BufferZone second thoughts

Discussion in 'sandboxing & virtualization' started by Kees1958, May 4, 2010.

Thread Status:
Not open for further replies.
  1. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Hi, I had an old give away lisence of BufferZone (simular program as Sandboxie)

    When I tried it I found that it slowed down start of sandboxed application to much.

    On my XP Pro I run all internet facing programs as Basic User (LUA). You can do the same with PGS of Sully. I have a deny execute SRP on my user space.

    I have Trusteer Rapport protecting IE8 and run Chromium sandboxed in BZ.

    BZ has this nice feature of sandboxing automatically newly downloaded executables and scripts.

    When I download a program with IE8 it is marked as sandboxed by BZ. :thumb:

    So for dodgy browsing I have Chromium's internal policy sandbox with application virualisation as second safety net with BZ. Forst starup of Chromium is real slow, consequetuve startus are real fast.

    So on second thoughts I really like BufferZone, so it is a crossover of what Comodo FW CIS4 (only FW of BZ works within the sandbox, not on trusted aps) and Sandboxie.
     

    Attached Files:

    Last edited: May 4, 2010
  2. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Hey Kees

    Bufferzone was my introduction to virtualization :D and i was a beta tester for awhile until development seem to slow. In a few of the earlier builds, they had a feature called "Bufferzone Desktop" which to this day, was the only program able to enter and "EXIT" virtualization "Without a Reboot" and remove the changes! It was still buggy and i did not test it against malware but simply moving, adding, deleting files and folders and it worked. Exit the virtual state, and everything was back to the way it was. And it covered all partitions! :thumb:
     
  3. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Tabacco,

    BufferZone loads the sandbox programs initially terribly slow. I have removed all programs except Chromium from the untrusted list. All other internet facing programs run with limited rights. True the zone setting I can make sure mail programs are relatively safe (plus mail foders are in a deny execut SRP path). Because IE is running LUA and its process is protected by Trusteer, this risk is acceptably low (fo rnormal browsing with no startup delay).

    The nice thing is that with the 'run all new programs in BZ' policy, BZ provides system wide protection for new arrivals (like Comodo''s Safe Mode and its sandbox for unsigned aps), with this difference that this feature is blazing fast. Also the untrusted logo tag on downloads (simular to GeSWall) makes it really easy to deal with.

    So I am quite happy with BZ because of this feauture. Dodgy browsing I run Chromium as LUA, Chrromium has on top of that an internal policy sandbox for its tabs with BZ virtualising Chromium in the Sandboxie way. Although SBI is problably stronger the advantage of a tripple sandbox (LUA, Chrome's internal and BZ) will be as strong as SBIE with dropped rights.

    All in all it is a real discovery for me.

    I have not played with BZ snapshot functionality yet, it seems to provide the ability to travel with various states of the virtualised sessions. Have you got any experience with this feature?
     
    Last edited: May 4, 2010
  4. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    I took a quick look at it 3 months ago but lost interest when i saw the "Bufferzone Desktop" option had been removed :(

    Haven't played fully with it for a few years but if i remember correctly, programs could be installed in the Bufferzone and used/played with across unlimited reboots until they were uninstalled from the Bufferzone or the Bufferzone was emptied.
     
  5. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    come on kees, 40 bucks a year for 3 computers and no 64 bit. How is this justified over Sandboxie.
     
  6. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    As far as I understand it the one year is a subscription to updates. I changed the date two years in advance and my free give away of the day version kept working. Maybe Tabacco or other member can comment on this


    BufferZone strong points
    1. Easy to use application virtualisation, with a granular device protection (the ability to allow USB disk and deny USB sticks is and advantage for all people using external backup disks, like me)
    2. Passes the MRG key logger test
    3. Has Comodo Sandbox like ability to run new programs and scripts in Sandbox, even though the origin of this download is not a sandboxed program

    USP 3 is really powerfull, without any slowdown of your PC

    BufferZone on par features
    4. Easy to use build in FireWall for Untrusted
    5. Setting drectories as confidential
    6. Blocking programs in Sandbox to run
    7. Showing logo tag on sandboxed files/programs/

    Bufferzone different, but simular functionality
    7. Uses Snapshots to allow for sandbox content persistency
    8. Allows phisical/transparent access to the virtual store

    BufferZone weakness
    9. SLLLLLLLLLLLLLLLLLLLLLLLLLLLLOOOOOOOOOOOOOOOOOOOOOWWWWWWWWWWWWW initial startup of sandboxed applications


    Comments
    Slow startup (#9) was my reason to drop the freebie after trying, IMO protecting new executables/scripts of unsandboxed program (#3) is a major advantage over Sandboxie. The fact that this application sandbox is able to deal with keyloggers (in a GeSWall comparable way) is also a bonus over Sandboxie (see MRG test).

    Conclusion
    It is a sort of cross over of Comodo Sandbox (#3), SandBoxie (#1) and GeSWall (#2, #4 thru 7). Compared head to head on core aspects it might be less attractive, but when you want both Comodo Sandbox and Sandboxie alike functionality, it is a winner.

    I use Comodo like Sandbox protection for new applications and SBIE like Sandbox for Chromium only (IE8 runs LUA with Trusteer process protection). It provides the best of both sandbox worlds .

    Regards Kees
     
    Last edited: May 5, 2010
  7. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,736
    i had that BZ release too from giveaway.
    although it was the only box to ran Adobe programs flawless (photohsop aso. - sandboxie still cant).
    but i kicked it off cause it was annoying and not really usefull at least.
    parallel i had sandboxie.
    better is a virtual machine or something like Deep Freez, Returnil (<-- also no friend of mine).
    and after some weeks i found out that BZ writes ADS streams on my hdd
    http://en.wikipedia.org/wiki/Alternate_Data_Streams

    i also was set up from the bugs in that release - BZ released an update
    for several issues but the giveaway-license was denied.


    ADS are similar to root kits - and internet explorer stores ADS information
    for downloaded files too (execute a downloaded exe file and you get the prompt)
    that prompt is based on ADS - possible to turn off - or delete the ADS.

    tools to finde ADS
    AlternateStreamviewer
    RootRepeal
    GMER
    StreamArmor
    RootAlyzer
    StreamsViewer
    ...
     
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
  9. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Would BZ let me test-install a program that requires reboot during installation? That is, if I installed a program within the confines of BZ, would that program still be present and functional AFTER a reboot? If so, I am interested in BZ even at this high price.
     
  10. timestand

    timestand Former Poster

    Joined:
    May 7, 2010
    Posts:
    172
    Virtual Machine will work for your needs. And there are free ones too.
     
  11. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Hey Belly :)

    Give it a quick trial. That's the way it used to be a few years ago and don't know if it's changed. You had an add/remove list showing programs that were installed in the bufferzone. And they did remain there and functional after reboots.
     
  12. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Thanks to all who replied to my question. Kees has PM'd me as well.

    Isn't the Wilders ohana (family) wonderful!!:thumb:
     
  13. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    So, have you tried Bufferzone then and if so, what are your thoughts on it??
     
  14. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Free version does allows installs in bufferzone se pic
     

    Attached Files:

  15. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    My boy has installed BZ on his laptop and been running me through it - seems I have a free Pro license, just can't remember from where lol.

    Anyway, the last time I looked at BZ was a long time ago now, I'd been keeping my eye on it since it came out but it could have its problems.

    Well it seem to run nice and smooth now. No point going over features described above but BZ reminds me of Sandboxie come Greenborder come GeSWall and I think I could have second thoughts and use BZ.
     

    Attached Files:

    Last edited: Jun 8, 2010
  16. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I really like the latest version of BZ that I'm trialing. I particularly like the snapshot feature. It's sort of that extra little bit of protection, just in case.

    From what I gather, you can add any number of sites to the privacy zone as well, which isolates those sites even more from the system. I haven't tried it yet. I imagine you could load your regular surfing list and be that much safer.

    BZ barely slows down my computer. It's hardly noticeable - much better than the several year old version of bufferzone I used way back when.

    I think I'll be buying it before the trial period expires.

    *edit* I also like the feature that lets you lock files with a password. Nobody can open them without that password. I don't think there's any encryption, but it's a nice feature that will keep the average user out of your business.
     
    Last edited: Jun 9, 2010
  17. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Please, has anyone done any testing with malware and is there anything known that can circumvent its protection?
     
  18. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I don't test malware, but I did search for quite a while on various versions back to BZ 3.20 and found nothing about breaches of bufferzone security. My belief, though, is that nothing can be guaranteed absolutely safe.

    I think Bufferzone is at least as secure as Returnil or Shadowdefender. I have Shadowdefender on this computer but actually prefer this latest version of bufferzone. I'd guess anything from at least 3.20 up, which are incremental minor fixes, is good.
     
  19. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Are there any sandboxie users that have trialed and switched over to this freebieo_O ?

    At first reading, Bufferzone free looks restrictive but under the hood, not at all :thumb: Just wish the "Bufferzone Desktop" feature would of remained in this app!
     
  20. waters

    waters Registered Member

    Joined:
    Nov 8, 2004
    Posts:
    934
    yes,trialed and switched to paid version
     
  21. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Would you be willing to give us your thoughts/findings so far Waters o_O ?
     
  22. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    I'm interested in the pro version as well. Waters, give us an update if you can what made you switch. :)
     
  23. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Is there a way to have your FF browser always come up in the BZ even after you empty the BZ in the free version?

    thanks
    Ice
     
  24. waters

    waters Registered Member

    Joined:
    Nov 8, 2004
    Posts:
    934
    Downloads do not work.Review on utube said there was problems with downloading and that is correct.
     
  25. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I've had problems with some downloads and not others. I downloaded a PDF reader, moved it out of BZ, installed and it worked fine. I emptied the bufferzone prior to shut down and next day all trace was gone, including the download exe.

    Downloaded easeus todo, moved it out of BZ, installed and loaded it. Did the same as above. Next day all was okay. It's still there and working.

    I downloaded a PDF maker and it disappeared. I switched to firefox browser and removed Chrome, and firefox is still here.

    So, it seems to be just some software is affected on my computer.
     
Thread Status:
Not open for further replies.