Interesting article, but I haven't got a clue how advanced the sandbox exactly is in both Shade Sandbox and 360 Total Security. I think it's safe to assume that Sandboxie is probably the most advanced. Never really tried the one offered by Comodo, but it performs quite well in tests done by Cruelsister. https://www.raymond.cc/blog/no-more-worries-when-running-untrusted-programs/
Sandboxie is definitely the most advanced one in the article, Comodo is good too but the HIPS doesn't monitor the sandbox content. Shade is the simplest one, not much options last time i tried it (seems all is pre-configured). Anyway my favorite is ReHIPS followed by Sandboxie.
ReHIPS look to complex to me, too many options and it makes use of virtual desktops. And the fact that Comodo doesn't monitor the sandbox is probably because they don't want to give any alerts, that's the point of sandboxing. I do like Comodo's auto sandbox feature, I believe that Sandboxie should add this. BTW, I forgot to mention BufferZone, too bad it's not being developed anymore, it did have potential, but was too heavy. And Avast also offers a sandbox, but what's so cool about Sandboxie is that it offers multiple sandboxes (in pro version), I believe that Avast and 360 don't offer this. https://www.ghacks.net/2012/06/07/bufferzone-pro-free-sandboxing-software-sandboxie-alternative/ https://www.avast.com/f-sandbox
Great topic, thank you @Rasheed187. After reading some of the Sandboxie staff's responses on the various topics in the Sbie forum, do you think Sbie would be amenable to further additions (re: auto sandboxing)? I got the feeling this was the final product, but of course, I would accept almost anything Sbie threw my way. Using paid Sandboxie for the multiple sandboxes with a docker is a must! Nothing else I've seen so far (Shade, eg) comes close. You literally get a new mindset with regard to your computer security.
The problem with that approach is that they would have to develop good algorithm which would have to decide what to sandbox. You can achieve similar if you run all vulnerable apps sandboxed. If any of them launches new process it would be sandboxed also.
No, you're over-complicating things. With this approach it doesn't matter if some app is malicious or not, all executable (and some other) files are sandboxed. It's a feature to protect noob-users.
Not only, before you could opt-out virtual desktops individually for each Isolated Environment (sandbox), now you have a checkbox to opt-out for all Isolated Environment.
Even system files like svchost. exe? You know that SBIE uses strict sandboxing if not configured otherwise?
BTW, what did you think about Shade, did it feel robust? The problem with sandboxing is that you never really know how it works under the hood. It's not enough to simply redirect/virtualize file and registry activities. You also need to redirect inter-process communications. https://www.malwaretech.com/2014/10/usermode-sandboxing.html
It's been a while, @Rasheed187 and I didn't give it much of a chance. I felt annoyed that the window couldn't be moved out of the way at times and to minimize it, you had to X it at the top. Various folders weren't "eligible" and I didn't see the option in the context menu as much as I wanted (media player, eg)--but if anyone w/exp. w/Shade knows more, please correct. Just for browser mainly, I thought, which is good. However, since sandboxing is new to me, forum support and discussion were very important, seeing as I was looking to use sandboxing under specific circumstances. By the way, good article, thank you. Edit: ooo, you know what?--I had paid Sbie from the start, so comparing free Shade to that isn't particularly fair, right? But the issue with the windows not moving at times stuck with me.
OK thanks and yes you can't beat Sandboxie, it even gives you the opportunity to run multiple app versions side by side, I don't think any other solution offers this. BTW, here is another article, BufferZone for consumers is dead, but seems like their enterprise version is still available. It was the only sandboxing tool that came close to Sandboxie when it came to features, but it was way too heavy. https://www.maketecheasier.com/best-sandbox-applications-windows10/ https://bufferzonesecurity.com/product/features/