Sandboxie vs. SpyShelter Restriction...

shmu26 · May 6, 2016

Windows_Security said: ↑

Spyshelter's "sandbox" is only a restricted token with a disk access restriction (for all restricted programs/folders). The HIPS module is deactivated for restricted programs. So it makes not much sense to combine it with Sandboxie (since SBIE protection is much stronger: low rights token plus per program disk access restriction plus additional HIPS like process virtualization).

Only way IMO to use them together
- Protect low risk programs with SS, put their data folders under restricted token protection
- Put high risk programs in a fine granular SBIE-sandbox
Click to expand...

I think that the average user runs browser in sandboxie, and most everything else regular, so SpS protects the rest of your system.

Windows_Security · May 6, 2016

@shmu26

Since the topic is SBIE vs SS restriction, I assumed it was related to the SS "sandbox" (not the HIPS or the FW), so I answered in this context. SS with Firewall adds other functionality which is useful when combined with SBIE.

The protection of SS for the rest of the system is limited when you put SS in medium or high auto allow mode. When a word document would contain malicious code (through VB Macro or flash content), Spyshelter would simply auto allow the action. To get a pop-up when faced with poisoned content of trusted vendors (e.g. Google Chrome and Microsoft Office), you would need to set the security to ask user and add Microsoft Windows and hardware drivers to the trusted vendors.

BTW: I would not call someone using both SBIE and SS an average user, but that is my personal interpretation so needless to discuss.

shmu26 · May 6, 2016

bo elam said: ↑

Oh, yes, very long time. And I believer things between Sandboxie and Spy shelter have since that time, changed for the better. I heard good things about SS interacting with SBIE from a new Sandboxie user at the Sandboxie forum about a month ago. And now you and someone else about a year ago in this thread was saying that also. I haven't read any complains for a long time, so, its probably OK to use both programs together at this time.

Bo
Click to expand...

this is what Daniel Brom over at SpyShelter answered me:
Some users reported that keystroke encryption needs to be set to better compatibility mode in order to make them work together. You can do it in Keystroke Encryption > Advanced tab.

shmu26 · May 6, 2016

Windows_Security said: ↑

@shmu26

Since the topic is SBIE vs SS restriction, I assumed it was related to the SS "sandbox" (not the HIPS or the FW), so I answered in this context. SS with Firewall adds other functionality which is useful when combined with SBIE.

The protection of SS for the rest of the system is limited when you put SS in medium or high auto allow mode. When a word document would contain malicious code (through VB Macro or flash content), Spyshelter would simply auto allow the action. To get a pop-up when faced with poisoned content of trusted vendors (e.g. Google Chrome and Microsoft Office), you would need to set the security to ask user and add Microsoft Windows and hardware drivers to the trusted vendors.

BTW: I would not call someone using both SBIE and SS an average user, but that is my personal interpretation so needless to discuss.
Click to expand...

points well taken. I wandered off the immediate topic a little...

Log in or Sign up

Sandboxie vs. SpyShelter Restriction...

shmu26 Registered Member

Windows_Security Guest

shmu26 Registered Member

shmu26 Registered Member

Log in or Sign up

Sandboxie vs. SpyShelter Restriction...

shmu26 Registered Member

Windows_Security Guest

shmu26 Registered Member

shmu26 Registered Member

Useful Searches