I tried it this morning and could not figure out how to sandbox Edge. Directions say drag desktop shortcut into program. I have no shortcut for Edge. It resides in the tray and not as a shortcut. Was the only video on their web site created by cruelsister or was it just her quotes?
@boredog Edge cannot be isolated (yet), it runs at Appcontainer level which i one integrity level deeper than any sandboxing apps. so in term of security even if you can , it would be pointless.
Thanks guest Didn't know that about Edge. I thought something was strange because I was able to put IE in there but when I added AVG, AVG stopped working.
Appcontainer is the Windows8/10 sandboxing capability, every Metro Apps use it. To explain very very simply, when those apps are created, the dev allow some areas of the system to be accessible so the apps can do its job while restricting access to others. you can see the appcontainer integrity level (IL) by using Process Explorer and selecting the "integrity" column; then launching edge or any metro apps. for example in my screenshot below: - Edge has its IL as Appcontainer - Firefox in sandboxie has its IL as "Untrusted"
That applies only to UWP apps. In that case, a virtualization sandbox is redundant because Windows 8 and 10 already have one for those apps. If you're still running 32 bit desktop apps, Cybernetic Shade or Sandboxie will give you an extra layer of protection for them.
No details...no changelog...but in fact it looks that I've downloaded v 1.7 Some info on Neowin https://www.neowin.net/news/shade-sandbox-17
What I don't like is that there is no technical info about the way that sandboxing is implemented. Is it purely about virtualization of the file system and registry, or do processes also run with low/untrusted integrity, that kind of stuff. And what about interprocess communications? https://msdn.microsoft.com/en-us/library/windows/desktop/aa365574(v=vs.85).aspx
I love and need technical details so I expect them from any software firm. Publicly available like Sandboxie's. Non-technical target audience just turn the page to skip such details, done.
That's the thing, I don't do malware testing. But I did receive some info via PM that makes me believe that Shade is more advanced than I thought. Have you tested it lately? How does it compare with Sandboxie on a technical level?
Rasheed- looks like I spoke too soon before. As I'm on the road I don't have my malware zoo with me, nor do I feel like coding. But from the probes I utilized to test Shade the results were far from optimal with this new version. As examples, looks like a Service can be created by an application run from within the sandbox, and even worse it seems that a sandboxed process can both fork and autostart a legit Windows file. Needless to say this would have to be confirmed by actual malware/applicatiions, but I'm fairly certain this is the case.