Discussion in 'other anti-malware software' started by ocsi, Jan 13, 2012.
What say about this comparation:
Sandboxie 3.62 vs Sandboxie of CIS 5.9?
1st rich toolbox
2nd poor as usual as all
No comparison. Sandboxie is far superior to the sandbox in CIS. CIS isn't a true sandbox. Its more of a policy restriction. Sandboxie can be configured a lot more and has no options to lock it down.
CIS is absolutely a "True" sandbox.
1) The manual sandbox uses virtualization and restrictions.
2) The automatic uses restrictions, which still makes it a sandbox.
Sandboxie is much more configurable as you can define exactly what file access etc it can follow. CIS is much less configurable but still works very well and is free.
For me, the major drawback of CIS sandbox is that you can't move anything outside of it, like a downloaded file in a sandboxed browser. We'll just have to wait for CIS 6.0 to have a fully functional one .
No CIS does not virtualize. That's why the current Ver 6 is getting a lot of attention because its going to include virtualization. It currently only uses restrictions. A true sandbox, one that most folks are used to, includes virtualization. Even geswall which is a policy restriction software, is toted as Sandbox-like.
Straight from wikipedia:
"The sandbox typically provides a tightly-controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted. In this sense, sandboxes are a specific example of virtualization.
CIS may have sandbox-like restrictions but it does not vistualize the system like a true sandbox.
Yes you can and here is how: 1) Enable to view hidden files and folders; 2) Go to the C drive and copy the virtualroot folder; 3) Paste a shortcut of that folder anywhere convenient to you; and 4) browse to directory within the virtualroot folder where you downloaded the file; and finally 5) move the downloaded file to your own desired location.
Yes it does, at least sort of. CIS provides both file system and registry virtualization. Please 1) click on the D+ tab and 2) click on D+ settings; 3) click on sandbox settings and finally 4) select to enable both file system and registry virtualization.
It's already been established time and time again on Wilders that sandboxes do not need virtualization and can simply be file access restraints etc. See: Jail - or any other part of that wikipedia page that lists the ways you can sandbox.
And yes, CIS does virtualize. The manual sandbox fully virtualizes the file system and registry. The autosandbox does not.
No it actually doesn't. I doesn't fully virtualize. I'm aware what it says but its not a full virtual enviroment.
Taken from comodo forum:
"man cis v6 just seems more and more promising.
we are slowly getting info on the new features.
local bahavior blocker
Quote from: Melih on November 02, 2011, 08:27:01 AM
Our local Behaviour Blocker is working already on Egemen's machine Smiley...He has built an amazing Architecture for a very flexible and powerful Behaviour blocker
full virtualization of sandbox
Quote from: egemen on April 27, 2011, 10:27:54 PM
The proper solution is the active file system virtualization of *SOME* automatically sandboxed applications by default. Yes, we are right now working on this kind of a ideal automatic sandbox which is going to be in CIS 6
Quote from: egemen on April 28, 2011, 11:37:57 AM
We are making the necessary changes so that everything will be able to be virtualized by default while the users wont be confused with their downloads and program installations etc.
eah I know we've been over this. A true sandbox is considered virtual. Other than that its a restriction sandbox. How about you get off your soap box and use the proper terminology.
I guess Chrome isn't really in a Sandbox. I guess IE isn't really in a sandbox. I guess the Java VM isn't really a sandbox. I guess a Jail isn't a sandbox. I guess Virtual Machines aren't sandboxes. I guess AppArmor and SELinux aren't sandboxes.
Glad I learned all of the people who have been calling these things Sandboxes were wrong.
And, again, the manual sandbox fully virtualizes the application and what you quoted is referring to the automatic sandbox.
Then Why would they (comodo development team) be adding FULL vistualization for CIS ver 6? I guess they're wasting time adding features that are already there.
I don't use COMODO, but from what I understand by others that use it (you use too, but there seems to be some misinformation going here ) is that, it has full virtualization, but only when used manually. There's no automatic process for virtualization; something COMODO will be adding for version 6?
COMODO says this on their website:
They mention a virtual environment, which I'd imagine them to be referring to the file system and registry.
So, which way is it? Does both manual and automatic sandboxing offer file system and registry virtualization or not?
If I were a user interesting in COMODO sandbox, I'd be lost trying to figure out what's accurate information and what's not.
There isn't any question - the manual sandbox is absolutely fully virtualized.
Anyways, the discrepancy here is between the auto and manual sandbox. Automatic sandboxing is not fully virtualized. Manual sandboxing is fully virtualized. For more information just look at the link directly from the Comodo help site.
Thats fine. The manual sandbox maybe virtualized but the primary, being automatic, which the majority of users operate is not fully virtualized. That is what I'm referring to. Nothing more. Again the magic of text doesn't always get one's point across.
Thanks. I forgot they had a help page. I'm downloading the PDF file, to read it offline. It's developing really fine, from my quick reading.
I suppose they got no intentions of releasing a stand-alone version, though.
Nope, they don't. I wish.
Didn't know it! Thanks
By the way, considering that you use COMODO, and I cannot test , I'm wondering if you can verify if it mirrors integrity levels? It would be great if it does.
I haven't used it in a while (it doesn't work on Win8, just like anything else that messes with the kernel, plus I prefer Sandboxie) - but one of the restrictions is applying integrity levels I believe. Unfortunately... you can't pick and choose what settings are applied. It goes in "levels", which kinda sucks! It's actually very similar to a comparison between Linux and Windows' access control, almost completely analogous to Sandboxie and Comodo.
Let's see what they bring, they should bring a more granular sandbox (Aka Sandboxie).
You can set a list of programs (eg. IE, Firefox) to automatically load in the full virtualized sandbox if you like.
No thanks. Thats why I have sandboxie.
Separate names with a comma.