Sandboxie v2.86

I'm not going to ditch my frozen snapshot. I don't trust any of my security applications, not even Sandboxie and I still have other weapons, if my frozen snapshot ever fails, which has to be proven first.
My whole security is partial based on restoration, the ultimate weapon against any infection. I only need more time to polish it.

An extreme test for FDISR, would be a honeypot and then try to clean that honeypot with a clean snapshot.
Unfortunately, none of the security people are interested to do such a test, they prefer to test scanners to prove how many infections they MISSED and how many false/positives they reported. That doesn't interest me, because I know this already.

 

That test was also extreme and successful, but that's not the same as removing any kind of infection, from simple infections to the most sophisticated hidden infections.

 

Is DFK Threat Simulator such a good collection of infections, that EACH TYPE of infection is included. ?

 

I'm sure it will make a mess of your system, but this is nothing but a "good" theoretical test.
Nevertheless, I will try it myself one day, when I'm ready.

I remember the BBC Honeypot and they admitted, that this honeypot couldn't be cleaned with the classical security softwares. The honeypot had to be re-installed from scratch to clean it completely.
If FDISR is able to clean such a honeypot, I would feel more comfortable.

 

I was too lazy to look it up, but here it is :
http://news.bbc.co.uk/2/hi/technology/5414502.stm
http://news.bbc.co.uk/1/hi/technology/6035455.stm
These are the threads at Wilders about the BBC Honeypot :
https://www.wilderssecurity.com/showthread.php?t=150254&highlight=Honeypot
https://www.wilderssecurity.com/showthread.php?p=854479#post854479

 

OK. Peter, it doesn't really matter, I was only trying to tell you that such a honeypot would be a very extreme test too.
Your VISTA--->XP test was also very extreme, that's why I believe it will remove any infection as well, BUT I would feel more comfortable, if it also cleaned a HEAVY INFECTED honeypot without any failure.

IBK (av-comparatives) has also an enormous test bed to test all these Anti-Virus softwares, so his test bed is also a very extreme test for FDISR. (hint)

 

A while ago I was listening to a 'Security Now!' episode about sandboxing applications over at GRC.com and I remember Steve Gibson comparing different sandboxing applications and coming to the conclusion that SandboxIE was one of his favorite in the way in which the programs were designed.

Some may find this episode interesting:

http://www.grc.com/SecurityNow.htm#55

 

Is he using FDISR or u want him to push this way?

 

I think he was hinting that FDISR has yet to let down av-comparatives

 

lol...

 

No why would I do that ? He only has to test FDISR, not keep it.
Maybe he will enjoy it, doing something else for a change.

 

Well Sandboxie causes the first error on my computer, never had that before.
Suddenly a popup window appears on my desktop, when I want to open Firefox :

Direct OCR Error (= Popup Window Title)

An error with Direct OCR caused a memory conflict in your open applications. Please restart Windows.

It happened several times today.

 

OCR, is that Optical Character Recognition and relating to a document scanner software?

Had a look around SB's forum and couldn't find anything related.

 

I posted the problem at SB's forum. I wait for an answer, if I ever get one.

 

I think if i remember he said you cannot trust Sandboxie for security only privacy and that you could leave no trace behind on a machine when using it.
True, for one Sandboxie can hold browser related, cache etc, so when you delete the sandbox the byproducts such as history disappears, but Sandboxie is more than that - and files can be undeleted.

 

Are you running Omnipage?

I don't think you'll have to wait long. Developer Tzuk is very active there.

 

Franklin and BobD,
Thanks for the info you gave me, because it did ring a bell.
I posted this problem at SB-forum in my post "Direct OCR Error" and gave them more info concerning my all-in-one printer and the software of this printer installed a bar called "Canon Easy-WebPrint" and this bar could be the problem.
Firefox doesn't have this bar, but I switched often between Firefox and MSIE, while I was running Sandboxie.
I'm waiting for a reply of Tzuk and if necessary, I'm going to uninstall this bar and see if there is an improvement. I'm almost 100% sure that this bar IS the problem.
Sandboxie is alot more important to me than this bar, which I don't use in practice.

 

If I zero my harddisk instead of using DiskPart, will ShadowProtect recover my harddisk ?