Cybergenic Shade-sandbox tool

Discussion in 'sandboxing & virtualization' started by co22, Oct 4, 2015.

  1. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    19,311
    I never uninstall SD. It's just whether I am shadowed or not. Hadn't thought about Appguard protecting SD. May try it
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    19,311
    Tried it an it didn't work.

    And with that lets end this non Shade discusssion. Any further questions or comments either need to be private or in another thread.
     
  3. Moving a program/shortcut into the 'console' does not seem to do anything. No key received, so ... regretting install, rolling back ....:thumbd:
     
  4. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,051
    Location:
    Europe then Asia
    Yep no keys received either.
     
  5. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,246
    Calm down, calm down, you could simply tell me to ask you this through private messages or on Unoffical Shadow Defender thread-it's not a big deal at all.
     
  6. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    19,311
    That wasn't aimed directly at you, but just a general lets get back on track.
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,883
    Location:
    The Netherlands
    Do Opera and Vivaldi work with Shade?
     
  8. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,624
    Location:
    Poland - Cracow
    Perhaps yes but I don't know if correctly...
     
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,883
    Location:
    The Netherlands
    Can you perhaps test it? BTW, I don't like the fact that you have to register to get a key. And I'm still waiting for an answer on my technical questions, where did the developers go?
     
  10. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,883
    Location:
    The Netherlands
    Wait a minute, I wonder who wrote the Wikpedia page about Shade, this is quite a bold thing to say, especially because in my opinion SBIE is way more advanced, but I might be wrong:

    "There is an evidence that Shade could be more effective against remote code execution exploits than Sandboxie and Comodo"

    https://en.wikipedia.org/wiki/Shade_sandbox
     
  11. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,051
    Location:
    Europe then Asia
    Yes and wait eons to get it. Guess The dev is MIA or overwhelmed by license requests :p
     
  12. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    4,519
    Location:
    Nicaragua
    The guy who wrote that statement is basing what he says in Cruelsisters video. But there is nothing in that video that proves the statement to be true. Sandboxie did exactly what is supposed to do when you are browsing in a sandbox were all programs are allowed to run and you encounter malware that runs calc.exe. I don't know about you Rasheed but I don't allow calc.exe to run in any sandbox.

    If I was browsing using any of my everyday browsing sandboxes and I encountered malware that used calc.exe to infect, the malware would not even run and instead I might get a SBIE message telling me that calc.exe is attempting to run. That message should be taken as a warning and the SBIE user should realize that something is wrong in the website.

    Bo
     
  13. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,051
    Location:
    Europe then Asia
    Surely inspired by Cruelsister comment:



    Calc is just used for the test as dummy , it is the principle that is interesting.

    But the lack of support from the devs of a newborn soft is worrying...

     
  14. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    4,519
    Location:
    Nicaragua
    The point is that in a Start Run restricted sandbox were only firefox.exe is allowed to run, not even malware that uses the name firefox.exe would be allowed to run by Sandboxies restrictions. And if it runs as it does in a default settings sandbox as shown in the video, the malware is gone when the sandbox gets deleted.

    Bo
     
  15. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,051
    Location:
    Europe then Asia
    Of course, you are right , and i also setup Sbie in the same way, but not many (like us) will go through the help file and bother using Sbie at full potential.

    So if Shade can really prevent such issues, good for the users.
     
    Last edited: Oct 28, 2015
  16. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    4,519
    Location:
    Nicaragua
  17. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,051
    Location:
    Europe then Asia
    Ok Bo.
     
  18. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,624
    Location:
    Poland - Cracow
    OK...I'll try to do it in next few days.
     
  19. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,206
    Location:
    USA
    Can this be installed alongside MBAE?
     
  20. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,624
    Location:
    Poland - Cracow
    Unfortunately my first impression from post #30 are still valid...I'm just disapointed. Additionaly I wonder what was changed in Sahde that the installation file is currently ca 10 MB heavier than previous - (14239 KB/24937 KB)...and no way to find some list of changes.
     
  21. Mister X

    Mister X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    2,941
    Location:
    Mexico
    Bad beginning to Cybergenic Shade. Thought it could be a really good competitor vs Sandboxie.
     
  22. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,883
    Location:
    The Netherlands
    Yes I agree. IMO it doesn't even have to become a true competitor because SBIE is hard to beat, but if it's only 80% as good then it would already be a winner. But I have a feeling they want to make Shade into a sandbox for "dummies" only geared to sandboxing browsers. There's nothing wrong with that, but so far it's not looking good.
     
  23. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,883
    Location:
    The Netherlands
    OK I see, so apparently Shade blocks other processes by default? But yes, SBIE is not focused on blocking execution, it's all about containment, but if you want to, you can still block other apps, like you said. Personally I used EXE Radar for that, or you can combine SBIE with anti-exploit like HMPA and MBAE.
     
  24. Ilya

    Ilya Registered Member

    Joined:
    Oct 7, 2015
    Posts:
    15
    @ichito and other folks :)
    Sorry to hear about your problems with speed on vista. We actually didn't do much testing on vista - mostly on XP , win 7 and win 10 . We are working on optimizations. Concerning size changes - Shade is packed by VMProtect software , and sometimes changes in protection settings could affect binary module size. Last update contains some optimizations for multicore processors , and IO queue processing for windows 7 and 10. And we also protected virtual folders so that unsandboxed application is no longer allowed to run executables from that folder.
    There was [wrong] assumption on this forum, that Shade blocks all child processes of sandboxed apps. That's wrong. You can check it easily, by, say, sandboxing Far Manager (Eugene's favorite file manager :) ) and then run, say, calc from within it.
    Or, you could download something with browser, say, firefox and double click on downloaded executable so as to run it. You'll see it running sandboxed.
    Actually, we have sophisticated algorithms to prevent data execution - that's why calc.exe didn't run in cruelsister video :) We don't block all processes.
     
  25. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,883
    Location:
    The Netherlands
    OK I see, sounds interesting. I think you should focus on making it possible to sandbox the most vulnerable apps.
     
Loading...