Reluctant to use Sandboxie on my x64 machine

Hi all. I use SB on all of my x32 machines, in all flavors ( XP, Vista, 7 ). But I have yet to install it on my main x64 W7 machine due to the apparent "weakness" of SB & x64............Anybody care to change my mind?!

 

I will let you know in a week perhaps. I have the rest of my parts for a new build coming early next week, and will be using 16gb of ram, so will be using 7 ultimate x64. I am not fully pleased that a lot of my favorite applications are not x64, but I guess it is time to move on. I plan on using Sandboxie, so I am sure I will have something to say on the matter

Sul.

 

Hi DBone

Don't know if this will change your mind, but I've been using SB on W7 64 for over a year with Drop Rights enabled (default anyway) with no problems at all - but then maybe I've just been lucky.

If you haven't checked it out, there's now also experimental protection, dealt with here.

philby

To Sully: thanks for all your help elsewhere!!

 

If you combine the experiment protection with drop rights it should still be quite strong.

 

No issues here nothing has got out that I did not want to.That said advice from above posters and you should be just fine,besides sandboxie will become stronger with all the tweaking and fine tuning that Tzuk does.

 

For the few days I used sb with experimental 64 bit enabled on my Win7x64 setup, I didn't experience any "stability" issues to speak of, only a few issues sb related with regards to the way it handled forced folders for Google chrome as well as a couple other anomolies in the way it handled some configuration entries.

 

Funny how views differ. I would never dream of running x64 without SBIE.

The apparent weakness of HIPS type products on this platform, and having given up on blacklisters long ago, means I don't feel safe without the virtualisation and restriction SBIE can offer on 64 bit machines. I'm only on Home Premium so can't implement the safe admin type tweaks but SBIE effectively controls all the threat-gates, with proper configuration of course. The big issue I recall WAS (pre experimental protection) that programmes could communicate with other things etc outside of the sandbox without the required level of control by SBIE , but then they need to execute to do that so start/run is really useful here (unless deliberately testing unknown/untrusted apps of course) .

As for experimental protection I've used since it was in beta on all browsers, mail clients, readers, media players, office apps and key forced folders without even the hint of a glitch.

With or without experimental protection using drop rights, start/run restrictions and your usual sandbox set-ups and it will serve you very well on x64 too I would think.

Cheers

 

Believe me, x64 experimental mode of Sandboxie is top-notch. I have played with countless (hundres upon hundres) of samples with x64 experimental mode on my Win 7 x64 OS. Not a single one have penetrated the defense and compromised my system. I don't use 'Drop Rights' for the malware testing sandbox either... so Sandboxie sure is one hell of an application!

I highly recommend it for x64 systems.

 

Alright, I'm getting the itch as you guys are pretty convincing!

I have MSE (forget my sig) on W7 Home Premium x64 and only use Chrome. For those parameters, does anyone have an opinion on setup?

 

I certainly never had that much,but yea I had some rogues and samples running inside the box for a time with try icons in the task from the rogue and telling me I was infected. Once I closed the browser for Auto Deletions,it was like a magic show,now you see it now you dont. Now How many programs allow that much fun and still come out on top-clean.I honestly believe if something going to defeat Sandboxie its going to be something wicked nasty or a user mistake.

 

Chrome already has a sandbox, but Sandboxie's is stronger of course. Is that really all you have?

 

That's the only way to test Sandboxie, thanks. It is a pity that malware testing organisations don't include Sandboxie in their tests especially MGR Effitas.

 

lol Yep, it's my wife's machine and that's all she'll let me install.

 

Well, I installed, then bought Sandboxie and I'm currently waiting for my license via email. It is running smooth, but I must confess that I haven't enabled the x64 experimental setting. The "warning" message about future W7 updates and system instability scared me off.

What exactly am I missing by not activating this feature?

 

You're missing a lot. Because without the Experimental Mode, you must run the sandboxes with Drop Rights. Meaning you cannot install some applications in sandboxes to test and see if they're malicious. Also, running Experimental Mode along with Drop Rights means you have even tighter security!

I'm not going to tell you to enable Experimental Mode, that's the choice you'll have to make yourself. But the risk is minimal, although it's there, and I'd recommend you enable Experimental Mode. But again, you'll have to make the decision!

 

If a problem occurs, just disable it in safe mode.

 

Thanks everyone! Now I've got to teach her how to use it............