comodo = 10+ years old bug when the rules made by the users suddenly disappears out-of-the-blue = unreliable. SS = yeah seems the best one at the moment, especially for its command line parser, but almost dying, ultra slow development and bad support. i won't bet on its future. NOD32= useless if not on Interactive Mode, and if on it, prepare for storm of prompts choose you poison.
Comodo in safe mode gives very few pop up alerts. And for any new program/ exe which is not in comodo safe list, I just add it to safe/ trusted list, no more alerts.
but when an unreliable comodo staff added a malware on the whitelist (it happened in the past), Comodo on safe mode is doomed. Only its Paranoid Mode saved the day. but to get Paranoid Mode almost as quiet as Safe Mode, you must do lot of preparation, which are out of reach of classic users.
The free version of ReHIPS -- which is just as up-to-date as the paid version -- is good for most purposes. But, as guest said, it is not a HIPS product in the proper sense of the word. It isolates the problematic applications, rather than prompting them to death.
It is officially called "demo" version https://rehips.com/en/ The limitation is 10 isolated processes per session. That means you can do just about anything except for run a multi-process browser (such as Chrome) in isolation with your usual extensions and tabs. If this is a deal-breaker for you, then the free version is not for you. You can still control child processes of the browser with the demo (if you run Chrome out of isolation), but running it in isolation will probably put you over the limit of the demo.
Hi shmu26 Many thanks for your prompt & precise reply. Unfortunately, it is a deal breaker because there are other free options. What a pity. Terry
no there aren't. there is only 2 real standalone sandboxing apps; ReHIPS and Sandboxie, both have free limited versions, but only the paid ones are worthy.. Comodo's sandbox isn't even close to them, no granular control at all, no options.
Oh Lord, Spare Me! The Proof of The Pudding would be to demonstrate a Comodo Sandbox Flaw that is not seen in the others (like when I pointed out a serious flaw in SBIE a few years back -subsequently fixed by them-that Comodo's Sandbox was impervious to). Also Comodo's sandbox is automatic whereas the SBIE is manual (and I really don't think that you feel the Home User is cognizant enough to know when to sandbox things and when not to...). But as to your statement- Proof, my friend! Give me Proof!!!!
The burden of proof is on you to show where the granular control is in Comodo sandbox. As far as I can see, all the crud and all the vulnerable programs are playing in the same sandbox, with the same one-for-all set of rules. This is not very hygienic.
No- the proof is on the person that says one product is inferior to the other. The term "Granular Control" was used. Don't just use terms- show me how one could be bypassed and the other cannot (personally I think currently both the SB and Comodo sandbox are equivalent- other than one being manual and the other automatic- as long as the option to stop sandboxed stuff from connecting out is checked in both). But if you guys can show any case where Comodo fails and Sandboxie protects please Dazzle me with your Brilliance. Otherwise please have the courtesy to admit that the statement is not correct.
I would disagree the Sandboxie isn't automatic. If you sit down at my desktop and click on the firefox icon, you will be in Sandboxied Firefox
In my opinion Sandboxie give you more control about sandboxed programs, but Comodo sandbox is more strong and secure due to it's use VT-x (hardware virtualization - if you have a compatible processor) and relies in other modules, for example, file reputation. From what I understand, SBI have "automatic" sandboxing if you configure Forced Folders or Forced Programs features (you have to add manually the folders/files) while Comodo sandbox will autosandbox every unknown process.
Funny how this went from a HIPS discussion to a sandboxing one. For the record, they are not the same. A sandbox will prevent malware from infecting your system. It can't protect against modification attempts of anything running in the sandbox whereas a HIPS can assuming proper rules have been created to prevent like activity.
guys guys, my sand castle is better than yours!!!444!4 oh and my potato is definetly better than your sand castles! jesus people.. this thread...
That is also possible in free version, Azure. Just make your own shortcut I have two. One is for browsing and one is is for updating the browser which isn't possible when it runs in sandboxie, obviously. (I mean, you could change that too, but meh.) I tried ReHIPS, Comodo and Sandboxie. Afaik Comodo and ReHIPS work by running the software under a different user with way less rights. Only Sandboxie does some virtualization. (Someone told me) I chose to stick with sandboxie free, but it is WAY too costly for something that looks to be from 1995. So that isn't ideal at all.
Peter- if SBIE has been on your system for a while you may not remember the installation process. After Sandboxie installs all its stuff, there are like 5 or 6 frames introducing you to its use. One of these frames asks if you want to sandbox your browser(s), and if so to double click the browser icon(s) on the desktop. This will cause the browser(s) to auto-start in the Box AND it will allow it to connect outbound. If you do not take advantage of this step, you must manually set the browser to start in the sandbox as well as making a setting for it to connect out (that is, as long as you have clicked the Sandbox restriction setting not allow anything sandboxed to connect Out- which I hope that you do!!!). Are you serious? Of course it can.
Taking the strictest definition of sandbox (process isolation), in theory this may be true, but in practice, this statement is incorrect given that most sandboxing software also uses virtualization and virtualization can protect you against these modification attempts.
It appears at least Cuckoo has "beefed up" its bypass protection recently: https://www.fortinet.com/blog/threa...koo-sandbox-detection-and-our-mitigation.html
Up until recently they offered lifetime licenses which I am still using. Not sure what the 1995 comment means. SBIE has been constantly updated.
Judging by the high price of a yearly subscription, I would assume a lifetime licenses costs around 100-200$. But I am probably wrong. I was just commenting on the user interface that certainly hasn't changed since 1995. I really detest it. tbh
I still have a lifetime time subscription from back when it was offered ,it was not that expensive. I agree the GUI could use a makeover but can't argue with the protection it provides. I might just have to dust off the old license and give SandBoxie another spin.