Sandboxie and Returnil

Discussion in 'sandboxing & virtualization' started by Boost, May 11, 2008.

Thread Status:
Not open for further replies.
  1. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    With Returnil only,it would'nt stop spyware or keyloggers from sending out to the bad guys,so Sandboxie would be a better solution. ;)

    But admit with his security and regular scanning chances that his system is compromised are neglectable.
     
    Last edited: May 12, 2008
  2. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    That's what the security-software should protect. With limited surfing, Sandboxie would get less use. I like both products and not favoring one over the other. With the scenario mentioned by the poster, I was just pointing out benefits of Returnil. Surfing with Sandboxie and installing apps. in it's sandbox is great for me, but Returnil has "shelved" it.
     
  3. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    Yes,and one thing not mentioned with Returnil active , protection if user screw up the OS,just a simple reboot and your back in business !! :D
     
  4. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    Exactly. With the scheduler, Windows is protected from me. (...and my teenagers!)
     
  5. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I screw up my system partition often due to my experiments. In the past this was a nightmare and a waste of time. Not anymore, a simple reboot and I'm back as nothing happened.
    I have now a computer that cleans and repairs itself automatically during reboot, the dream of all average users.
     
  6. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    I learned Windows like a mechanic learns engines. Take it apart and see how it works, then put it back together and make it work again, perhaps better. I wish I had the mechanics advantage of a teacher during my "learning-phase." On the bright side I learned reformatting quickly. I screwed up Windows more than enough times over the course of a few years, and then by accident discovered Wilders, my first learning tool. Without Wilders I probably would still be tinkering in 98SE with no clue of SandboxIE or Returnil. Finally I have something (Returnil) to protect my pc from me so I can learn of the rest.
    My original point being, that with limited surfing I just don't find SBIE as important for my needs as Returnil is. That is why I answered the OP as I did....
     
  7. Matern

    Matern Registered Member

    Joined:
    Nov 20, 2007
    Posts:
    102
    I think the combination of Returnil and a Sandbox give us a additional layer of Protection against Exploits and Malware that no System Konfiguration can give us (LUA +UAC), because Nobody knows what is coming in the future.
    With this combi we have a good chance to block it.
    No Software is Perfect and if one failed, maybe the second layer block it, with no chance to reach our Harddrives and that without Signatures and Databases and every Day uptodate to protect us.
     
  8. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    I will put Eset and/or Avira and Sandboxie up against that combo. I like Returnil but it still, has a issue with committing large changes to files. My daughter can wear Sims out and on a commit it hangs. So much so I asked for a refund. I still say a good AV like the 2 mentioned and Sandboxie will get you about 98 percent protection with little OS impact.
     
  9. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,294
    I'm using Antivir along with a sandboxed Firefox browser.

    I'm assuming Sandboxie is setup correctly as I've got a icon on the desktop that says "Sandboxed Web Browser"
     
  10. Matern

    Matern Registered Member

    Joined:
    Nov 20, 2007
    Posts:
    102
    The only problem with committing large files I have is after running my Defrag inside Returnil, than it hangs.
    Maybe the Disk cache is only to small, because a Defrag move a lot of Data, next time I make it bigger and test it again.
    Now I running my Defrag from time to time outside Returnil.
     
  11. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Coldmoon and I started working on this about 11 oclock last night. What he asked me to do in the short version is to double the disk cache of what my daughters Sims games require. So I basically have a 10 gig disk cache. So far so good. She will putting through the ringer later today. Coldmoon, I have never seen anyone from support actually take the time to walk someone through a fix like you did last night. Returnil is fastly becoming a leader in many areas.:thumb:
     
  12. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    Maybe i'm mistaken but always thought with respect to Returnil that a reboot just drops the layer,so there is no repair or cleaning,just a vanishing layer at reboot.I like to dream a little further by realising at one time the ultimate in ISR in which virtual layers are saved after reboots,wish it would happen soon,...perhaps Returnil ? o_O
     
  13. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    With the paid version of Returnil you can commit any changes to disc before your reboot. I run Returnil along with Defensewall along with whatever flavour of the day of an AV I am using but Returnil and Defensewall are constants in my setup.
     
  14. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I'm not sure what you mean that Returnil doesn't clean or repair.
    If Returnil = ON and I delete Firefox + Thunderbird in my system partition, I can't browse and email anymore.
    If I reboot Firefox + Thunderbird will be back and work properly. I call that a repair.
    I never tested this myself, but I assume that Returnil-users already tried this.

    You are right about keeping more than one virtual layer, because Returnil remembers only ONE virtual layer : the previous layer and that is of course a serious restriction.
    Once you go from frozen mode to thawed mode and back to frozen mode, your previous layer is changed and that makes it very difficult to use Returnil as a cleaning tool, like I do.
    The only way to get more than one layer in Returnil is using Image Backup, but that is inconvenient and not ISR anymore. What is inconvenient will not be used in practice or much less in practice.
    That is the reason why I keep on using FDISR, because I have archives to store as many layers I want, but those are of course not VIRTUAL layers, they are REAL layers. I don't see much difference between virtual and real layers.
    Returnil must use a virtual layer, because that's the way it works to restore your system partition.
     
    Last edited: May 14, 2008
  15. tradetime

    tradetime Registered Member

    Joined:
    Oct 24, 2006
    Posts:
    1,000
    Location:
    UK
    What he probably means, to use your example, is that you don't actually delete Firefox + Thunderbird, Returnil simply intercepts the delete command and projects it into it's virtual world letting you think you deleted it, upon reboot it discards the virtual and things are revealed again.
     
  16. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    Simply there is no repair or fix or whatever,virtual stuff is not your real stuff,so what you delete or create or change in the virtual layer has zero bit impact on the real,throw away your layer and the real untouched system is revealed ! :)
     
  17. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    Returnil remembers nothing not even one,saying that in the light of keeping virtual changes !!:D
     
  18. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Does that really matter ? The final result is the same, unfortunately the possibilities aren't the same.
    Returnil can't handle reboot-softwares either, so it's not even a full boot-to-restore solution.
     
    Last edited: May 14, 2008
  19. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    As said earlier......if Returnil will get this option (changes saved after reboot) it will go from Good to GREAT ! So if it ''remember'' just only ONE virtual session it will be a breakthrough in these light virtualisation area.
    With SBIE its possible to install stuff in a Sandbox and stay there fully functional throughout reboots,admit not everything works though but app. without the need to install drivers are mostly good to go.
     
  20. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Sorry, but I don't like fifty/fifty-solutions, that's not my way to solve problems. :)
     
  21. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    Me either,but the comb. Returnil/SBIE with protection against user errors,protection against malware and providing a testbed for testing applications and/or malware is something almost equal to VMWare,VirtualBox etc.The ability of making snapshots and reverting back and forth between them,and also their portability and instal different OS's is something exlusive for these ''total virtual solutions'' and for the average user to difficult or not needed for their needs.

    50/50 solution Hmmm....i don't know,maybe cripled at best but at least it works me ! ;)
     
  22. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I think we better quit this discussion, because this is going nowhere, our principles are too different. :)
     
  23. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    A discussion ? I told something about the convenience of Returnil/SBIE combo,but your arguments against it are very vague at best,so it was not a discussion at all. ;)
     
  24. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Returnil is a boot to restore. The reality is they are both different in many ways. I think both compliment a AV or HIPS product. For me, Avira and Returnil have proven to work, for others it may be Sandboxie and Panda. You have to try them. I know on my laptop where saving is not a issue, the free version of Returnil installed in memory is kick ass in speed. Every week I use a online scanner. For my main, Eset or Avira work great with it.

    I have had issues with Returnil in the past and hastily bailed instead of giving Coldmoon a shot to resolve my issues.
     
    Last edited: May 14, 2008
  25. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Trjam....I can't believe you would ever change your setup. :eek:

    Seriously though, the boot to restore is what I love about Returnil. Not only for security use, but I can try apps or make system changes while I got Returnil turned on and if I like them I can reboot and do them for real or if I don't I can reboot and be rid of them. And for security the advantages are obvious. With the paid version I can save files to the real disc before I reboot. So to sum it up, I am a happy Returnil user.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.