Sandboxie

Discussion in 'sandboxing & virtualization' started by John Bull, Jun 6, 2010.

Thread Status:
Not open for further replies.
  1. timestand

    timestand Former Poster

    Joined:
    May 7, 2010
    Posts:
    172
    No thanks to no try? and i no mean insult as many seem to feel. sorry bad english. I just mean best way to try. when sandbox an app it contain all. you only recover files you want keep. ok? As i say hard explain. best to just try and test. Ok?
     
  2. crofttk

    crofttk Registered Member

    Joined:
    May 15, 2004
    Posts:
    1,979
    Location:
    Eastern PA, USA
    @timestand: Perhaps I read too much in your first response to Greg in the way of an implied insult and I apologize for promoting the negative interpretation of it. This in an international forum and I should know better than to take everyone's English at face value.

    Of course, test and see what happens is a valid approach, but there are many here and at Tzuk's forum who have already done so and Greg can no doubt benefit from their input.
     
  3. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    You know, this is the most asked question regarding Sandboxie. I understand why really, and have explained it many times. So, just for you, try this out
    http://mrwoojoo.com/sbie/index.htm

    not really just for you ;), but I figured why not.

    Sul.
     
  4. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    Well the tray icon isn't much to look at :p

    Seriously though,in unashamedly fanboy fashion,I have to say this is one of the most impressive applications I've ever come across.It's light,quite user friendly and pretty much bulletproof when it comes to security.
     
  5. timestand

    timestand Former Poster

    Joined:
    May 7, 2010
    Posts:
    172
    I like tray icon. Also why poster want something bad about it. Funny man!
     
  6. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    It's not too bad but it was the nearest I could get to a negative comment.:D
     
  7. pasha101

    pasha101 Registered Member

    Joined:
    Nov 28, 2009
    Posts:
    34

    It appears that mrwoojo is down right now. I was going to check it out since I am a new user of sandboxie...maybe it will be up later. Thanks for the link though!
     
  8. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    944
    Opening fine here...

    philby
     
  9. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    Thanks Sul. That is some very useful info to share with others.
     
  10. Montecristo

    Montecristo Registered Member

    Joined:
    Dec 23, 2008
    Posts:
    72
    I have been running Sandboxie with zero issues for 3 years. I am so happy with it that I no longer use an anti-virus when I am surfing the Internet. There is no need to rely on a blacklist when you have a properly configured sandbox. Plus, my computer runs so much faster with no active AV installed.
    I have had zero malware infections in 3 years, and I am a heavy surfer.

    Partner Sandboxie with a good image program like ShadowProtect, Macrium, etc, and you should be good to go. For extra protection, you can also add a virtualizer like ShadowDefender or Returnil. Sandboxie and ShadowDefender run very well together.

    As always, the strongest security is common sense.
     
  11. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    Do you ever recover downloaded files?
     
  12. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    Just speaking for myself, it would be a serious limitation if I couldn't make purchases on the internet. I've been selectively using credit cards, and now Paypal, for years with no security problems. If, after using Sandboxie for a while you feel it is worth supporting the work of the author, you could look into Paypal.
     
  13. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    In the last 2 weeks I have started using Sandboxie the way you have for 3 years, and it's great hearing that you have had no infections. Even more confidence-building in this approach to security. And you are right, really fast.

    Virtualization, system image, and common sense. Simple and safe, and probably the future of security as malware increases exponentially. (p.s. On re-reading this post, I feel it was maybe a little idealistic, since this method requires a common sense that evidently isn't common enough to make AVs unnecessary.)
     
    Last edited: Jun 6, 2010
  14. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,378
    Greg's point is important. I screen what I want to recover with an AV and with MBAM and then recover. I don't think that is being over-cautious. The sandbox is only a sandbox.
     
  15. timestand

    timestand Former Poster

    Joined:
    May 7, 2010
    Posts:
    172
    why screen before recover? you scared that malware will attack while you recover? Wrong. malware attack only when you run it not when move it. Ok?
     
  16. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Let me pose a question. If your AV is resident, monitoring all files being written to disc, is there then a need to scan manually again? Does the detection work better with a manual scan rather than the resident scan? If you are not sure, and rely on a virus definition update to be sure, should not you best wait for the next update, or the next after that, to really be sure?

    Sul.
     
  17. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I know you are trying to help and all, but it was implied not that there was a scare of moving it, but just that on principle to scan before removing it from the sandbox and into the real system.

    Sul.
     
  18. timestand

    timestand Former Poster

    Joined:
    May 7, 2010
    Posts:
    172
    Yes just clear that malware only attack when run it. So can move out of sandbox on real system and then only scan. Ok?
     
  19. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,378
    There's more than the one question :)
    1. Re. the performance of the resident scan versus the manual, it's just that I'm not sure (=ignorant) about how the AV interacts with the sandbox contents in real time. Perhaps, as you point out, a manual scan may be redundant/overkill.

    2. The point of the definition update would apply to the resident scan as well, wouldn't it?

    3. I use MBAM on demand so I wouldn't think this step is unnecessary.
     
  20. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    In my time using virus engines, playing with files that are infected, if the engine knows about the virus through its definitions, it normally screams at me if I even focus on the file. Downloading infected files was always caught right away. I don't recall every finding a virus through a manual scan if I used the resident scanner all the time. I am no expert, it very well could be better to do a manual scan, but it does seem a bit redundant.

    In terms of how it acts within the sandbox, remember that when the file is written to disc, it is a real phyical location, so AV engines or anything like that will see it.

    Yes, MBAM being manual only would be good. I like MBAM a lot. Having used lots of these type programs in the past, it makes Adaware and Spybot and the rest of the now ancient clones look like they weren't even in the same game. MBAM is quite possibly the best "one-stop-shop" tool to use on computers that seem to be full of garbage.

    Just asking because I stopped using an AV some time ago due to questions I had such as that.

    Sul.
     
  21. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Manual scans can be more comprehensive than real-time if your AV supports scanning within archives or packed executables.
    That is usually disabled by default in real-time monitoring for optimal performance.

    Also, uploading to VirusTotal is better than just scanning with one or two scanners.
     
  22. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,378
    See, this is the part that I'm really unsure about. I know it is real, but still within the active sandbox. That's why I do the manual scan after all sandboxed processes are terminated. (Could be pointless, but it doesn't cost me much in terms of time :D)
     
  23. kennyboy

    kennyboy Registered Member

    Joined:
    Oct 4, 2006
    Posts:
    413
    To OP.

    You will notice that with all the responses you have received, and although it has veered off topic sometimes, and maybe got a little heated also, you STILL havn't received a negative report...!!!

    Quite remarkable for any piece of software. There is no reason why you shouldn't find yourself of a similar mind after trying it. Might even persuade you to venture into the world of online purchasing.

    If it does, please make Sandboxie your first purchase. It is well worth the peace of mind that it gives. I personally would not entertain using my Credit Card online without being sandboxed.

    I have no connection with Sandboxie. This is purely from my experience of the program.

    Regards

    Ken
     
  24. ratwing

    ratwing Guest

    @kennyboy:

    Quite so!!

    My experience,as well.


    rat
     
  25. Montecristo

    Montecristo Registered Member

    Joined:
    Dec 23, 2008
    Posts:
    72
    Yes, all the time. I scan downloaded files with MSE used on-demand only.
    I have the real-time protection always turned off. I also use VirusTotal from time to time.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.