZ, re: loss of Chrome bookmarks, extensions and preference settings when Chrome is sandboxed. Refers to latest rel of Chrome. They will have it fixed in the next release. No date given.

[Victek123]

I tried BufferZone on Windows 7 x86 and I couldn't figure out how to save files to the real system. The "help" says you only need to right-click on a file in the sandbox and select "move outside the sandbox" (or something like that), but that option did not appear on the menu. Did I miss something? I uninstalled it, but I would try it again if someone can explain this.

[Rilla927]

I had a hard time working with files also. When I right clicked a chose "Move Outside BZ" it doesn't say where the file goes and I couldn't find it.

If you didn't have this on your context menu sounds like the install went wrong some where.

[IceCube1010]

Not sure about Chrome but in IE I had to save my bookmarks outside of BZ. Then going back into a BZ session, the bookmarks are there. I wish someone could tell me how to save the bookmarks in BZ permanetly.

About saving files, they would be in the location where you would normally save stuff in. Then going to that directory, you would see the file with a little bufferzone icon on it. Just right click and select move outside of BZ and it will remove the icon and remain in that directory. However, before doing that, I would scan the file with your AV etc....

Ice

[Kees1958]

Let me try to explain


When a file is downloaded into Bufferzone a BZ-link is placed in the folder you put it, e.g. NEW_FILE.doc.virtual while the real file is put in the sandbox folder (C:\Virtual\Untrusted) with the name NEW_FILE.doc

When you click on the BZ-link file and move it out of the buffezone, the real file is moved to the place where the BZ link was

After download
C:\User\Kees\Downloads
NEW_FILE.doc.virtual

C:\Virtual\Untrusted\
NEW_FILE.doc

After the move out of BZ
C:\User\Kees\Downloads
NEW_FILE.doc

C:\Virtual\Untrusted\
empty

[Kees1958]

Quote:

Originally Posted by IceCube1010

Not sure about Chrome but in IE I had to save my bookmarks outside of BZ. Then going back into a BZ session, the bookmarks are there. I wish someone could tell me how to save the bookmarks in BZ permanetly.

About saving files, they would be in the location where you would normally save stuff in. Then going to that directory, you would see the file with a little bufferzone icon on it. Just right click and select move outside of BZ and it will remove the icon and remain in that directory. However, before doing that, I would scan the file with your AV etc....

Ice

I know the cookies are allways put in BZ sandbox and I thought the favorites folder was not cleared when emptying the BZ sandbox. Not using it right now, so can't test it for you.

[IceCube1010]

Quote:

Originally Posted by Kees1958

I know the cookies are allways put in BZ sandbox and I thought the favorites folder was not cleared when emptying the BZ sandbox. Not using it right now, so can't test it for you.

I just tested it to be sure and it does remove it, if you select all 3 items to empty in the BZ. It's really not to much of a hassle to save the link outside of BZ and then go back into a BZ session and the link is there.

Ice

[IceCube1010]

Quote:

Originally Posted by Kees1958

Let me try to explain


When a file is downloaded into Bufferzone a BZ-link is placed in the folder you put it, e.g. NEW_FILE.doc.virtual while the real file is put in the sandbox folder (C:\Virtual\Untrusted) with the name NEW_FILE.doc

When you click on the BZ-link file and move it out of the buffezone, the real file is moved to the place where the BZ link was

After download
C:\User\Kees\Downloads
NEW_FILE.doc.virtual

C:\Virtual\Untrusted\
NEW_FILE.doc

After the move out of BZ
C:\User\Kees\Downloads
NEW_FILE.doc

C:\Virtual\Untrusted\
empty

Yes, under the covers this is how it's done.
thanks
Ice

[Victek123]

Quote:

Originally Posted by Kees1958

Let me try to explain


When a file is downloaded into Bufferzone a BZ-link is placed in the folder you put it, e.g. NEW_FILE.doc.virtual while the real file is put in the sandbox folder (C:\Virtual\Untrusted) with the name NEW_FILE.doc

When you click on the BZ-link file and move it out of the buffezone, the real file is moved to the place where the BZ link was

After download
C:\User\Kees\Downloads
NEW_FILE.doc.virtual

C:\Virtual\Untrusted\
NEW_FILE.doc

After the move out of BZ
C:\User\Kees\Downloads
NEW_FILE.doc

C:\Virtual\Untrusted\
empty

I will have to reinstall and try this. I'm also curious about how the sandbox effects other security software. Is it possible for resident antivirus to monitor download activity in the sandbox? What about something like Zemana Antilogger - can it control key/screen logging activity? Seems to me that a sandbox could actually reduce some security functionality.

[IceCube1010]

Quote:

Originally Posted by Victek123

I will have to reinstall and try this. I'm also curious about how the sandbox effects other security software. Is it possible for resident antivirus to monitor download activity in the sandbox? What about something like Zemana Antilogger - can it control key/screen logging activity? Seems to me that a sandbox could actually reduce some security functionality.

I thought the same with BZ, SBIE etc... but your AV will still see the infection and remove it regardless if it's in the sandbox or not. I just tested BZ with the eicar file and MSE removed the infections like it should.
Ice

[cm1971]

I put it on a laptop and so far I like it. I also have Avira and Online Armor on it and so far there are no conflicts. BufferZone works well with the other programs.

[Ibrad]

So how is it running on everyones machine?

[IceCube1010]

Quote:

Originally Posted by Ibrad

So how is it running on everyones machine?

BZ pro with MSE on win7 32 using IE 8 and it's running great so far.
Ice

[cm1971]

Quote:

Originally Posted by Ibrad

So how is it running on everyones machine?

So far I have not had any trouble with it. It seems to run light on the laptop I'm using it on.

[Franklin]

Quote:

Originally Posted by Ibrad

So how is it running on everyones machine?

Still not happy with it here.

Even though no exes are created on the real system with that extra setting there still seems to be empty folders and dead shortcuts all over the place after emptying the bz?

I run a malware sample that drops both malware and supposed legit apps and let it run for several minutes then delete the BZ and reboot.

I conduct a search with Agent Ransack to show all files/folders created today and there's nearly 700 empty folders, .dat files and dead virtual shortcuts still around.

Could be my setup as I'm seeing the same with Geswall but not with Sandboxie or Defensewall.