SafeSpace Is The Bees Knees

Hi All

I tried SafeSpace when it first came out, my first impressions were, circa 100mb download, no thank you. To be fair 90 mb of this is the.NET2 download which Windows XP does not include. Vista does.

I sort of lapsed in and out of SafeSpace and Sandboxie in the period up to now.

Having spent considerable time with SafeSpace I advance my views of SafeSpace.

The Good

1) A very attractive relatively simple interface. Once you understand the terminology simple to use. More or less set & forget. I think not for fiddlers or technophobes.

2) Not Just sandbox virtualisation but also incorporates upto date keylogger protection (I can confirm this from personal experience)

3) Low rights protection similar to DropMyRights, all in one package

4) The best support I have experienced from any software outfit - ever, paid or unpaid. In short fantastic. Kris is the best advert for this product. One to one emails within minutes.

No I am NOT A COMPANY EMPLOYEE NOR AN INVESTOR NOR DO I HAVE ANY PECUNIARY INTEREST WHATSOEVER other than I say what I believe about any product good or bad.

5) Its FREE!!! (For Now)

The Not So Good

1) A very slight slowdown in performance when virtualised relative to other products.

2) Forgetting .NET 2, the download @ 10mb is hefty (compared with Sandboxie) but look at the user interface!

3) It is not possible to clear the sandbox automatically when say Opera closes. It has to be done manually. This will be addressed in future releases I understand.

4) You can only give Full Control on a folder basis. The impact of this means that if you want Firefox Bookmarks to be retained in your real folders you have to "expose" the whole of Firefox Profile, which is not entirely secure. Again this will be addressed in future releases.

Overall. it is a very rounded product with a high level of protection and compatibility with KeyScrambler,apart from KeyLogger Protection in its own right. I have overcome all my reservations and I am now using it as my mainstream Browser/email protectionsoftware

Terry

 

Yep, been using it now since the last release a couple of weeks ago and I love it. I'm actually using it instead of SandboxIE at the moment. Slight slowdown at times, but I can live with that. I'm looking forward to future releases and improvements, but yes, this seems a great program.

 

Does it protect other partitions also, like a partition dedicated to your personal data ?

 

I agree, it does seem to be a quite powerful product which gives you good protection against malware trying to infect your "real" machine. The protection against keyloggers is a nice extra.

But the problem for me is the overhead, it feels too heavy, even when no other realtime security tools are running. Sandboxie feels lighter, but still, I also don´t use it as a realtime protection tool because it delays the startup time of apps, even when it´s only seconds, it´s very annoying to me.

But these sandbox HIPS tools are the future, there´s no doubt about that. To me, the ideal HIPS would be a mix between sandbox HIPS and a behavioral blocker. What if you could run a tool in the sandbox and could see exactly what it´s trying to do (what is blocked)? Currently, you will have to run tools on your real machine before the behavioral blocker steps in, this is a bit risky.

 

No, ErikAlbert, not in the way that PowerShadow does (that I am aware of, anyway). You can select folders and files to protect in different ways by making them read only, virtual or completely private.

It reminds me of DefenseWall a little, but you need to configure SafeSpace a bit more. Personally, I really like it and it 'feels' very secure. I've read some posts here with users testing it against keyloggers, etc, and it seems to cope well.

 

OK. Thanks. Sandboxie (sandboxed) and DefenseWall (untrusted) can protect another partition and both passed Peter's destructive tests. Locking harddisks doesn't seem to be very reliable.
Well, I still have room for one more security software, maybe SafeSpace is the one, if it is able to stop the execution of malware.

 

Hi ErikAlbert.

By default, SafeSpace treats all folders on all partitions as private, so no matter where you store your personal data files, isolated applications will not be allowed to read them.

SafeSpace can easily be configured to allow limited, full or virtual access to specific folders.

Best regards,

Kris.

Artificial Dynamics.

 

So "no reading", does that also means "no writing" and "no stealing" ?

 

'Private' means that private files cannot be read, modified, copied, deleted or moved, so no stealing.

'Read only' means that private files can be read and copied, but not modified, moved or deleted.

Sandboxed applications are still able to create *new* files in these area's, and these files are highlighted with a red border - we call them 'tracked' files.

Tracked files can only open back inside SafeSpace, as the contents are untrusted. Tracked files cannot be opened by an unsandboxed application.

This protection can be removed if you are happy that the file is trustworthy, by right clicking it and deselecting 'Enable SafeSpace Protection'.

The benefit of all this is that you can continue to download/save files and documents to the same place you always have, whilst keeping the secure segregation between untrusted files from the internet and files you want to keep safe.

Best regards,

Kris.

 

Kris,

Along these lines, how do we go about updating plugins like Adobe Flash? At the moment on my Vista 32 bit system the flash installation fails because it cannot write to subfolders inside C:\Windows (the browser is NOT running in SafeSpace). On the SafeSpace console privacy tab the Windows folder (and all subfolders) are "Virtual and Locked". Is this what is preventing the Flash installation? If so how do we work around it?

Victek123

 

Hi Victek.

The only behaviour control SafeSpace enforces on native applications is stopping them from opening tagged files. Considering your issue is in C:\Windows (which is virtualized, and so won't have any tagged files), this is not relevant.

Do you have UAC enabled? Installations should elevate, but maybe it is not being triggered. Also, Vista runs IE in protected mode by default, which uses built-in integrity levels to limit where it can write to. Again, this *should* elevate during an install, but it may not be. Try running Internet Explorer in Admin mode to see if this resolves your issue.

For the record, the 'Locked' status in the SafeSpace configuration only means that those settings cannot be removed in the console, as they are critical to application stability.

If you have no luck with my suggestion, please contact me at support@artificialdynamics.com and we can investigate it further.

Best regards,

Kris.

 

Thanks for the suggestions. Running IE as Administrator and outside of SS did the trick.

 

Btw, I have a question, right now SafeSpace is clearly meant as an "anti zero day" app, protecting vulnerable tools from attacks, but is it possible to make it more like Sandboxie? So that we will actually be able to install tools in the sandbox?

 

Same question.

 

Does SafeSpace need to be rebooted or is it like Sandboxie which does not need rebooting?

Thanks,
Acadia

 

Hi Acadia.

If you are referring to installation, SafeSpace requires a reboot.
If you are referring to cleaning the sandbox, then SafeSpace does not need a reboot.

Best regards,

Kris.

 

Tidyup, thank you.

Acadia

 

I´ve checked out the latest version of SS and was a bit disappointed. Would be nice if the GUI remembered its window size, and if you could turn the annoying border off. Why not just put some icon or some symbol in the titlebar like (GeSwall/Sandboxie)? But worst of all, it takes about 15 seconds to load the main GUI, completely unacceptable! What I did like was the quick startup time of sandboxed apps, it seems to be quicker than Sandboxie.

No answer means, it´s not going to happen, or perhaps it will be a surprise?

I still don´t know what "Bees Knees" means.

 

To Rasheed 187

"Bees Knees" An expression common in the UK to "silver surfers". I would have thought from the tone of my original post you could have hazarded a reasonable guess as to its meaning. However....

ITS GREAT

Terry

 

Yes of course, I knew it was something positive, I´m not that stupid.

 

Actually I thought you meant Safe Space was the Ants Pants

 

I'm not totally clear about the commands with Safespace.

When I download something that comes from an isolated web browser, that software is also isloated. If I extract the archive, where does the file go?

How do I save something from being purged but would also have restricted rights?

 

When you download a file in SafeSpace the file will be stored in your default location. It will not disappear when you purge the virtual space. However, the file by default will be protected by SafeSpace. When you run or open the file SafeSpace will virtualize the environment that the file runs in. For instance, if you have a PDF that is being protected by SS then when you open it the copy of Acrobat Reader will also be protected by SS. AFAIK SS doesn't support installing applications in virtual space, though. For that you need something like MS Virtual PC2007. When you want to install an application that was downloaded by a browser in SafeSpace you need to remove SafeSpace protection from the executable first (of course you want to make sure the file is free of malware). Hope this helps.

 

Good to see another Safespace user here. I am a regular user of Sandboxie and look forward to trying this new software.

If I download a .rar archive using Firefox that is protected by Safespace, the file will go where I normally send downloaded files. However, when I extract the .rar archive, the resulting file doesn't appear in the same place. In fact, I can't find the extracted file anywhere. The same thing happens in Sandboxie. However, I do know that Sandboxie stores its virtualized files in
c:\sandbox so that isn't a problem in finding things. Sandboxie also has an option to "explore contents" in the sandbox. The majority of files I download are in .rar archive so this is a important factor for me to consider.

 

The more simple way to deal with compressed files in Sandboxie is to save the file (I always use the desktop), then unzip it. My first couple downloads of compressed files disappeared until I realized this was easier.