Application Sandboxes: A pen-tester’s perspective

It's not meant to duplicate what's already there. By now frankly I could care less how much you know about Sandboxie and how little about Chrome, Windows, or the Internet itself.
Applocker or SRP are only 2 examples of group policies. Guess how web exploits work since plugin/script blocking and HTTP Authentication aren't a big deal? Comparing Windows Firewall with Sandboxie restrictions is a joke.
And I'll leave it at that due to how pointless this has all been.

 

Sorry, but I have more than enough experience with plugin/script blocking to say they are worthless as protection again web exploits, especially every time my family is surfing and visiting websites they need for their job, I also don't need script/plugin blocking that is blocking the access to my email, if that's the way to block web exploits than there is something wrong with that approach for millions of average joes.
You better come up with something much more useful that would not interfere with surfing and accessing websites and emails.

HTTP authentication is not a big deal if it's blocking website from work for example, much like some products like TrendMicro and McAfeeSie Advisor do, and yet they are trusted websites, than there is again something wrong with that approach.
This is a total joke.
SBIE with start/run restrictions and block access options beats all this mentioned combined, plus it's much more useful.
Windows XP firewall if you know what to do with it, is much more useful than you think.
I truly don't know in what world do you live...

 

Cool, man big thanks for this highly helpful link and thanks for you tips!

 

@CWS

Why is it so hard for you to accept the reality that Sandboxie is not the only way to successfully prevent malicious attacks? And about script filtering, did you create a whitelist for websites you and your family often visit? If NoScript-like extensions are too bothersome to use then there is Adblock Plus which also offers content filtering, although limited to advertisements and I believe web trackers too. But IMO it should be sufficient enough.

 

Well, DefenseWall on 32-bit systems is at least as strong as AppGuard, perhaps even slightly stronger.

 

Trust me, it's painful job to do with NoScript than Script Defender for Chrome, because I cannot remember every single website that is needed for my parents and my brother.
But I do use Adblock Edge for firefox and Adblock for Google Chrome.

But it doesn't matter, I'll say you, J L, Hungry Man, Windows Security, Gullible Jones, Peter, wat114 won this debate, I truly don't have time anymore to debate.

I only hope you, Hungry Man, Windows Security, J L, Gullible Jones, Peter, wat114 and etc. are all right when you talk about this.

 

Understood, we have the same problem.

It's not about winning or losing. One side said sandboxing a sandbox is redundant, other side said it isn't. Personally, based on what I've got so far, I'm pretty confident to use Chrome's sandbox by itself without another sandbox (and even EMET) on top of it.

 

I agree this has been ridiculous. It'd be a waste to close a thread like this because of it though; when we can have much more meaningful discussion if people actually take the time to try and understand the message (hint: read the report and read up on how sandboxes work). As for the rest whom have tried so hard to explain yet in vain, the answer is simple: do not feed the troll.

 

Please shut this thread down, just reading the above post of someone wanting it to continue. But really the message has been transfered. Now we know it is useless sandboxing our apps or our installs lool.

Really shut this thread down for the peace keeps sake if not for anything else hehe.