Firefox is using google safebrowsing and cyberfox is based on firefox so it should use it too. You could try edge as it doesn't use google safebrowsing or disable safebrowsing in slimjet. It should be something like "Protect you and your device from dangerous site" as it's based on chromium.
I finally have it installed, and I've had a bit of time to play around with it. As best I can tell it's kinda like a hybrid of Sandboxie and VoodooShield; having both virtualization and restrictions based on ratings. Is that more or less accurate? I've been trying to find out how to best get started with it, to see it's something I want to use, by watching youtube videos. Does anyone know where I get get a starters guide?
There is no rating, it is application control & sandboxing based on rules. Only some basics programs/process allowed/isolated by default. then the user,based on the chosen mode, has to answer prompts or not. No guide yet , the best yu can do is to register in their forum, and learn over there. Videos won't tell you about all the aspect of ReHIPS. https://www.youtube.com/channel/UCG0BvsYENoG8JH4KTk_-dfw/feed
A PDF-file can be downloaded but it is for the old version. If ReHIPS is installed, a built-in help file is available:
For those interested in learning more about how to use ReHIPS, there is a thread on the other forum that has some interesting discussions, with participation from the dev and senior beta testers: https://malwaretips.com/threads/reh...quick-test-included.27453/page-28#post-651865
Thanks will look into this. I installed it and it loaded all the default rules. Was not sure if it protects Google Chrome out of the box. All of my extensions crashed so assume this has something to do with appcontainer being enabled in Chrome? Same thing happened when I tested EIS a few months ago.
it does. i have Chrome's Appcontainer enabled, no issues with Rehips. i had this extensions' crash, i forgot what caused it, but it happened only once.
Do you have the paid version of ReHIPS, or the free version? If the free, that's why your extensions crashed: you went over the limit of 10 simultaneous isolated processes. This is the big limitation of the free version: you can't run a multi-process browser in isolation, with your extensions enabled.
Doh you are correct! I really need to stop testing crap when I am sleepy lol. Will pickup the paid version. When I do, is Google Chrome then Sandboxed? Wish they had a manual or something.
Chrome is sandboxed by ReHIPS automatically. But if you should have it sandboxed or not is an entire other discussion. There are two schools; some say sandboxing Chrome might break Chrome's already flawless sandbox. Others say you add another layer and make Chrome even safer to use.
I was hoping for the latter since I am currently running WD and wanted some further protection on my home PC. I am sure others run Chrome Sandboxed with ReHIPS correct?
ReHIPS isolation should not interfere with chrome sandbox, as ReHIPS isolate via user profile (different mechanism than chrome sandbox) if we ignore restrictions the only thing that ReHIPS change is integrity level, it will set it to untrusted If you run chrome without isolation it will be have appcontainer level but IIRC currently there is no sandbox software that can isolate with appcontainer level I think only those who have paid ReHIPS version ReHIPS will provide sandbox with more restrictions than running it in SUA
it will be fine, ReHIPS will change integrity level to untrusted so you won't get appcontainer isolation, but it should be small price as ReHIPS will isolate chrome with more restriction than in SUA
That's one of the arguments for sandboxing Chrome... no one can tell if it's the right choice though.
I will precise something which i believe is important to the understanding of ReHIPS: - without ReHIPS, you run Chrome with your original profile as Appcontainer Integrity Level (IL) if it is enabled. - with ReHIPS, you run Chrome (or another application) inside a dedicated Isolated Environement (IE). The IE is in fact a tighten "dummy" user profile (ReHIPSUser"x"), this IE is ran as Untrusted which is the safest IL available on Windows (excluding Appcontainer IL).
Nice! Good explanation! One can see why people argue which is the better of the two (Chrome 'AppContainer' vs Chrome 'Untrusted' but double-sandboxed).
I was going to post it in out blogs subforum later. It has a separate topic for ReHIPS FAQ here https://forum.rehips.com/index.php?topic=9520.0 which some of you will find interesting. But as this discussion is here and now, I'll post it here. I often get questions like what's better, ReHIPS isolation or AppContainer? Does ReHIPS use this feature? Should I isolate Chrome, if it's already in AppContainer? Let's figure it out. AppContainer is a Windows sandbox introduced in Windows 8. In low-level details it's some security add-on on top of existing tokens and access rights. So what's more secure, ReHIPS isolation or AppContainer? Short answer is AppContainer. Why? Because it appeared later (Windows Vista SP 1 for ReHIPS vs Windows 8 for AppContainer), it roots deep in Windows core with more capabilities than any 3rd party software and it's more specific while ReHIPS is more wide-oriented. Though the basics they're both based on are the same. But that specificness (is there such a word?) is also a disadvantage of AppContainer. You can't just take some random program, put it into AppContainer and expect it to work. The program should be AppContainer-aware from the very beginning on the development stage. That's why ReHIPS doesn't use AppContainer feature. But as they're more secure, ReHIPS doesn't isolate AppContainer programs. But make no mistake, I don't mean Chrome or Internet Explorer here as they have some AppContainer processes, but some processes are still without isolation. I mean purely AppContainer immersive programs here. So what about Chrome and other AppContainer-using programs? That's a different story. To exploit them, you don't necessarily have to bypass AppContainer, sometimes it's enough to attack their communication protocol with another non-isolated process. And that's the catch. If this exploit is successful, some code with non-isolated process privileges can be executed. But if this process is ReHIPS isolated, malicious code will remain in isolation. So yes, it's a good idea to ReHIPS isolate programs that already implement AppContainer feature, but have some processes non-isolated. Best Regards, fixer.