Two questions about Sandboxing

Discussion in 'sandboxing & virtualization' started by Hungry Man, May 12, 2011.

Thread Status:
Not open for further replies.
  1. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    1) What are the differences between Comodo's sandboxing and Sandboxies?

    2) Is there any reason to sandbox Chrome?
     
  2. hpmnick

    hpmnick Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    186
    1) I have more confidence in Sandboxie personally.. the comodo sandbox has been penetrated on a few occasions.. Sandboxie has been bypassed as well, but few and far between.

    2) There are very few chrome exploits, but they do exist. The two products are great TOGETHER, as they offer different layers of security.
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    What I'm wondering is... if something gets out of the chrome sandbox does it then have to get out of the comodo sandbox?
     
  4. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    Yes. You're double protected!
     
  5. hpmnick

    hpmnick Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    186
    Yes, they operate a bit differently... Escaping the chrome sandbox will most likely use an attack that is chrome specific. The comodo sandbox will likely require a different exploit to escape that sandbox.

    There are methods that can escape any sandbox, like an attack using a fault in a kernel mode process.. but these are few and far between..
     
  6. hpmnick

    hpmnick Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    186
    Just a tip.. if you are using a version of Windows that supports Applocker, and you happen to be running Sandboxie, you can set a deny policy on all users for processes executed in the C:\sandbox folder. Nothing downloaded will ever be able to execute... almost no chance of a possible bypass since almost all remote code will be blocked from even running.
     
  7. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Sandboxie is more secure, because you can add various restrictions. Level of cutomization is far superior as well.

    Comodo's manual sandbox is okay, but Autosandbox is weaker due to no virtualization and only restrictions.
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Hm. Not sure if I want to bother installing a whole other program for this. I feel very secure as it is with my current setup and the sandboxing was more like "what the hell, why not?" but I was curious about it.

    Thank you all for the information, very helpful!
     
Loading...
Thread Status:
Not open for further replies.