I guess the big question is how is it sandboxing. Is it truly isolating like SBIE, where it pulls everything into the Sandbox, or is it sanboxing like some other software and just working with integrity levels? To put it another way when I exit the sandbox is everything deleted, and the system left clean
If you click on the "clean sandbox" button , yes. One of our member on Malwaretips did a video of it against some exploits/crypters/ransomware. There for those interested http://malwaretips.com/threads/shade-antimalware-a-review.52011/
Salutations, Friends! > Can Cybergenic Shade-sandbox tool be use with all browsers? For example, UC Browser,Opera and CyberFox? > Are there any conflicts with OTHER Anti-viruses? > And is their any conflicts with other security software? > How often is Cybergenic Shade-sandbox updated? > Does Cybergenic Shade -sandbox, block data's leaks, or just isolate things from modifying the system? > Can you use Cybergenic Shade-sandbox tool with Shadow Defender? > Are their any problems with Windows 10 X64 Bits O.S.? > And how is your software different from Sandboxie and Shadow Defender? Kind regards, Moose
From what I've understood from the video, it does more than just simply virtualizing the file system and registry, it's also able to successfully block malware from getting control of the system. So I wonder, does it do this with using integrity levels, or by simply blocking suspicious behavior (API calls)? Perhaps the developers can give some more info.
Shade could be an expected standalone simple sandbox for free if it would not have some issue I noticed on my Vista - start of system is visibly slowed down and then every launched app also - not only sandboxed - work slooowwwlyyy what is to much frustrating for me - there are 3 processes of Shade in system and one of them called firewall.exe (why "firewall"??) that behave a bit strange...its CPU usage varies from 4-70% (aver. ca 40%) and still works with disk (can kill SSD?) - there was hidden conflict with SpyShelter - its icon in systray was greyed like when SS has all protection disabled...in one case icon of SS was not visible - in both cases protection of SS was active - even if Shade is running in background (without active app in sandbox) I still have impression that it have some hidden activity - CPU, disk are working and still are changed so I I'm still wonder what it actually is doing - especially because Shade has no options and settings for user...you don't know why, when and with whom programm connects in the web. I don't know if every behaviours are only issues or maybe conscious features...maybe Ilya could some explain and make situation more clear?
Yep, it's quicker with FF & IE and Chrome. We know what to do with the speed. Takes time though. Thank you!
We are aware of this issue with some installers and working on improving this. That's why we with confidence announce protecting web-surfing, and not all apps.
Sandboxed apps and disk operations get virtualized via Service, that's thy it looks like an intensive work of filewall. There is no harm to SSD for sure. We use Shade ourselves with SSD. And we work on reducing occasional load on CPU from Service.
Not sure what that means. Does Shade copy everything it needs into a separate area, and then run from that?
guest, you specifically said on Malwaretips forums: "Bottom line is that for those that just want something to sandbox a browser Shade is worthy of consideration. For more generalized protection there are much more robust solutions." What are much more robust solutions for more generalized protection? Can you explain this in more details? I assume Sandboxie is far more generalized protection and much more robust as well as Cybershade needs a lot more improvements just to at least reach Sandboxie's level, but what are other solutions than Sandboxie, to be honest I didn't see any of those solutions beside Sandboxie. Thanks in advance.
@CoolWebSearch I didnt say that it was cruelsister, but i guess she talked about Comodo's sandbox or full system virtualization like shadow defender and other timefreeze, deepfreeze,etc...
http://malwaretips.com/threads/shade-antimalware-a-review.52011/#post-440664 Hope this help the topic at hand!
SD and SS have also processes that are launched as service...I've never seen such usage of disk and CPU. Shade must be optimized - in current state it's hard to accept and use.
Can you perhaps also comment on my post? https://www.wilderssecurity.com/threads/cybergenic-shade-sandbox-tool.380371/page-2#post-2533499 Yes I agree.
Hi @ Wilders I am currently trying Shade and it appears OK. Very simple not a great deal of loss due to sandboxing. Several questions for the technocrats. 1)If you sandbox say Thunderbird, how do you get it to retain the inbox and sent messages after deleting the Sandbox. In Sandboxie I thik there is a mechanism for opting to retain messages? 2) Is there a way to clear the sand box automatically? 3) Is there a way to clear the Sandbox without a reboot? Thanks Terry
Now we have an Ilya from Cybergenic from US, while we had an Ilya from DefenseWall from Russia, coïncidence or same (cyber) genetics . . .? EDIT: probably coincidence Pictures from Cybergenic team: http://www.shadesandbox.com/#!our-story-shade/chyy Video from Defensewall: https://www.youtube.com/watch?v=OfiIGFD2I9o
Nice to see other companies starting to develop apps similar to Sandboxie. Competition is always good for customers. When I get some time I will definitely test it.
Sandboxie does all that as well, heck you can start every single program and everything else in the computer inside/under Sandboxie's supervision as well-so I don't see much a difference between Sandboxie and full system virtualization-just ask Bo Elam for his Sandboxie's configuration settings for, example, to see it yourself.
There are some big differences to me. In shadow defender I can shadow all the drives, with less configuration issues then with Sandboxie. Also for full virtualization I use a VM and that's a whole new level. Don't get me wrong, I don't do something without Sandboxie, but it still does have some limitations
Couldn't you just create another sandbox and put entire hard drive inside that sandbox with Sandboxie? If not than this is one Sandboxie's limitations. I have a huge question for Shadow Defender: The only reason why I am so scared of using Shadow Defender is because it eats ram memory and dard disk memory-which cannot be back on normal, once you get rid of Shadow Defender? What about VM (VM=Virtual machone?)? I should ask this also others posters on Shadow Defender respect thread.
Okay CWS Let me try and give you an answer. Each category of apps can have different uses and it depends on the users needs. For most of my needs the Sandbox approach works fine, and I feel quite secure. However there are times.. for example. When that ransomware that bypassed Appguard need testing, and then the fix need testing Sandboxing wasn't the answer, nor were VM's, because I had to let the nasty thing run on my machine to see what it did. So I used Shadow Defender shadowing all my disks, and let it run, and it had a field day, encrypting stuff on all 3 disks. In this case I didn't want the protection of a sandbox. But exiting out of SD with a reboot and the system was back to normal. All 3 disk were unaffected. Also if I think I am going to be doing risky surfing, I may use both SD and a sandbox. I have not seen a resource problem with SD, although after a long period there might be. Exiting SD which requires a reboot free's up all resources, so that isn't an issue. Finally VM' Yes Virtual machine, and I use VMware's Workstation Pro. I have the same security setup on it as I do on my host. Additionally I have Appguard protect all the VM processes on the host to take advantage of Appguard's memory protection. I use the VM to test new software and also to run malware against my setup. Just safer Hope this helps. Pete
So, you are saying that you will not lose resources after you install and than uninstall SD-can I be safe with this, because this is the only reason I didn't want to use SD in the first place, since I already have enough problems with ram memory, let alone if SD takes all that ram memory that is left on my computer? What about VMs? You said that that AppGuard protects all of the VM processes on the host to take advantage of AppGuard's memory protection-but do you also, with AppGuard, protect all of the Shadow Defender's processes on the host as well-is this even possible?
