Reluctant to use Sandboxie on my x64 machine

Discussion in 'sandboxing & virtualization' started by DBone, Sep 3, 2011.

Thread Status:
Not open for further replies.
  1. DBone

    DBone Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1,041
    Location:
    SoCal USA
    Hi all. I use SB on all of my x32 machines, in all flavors ( XP, Vista, 7 ). But I have yet to install it on my main x64 W7 machine due to the apparent "weakness" of SB & x64............Anybody care to change my mind?! :cool:
     
  2. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I will let you know in a week perhaps. I have the rest of my parts for a new build coming early next week, and will be using 16gb of ram, so will be using 7 ultimate x64. I am not fully pleased that a lot of my favorite applications are not x64, but I guess it is time to move on. I plan on using Sandboxie, so I am sure I will have something to say on the matter ;)

    Sul.
     
  3. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    Hi DBone

    Don't know if this will change your mind, but I've been using SB on W7 64 for over a year with Drop Rights enabled (default anyway) with no problems at all - but then maybe I've just been lucky.

    If you haven't checked it out, there's now also experimental protection, dealt with here.

    philby

    To Sully: thanks for all your help elsewhere!!
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    If you combine the experiment protection with drop rights it should still be quite strong.
     
  5. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    No issues here nothing has got out that I did not want to.That said advice from above posters and you should be just fine,besides sandboxie will become stronger with all the tweaking and fine tuning that Tzuk does.:thumb:
     
  6. wat0114

    wat0114 Guest

    For the few days I used sb with experimental 64 bit enabled on my Win7x64 setup, I didn't experience any "stability" issues to speak of, only a few issues sb related with regards to the way it handled forced folders for Google chrome as well as a couple other anomolies in the way it handled some configuration entries.
     
  7. chris1341

    chris1341 Guest

    Funny how views differ. I would never dream of running x64 without SBIE.

    The apparent weakness of HIPS type products on this platform, and having given up on blacklisters long ago, means I don't feel safe without the virtualisation and restriction SBIE can offer on 64 bit machines. I'm only on Home Premium so can't implement the safe admin type tweaks but SBIE effectively controls all the threat-gates, with proper configuration of course. The big issue I recall WAS (pre experimental protection) that programmes could communicate with other things etc outside of the sandbox without the required level of control by SBIE , but then they need to execute to do that so start/run is really useful here (unless deliberately testing unknown/untrusted apps of course) .

    As for experimental protection I've used since it was in beta on all browsers, mail clients, readers, media players, office apps and key forced folders without even the hint of a glitch.

    With or without experimental protection using drop rights, start/run restrictions and your usual sandbox set-ups and it will serve you very well on x64 too I would think.

    Cheers
     
    Last edited by a moderator: Sep 3, 2011
  8. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    Believe me, x64 experimental mode of Sandboxie is top-notch. I have played with countless (hundres upon hundres) of samples with x64 experimental mode on my Win 7 x64 OS. Not a single one have penetrated the defense and compromised my system. I don't use 'Drop Rights' for the malware testing sandbox either... so Sandboxie sure is one hell of an application!

    I highly recommend it for x64 systems.
     
  9. DBone

    DBone Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1,041
    Location:
    SoCal USA
    Alright, I'm getting the itch as you guys are pretty convincing!

    I have MSE (forget my sig) on W7 Home Premium x64 and only use Chrome. For those parameters, does anyone have an opinion on setup?
     
  10. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I certainly never had that much,but yea I had some rogues and samples running inside the box for a time with try icons in the task from the rogue and telling me I was infected. Once I closed the browser for Auto Deletions,it was like a magic show,now you see it now you dont.:D Now How many programs allow that much fun and still come out on top-clean.I honestly believe if something going to defeat Sandboxie its going to be something wicked nasty or a user mistake.
     
    Last edited: Sep 3, 2011
  11. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Chrome already has a sandbox, but Sandboxie's is stronger of course. Is that really all you have?
     
  12. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    That's the only way to test Sandboxie, thanks. It is a pity that malware testing organisations don't include Sandboxie in their tests especially MGR Effitas.
     
  13. DBone

    DBone Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1,041
    Location:
    SoCal USA
    lol Yep, it's my wife's machine and that's all she'll let me install.
     
  14. DBone

    DBone Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1,041
    Location:
    SoCal USA
    Well, I installed, then bought Sandboxie and I'm currently waiting for my license via email. It is running smooth, but I must confess that I haven't enabled the x64 experimental setting. The "warning" message about future W7 updates and system instability scared me off.

    What exactly am I missing by not activating this feature?
     
  15. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    You're missing a lot. Because without the Experimental Mode, you must run the sandboxes with Drop Rights. Meaning you cannot install some applications in sandboxes to test and see if they're malicious. Also, running Experimental Mode along with Drop Rights means you have even tighter security!

    I'm not going to tell you to enable Experimental Mode, that's the choice you'll have to make yourself. But the risk is minimal, although it's there, and I'd recommend you enable Experimental Mode. But again, you'll have to make the decision!
     
  16. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    If a problem occurs, just disable it in safe mode.
     
  17. DBone

    DBone Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1,041
    Location:
    SoCal USA
    Thanks everyone! Now I've got to teach her how to use it............o_O
     
Loading...
Thread Status:
Not open for further replies.