Sandboxie and Returnil

I go the extra mile seeing as we have multiple backup protections available for us now.

I can now continue to use my trustworthy (Genuine) FD-ISR along with Returnil & SandboxIE and NOTHING whatsover at all can climb that barbed-wired fence of security. Throw in AE, or even a HIPS like EQS, and you're all but 100% sealed against any forced intrusions.

EASTER

 

I guess it comes at a cost ?
I mean security wise.
How about the registry ?
Driverfolder ?
System files ?

If you can select them to be protected,you can also choose to be not protected.
What are the chances of compromising your system ?
IMHO with the new package,users are now dependant on a thorough understanding of the OS. [what to select].

 

no, Coldmoon may make it sound intimidating but it isnt. People are going to love it. Returnil keeps getting better and better. And Erik, put a 100 members in a hat here and see how many really care about the ability to test on reboot and not loose changes? Give me strong security, testing has done nothing more then cost me money.

 

I guess a remarkable number of members here like to test new softwares before they install it definitive,without bothering with stuff like VMWare or VirtualBox and the like.

 

all I am saying is, I dont haxe to test, let the others do it then read their reviews.

 

Again Greetings Huupi

I detest & dismiss Virual machines like VMWare & V-Box for real world and results from used Hard drives. I want malware or any other program to produce 100% exacting results in a true O/S environment and IMO where leaves no room whatsover for mistakes or clever evasions. I prefer to review actual real results without need for boxing them into some confinement chamber so as to determine a true trace thru real systems.

A used HD in my opnion is the perfect platform for such an experiement as opposed to VM's IMO.

EASTER

 

I'm just trying to get an objective picture of Returnil : its functions, its possibilities and above all its limits without the emotional feelings for Returnil. 100 opinions won't make a difference to me.
If somebody writes "I'm a happy user", that doesn't tell me anything, I would like to know why Returnil makes him happy and what doesn't make him happy.

 

Why not I'll give it a shot

 

I totally understand and respect your thoughts and maybe one day this will happen again. What is important to one, isnt to another and so on. The reality is it will always be that way because in every basket of eggs, each one has a different yolk.

 

At the current moment and to stay with the OP,Sandboxie with Returnil is a nice combo.

a) protection against malware.
b) protection against YOU,user faults.
c) providing a testbed for which require a reboot (Sandboxie),Returnil off.
d) in my experience if virtualised,everything goes smoother and faster.

 

Using Sandboxie to test software ? I don't think this a complete solution either.
According my readings Sandboxie fails when a software tries to install a driver or a service, just like Returnil fails when you try to test a reboot-software.

Returnil is a recovery software, while Sandboxie is a security software, that isolates good and bad objects.
So Sandboxie can be used in any kind of system partition, frozen or normal, but Sandboxie is certainly more convenient in a frozen system, because it doesn't require any daily update.

 

Thats correct,but many softwares work just fine,including heavy games,as long as there's no need to install a driver,and yes in a way it's cripled.

Others more complete are in your case '' FDISR solution '' the setup you explained many times here. Or just like Easter does,using his many cheap second hand drives,for testing his exotic malware Zoo and reformat if needed.

Otherwise you have to rely on VM solutions,which are inherently more difficult stuff to grasp and handle [steep learning curve,at least for me],but if you really test that much they come in handy.

 

Frankly, I didn't know you can test softwares in Sandboxie, while I was using it months ago. I never used Sandboxie for that purpose. I knew this much later.
Next time, when I install Sandboxie back on my computer, I will try this to see how it works.

 

The File Protection blocks changes. If you enable protection for an entire drive for example, you will be able to open sub-folders and see all the files but you will not be able to open any of the files or alter them until you deactivate protection for that drive...

We have not yet decided what will be included in the Personal Edition other than the fact that the current feature set will not be reduced. This is usually decided during the final stages of the Public testing after we have sufficient evidence of stability in new features and have settled on the final feature set for the Premium Edition release version.

I hope you have noticed the trend we are following as far as features and improvements in the Personal Edition. Each new version release has included upgrades that originally appeared in the Premium (or in the past, Business) Edition and we plan to continue with this in the 2.01 series.

Mike

 

Agree, this is only going to get more interesting as time goes by.

 

Something I just tried tonight,According to returnil one of the added benefits of the premium is the option of scheduled protection times ON/OFF.I have the free version so I never tried it until now. It worked perfect In the protection On Not sure about off yet. (Edit) Ok nevermind Is included In the free,must be not seeing things that are there, that I am seeing know.

 

For me this combo is the ultimate in protection, I have been using it now for over a year and am gradually shedding all other protection, still like an on demand virus scanner to check, also SAS on demand, but with Returnil and sandboxie I know I'm not going to find anything.

 

The reason why scanners can't find anything is Returnil, not your security softwares.
Returnil = ON means "no change" = "no malware". It takes awhile to believe and accept this of course.

 

Have just tried Sandboxie within Returnil. Very nice. Apparently if an
application requires the Windows Installer service, SBIE will warn and ask
the user to run the Windows Installer Service sandboxed.

Does this mean that it is possible to sandbox install all progs. that use the
Windows Installer irrespective of whether drivers are installed ? Also,
how do I sandbox the Installer Service ?

Regards

 

Very nice, but not always very nice. Sandboxie is not a general solution for testing softwares and that counts for Returnil also. Regarding Returnil I'm sure, regarding Sandboxie, I depend on my readings.