OS sandboxing software - how many are out there?

Okay, these are what I know so far...

- Deep Freeze: nonfree, a bit expensive in fact. Supposed to be very good though.

- Returnil: The only one I've used so far. Nice but has no persistance across reboots.

- MS Steady State: apparently persistant across reboots. Not sure how secure it is though, given that it's MS software I'm a bit... Suspicious. Supposed to be persistant through reboot IIRC.

- iCore Virtual Accounts: Looks pretty cool. Incompatible with Vista though. Not sure how good it is for security stuff (anyone know?).

- Powershadow: nonfree. Looks like it's designed more along the lines of Returnil, specifically for security. May be dead?

Are there any others out there or is that it?

 

I just know sandboxie like Powershadow a little.

 

shadow defender!

 

RollBack RX
EAZ-FIX
Clean Slate

 

Rollback and EAZ arent sandbox programs...

 

I know :] see the list in post #1.

 

BlueZannetti has a good list with details here.

Regards,
innerpeace

 

None of the above listed software are really "sandboxes". They are all virtualizers (see light virtualization with the link supplied by innerpeace).

Sandboxie and First Defense PC Rescue are more of a sandbox, although the results are almost the same in the end.

I have licenses for DeepFreeze, a reliable and robust virtualizer that works very well with Vista 32/64 versions (only negative aspect is that you can't exclude anything in frozen mode, but one could use a USB flash drive to save interesting stuff).

Shadow Defender, my favorite at the moment, you can exclude/commit changes even in shadow mode (alas only for Vista 32 for the time being).

ShadowUser Pro, using it still, the most complete of them all, one can keep the same shadow session across reboots (although the latter is a useless feature IMO, biggest minus is that they haven't updated it to work with Vista, I doubt Storagecraft ever will).

First Defense PC Rescue, is the one that I would not recommend, as it has always given me problems and I have abandoned it. It is a great concept but (my imaging software does the same thing) it uses a lot of space (with Vista x64 we are talking around 50 GB without files!)

I have trialled MS Steady State, from memory it worked as advertised except reboot times between shadow and normal states were very long. The program was really designed to protect one computer with different users, therefore rebooting was intended to prepare the machine for someone else. I have no idea if the program has had any changes ever since (almost 2 years ago).

A company to add to the list, although I don't know anything about it is Smart Shield home from Centurion Technologies, it would be nice if somebody gave it a try: http://www.centuriontech.com/Home/

 

Like others have said ...

If you are looking for something similar to Returnil, same genre tool, then definitely give Shadow Defender a trial. Commit past protection for individual files cuts down the program hassles (rebooting) and was the deal winner for me when I had the choice between Returnil and Shadow Defender. It's not freeware, $35 for lifetime license.

 

Keyboard Commando and Osaban

I see that you are both impressed with Shadow Defender.

Because of some bad experiences with Returnil and Vista, I am looking for a safer alternative. How does Shadow Defender perform on Vista? Any problems with sleep, hibernation etc. on Vista?

 

I have used both Returnil and Shadow Defender. Both are quite similar. While I prefer Shadow Defender as it can commit automatically files that you put in the exclusion list, I couldn't get Shadow Defender to work properly with my notebook which is running on Windows Vista Home Premium SP2. I've tried to uninstall everything else, but still SD didn't like my notebook, it would hang intermittently on start-up.

I'm now using Returnil on-demand for testing and it has no conflicts with my systems.

I don't consider Returnil or Shadow Defender real sandboxing softwares, more like a "light" virtualization softwares, as BlueZannetti put it. As for OP question, I think they're quite a number of sandboxing softwares out there but Sandboxie is one great software that stands out very well. I'd fully recommend it and I'm using it as my one and only real-time defense.

 

Shadow Defender works well on Vista. Lots of topics on it here. The developer responds to any questions, usually within 24 hours or so.

If you're using a laptop/notebook, just make sure all the settings are changed to 'sleep', instead of 'hibernate'. Hibernate can crash your system (when running SD - last I checked) when coming out of hibernation, as it shuts down all active programs. Sleep keeps these programs in memory.

 

My notebook freezes intermittently on starting only when I'm running SD on shadow mode on booting. I'm not sure what's the conflict with SD, as I've uninstalled almost every other software without success. I also don't use hibernate on my notebook.

Anyway, since Returnil is functioning well for my occasional testing, and when I let my toddler play with my notebook, I just settle on Returnil for now.

 

Thanks, I might give that a try.

Also - does anyone here have experience with iCore? Can it be used like Returnil, or is it different?

 

I can't understand why no one mentions the use of VM's such as Virtualbox or VMware as a viable alternative to sandboxing applications From what I have concluded, it seems VMs are perceived by the masses as applications that are limited mainly to testing software. Although they are terrific for this use, I can say after having used Virtualbox for about a month now, I have found it thoroughly serves my needs as a production system for home use. I can do everything I've ever done on a real (non-virtual) system: browse the Internet, email, run office software, play tunes, save files permanently to shared folders, reboot/shut down without losing the current state, or - and this something not easily acheived on a non-virtual system - choose to revert to a previous state. This latter feature is a phenomenal built-in security feature in the event of a malware infestation or other system affecting issue that can't be easily or quickly fixed. I don't see how it pales in comparison to sandboxing apps. Furthermore, Virtualbox, at least, is free and is currently being actively developed.

It just seems like the VM option is not getting the attention it deserves.

 

Wat0114

I think that most users here would agree that VMs and Virtualbox in particular are an excellent concept.However the use of a VM requires of course the installation of a separate OS with the associated drain on resources and extra licence if you need Windows functionality.To use it as your primary Operating System would,in effect,be equivalent to downgrading your hardware.

With a modern CPU that supports hardware virtualisation though the VM is probably the best solution available for security purposes,and is perfectly fine for the activities you're using it for,so you're quite correct in saying they're a viable alternative to sandboxes providing you have sufficient resources available.

 

Shadow Defender works very well on my Vista laptop. I would follow Saraceno's advice and disable "hibernation" as it really could make your computer unusable to the point that even reinstalling the system might be a problem (it happened to me with Returnil, but I'm now convinced that "hibernation" and any virtualizer don't go well together). Sleep mode is fine, no problems whatsoever.

@mark.eleven

Unfortunately no software is really meant to work well with any computer, hence the trial period. Have you checked what else is starting up at boot time? I know for example that ShadowUser not only it isn't ready for Vista, but some people complained that it isn't working properly with very recent hardware running XP.

 

In fact, I really like Shadow Defender over Returnil as SD has auto commit function.

As for services starting up, I look thru Process Explorer and I have PerfectDisk, TuneUp2009, Sandboxie loaded up besides those normal MS Vista start-up services. I have tried uninstalling all three and tested SD without success.

The problem is that it's intermittent (not everytime I boot the notebook, but about a few times a week) and only if I use Shadow mode on start-up. Not sure what else is conflicting...

 

This is a shot in the dark but have you disabled the "Run on a schedule" Windows Defragmentation? It is normally on by default on Vista and it could, like with hibernation interfere with the shadow session.
I was also wondering (reading your signature) if you were trialling Shadow Defender with Returnil installed (even in normal state there could be a conflict).

 

Windows defrag scheduler is turned off. When I installed SD, I uninstalled Returnil.

Anyway, nevermind.... I'm quite happy with my present setup in term of functions. If I'm able to get SD works properly on my notebook, it will be more convenient.