Window Zones-- a new sandbox?

Hi Infinity,

Like davepl, I also work for the company that produced WindowZones. I'm not sure if you're the one who emailed us Tuesday or not. I did respond to a customer who emailed us regarding SSM and WZ. If that was you and you didn't receive a response, please post back or email us back.

It looks like an app compat issue between the two programs. We are looking into it now and I should be able to provide details back later today.

cheers.

-Allen

 

Hi again,

we completed some app compat testing between SSM and WZ this morning and there definitely is an issue. We have not identified what exactly the issue is yet, but we do have a start-up sequence that enabled both SSM and WZ to run concurrently. Unfortunately, the sequence would have to be completed each time you want to run WZ and SSM together, which is sub-optimal.

1) Install WZ first – reboot
2) Install SSM – reboot
3) Close WZ and stop WindowZones service
4) Launch SSM
5) Launch WZ

after both are installed, in order to launch SSM, you would have follow steps 3-5 above. The SSM driver is doing something that WZ does not like, but I'm not sure yet what it is. We're continuing to investigate.

cheers.

-Allen

 

received your email!!! Thanx Allen!! I try to do when I come home after work, thanx for sticking with me, really like the support and the program is just great imho.

have a great day,

Infy.

 

OK so let me get this straight, does this tool offer more protection than when running apps in "non admin" mode (with DropMyRights or Software Restriction Policies) or not?

 

If I understand those products correctly, WindowZones offers similar protection. There are substantial differences in the products though. DropMyRights is a command line tool. To reduce the rights of an application, it must be launched as a command line param of DropMyRights (by creating an icon, etc). It is not possible to promote the rights of that application without starting a new instance of it. Also, once you launch an application there is no way to know if the application is running as admin or not (without using yet another application).

WindowZones has at least two significant benefits over DropMyRights; 1) a visual identifier in the padlock on the title bar that will tell you if the product is in the Safe Zone (restricted) or in the Admin Zone and 2) a patent-pending ability to move an application from one zone to another without stopping or restarting the application. Above that, WindowZones is significantly more user-friendly than DMR and provides a substantial improvement in security to those Windows users who simply aren't the type to install command line tools, manually create shortcuts, etc.

I think the same applies to SRP.

HTH. All questions welcome.

cheers.

-Allen

 

but once you play with deep level programs like SSM, ... it seems impossible .. I cannot even reproduce the correct installement of SSM ... ...

this has to be fixed first, IMHO ..

and not a fix like support wrote here .. kernel level drivers ... this has been discussed before ... how much of them kernel level (Ring0-1) software is enough to destroy your system? apparently .. it seems to be automatic

what can I do more?

 

Hi there

Been testing WZ and have come across and interesting issue.

I use GetRight as a download manager. GetRight is in the SafeZone. When I try to drag it into the Admin Zone WZ prompts for the User Name & Password of a user account with admin rights. The only user name available in the drop down is my email address. I select this and supply the associated password and WZ responds with an 'unable to move program' message. The message detail is:

'Could not move getright.exe. 0x8007052E - Your evaluation period has expired'

This is despite the fact that I had only been running WZ as a trial for 1 day.

Has anyone elese trying out WZ seen this behaviour for GetRight or any other program?

Thanks in advance.

 

@ AllenN

Thanks for the feedback, personally I am looking for a bit more powerful protection, I´m not sure if running processes in "non-admin" mode will protect against more advanced attacks. However I noticed that according to your website it can protect against a couple of zero day exploits, did you test WZ against these exploits and would DropMyRights also protect against them?

 

Hi Rasheed, what more powerful protection are you looking for in this!! area (meaning making processes non admin by default, on the fly, with no hassle, and achieving this from an admin account) ??

Cause this is the first time I have installed such a program afaik. OK, Drop my Rights is something like that but it cannot be done on the fly, changing from processes with admin rights to non-admin .. ..

Regarding the protection against more advanced attacks ( what is an advanced attack?) .. :
WindowZones is just one of them extra security layers .. actualy I find this program very very interesting. It is only in an early stage (V1) but the concept is very nice and imho very secure.

I won't rely solely on WZ, but as a security backup (all processes are non-admin) in conjunction with a behaviour blocker such as SSM or GSS, it pretty works perfect here.
As a matter of fact, I was never keen on Windows' way of Admin/Non-admin rights .. I always found it too black or white ..

Now I am able to switch between the two modes "on the fly" , whenever I want , no more hassle with reboots and run as commands ...

It's a new program .. just out of beta and I truely believe it has lots of potential, when used together with the rest of your arsenal.

If I must choose between drop my rights or WZ, the pick would be very easy ..

it has some glitches when used with other kernel programs but apparently they are working on it.

cheers,