Virtualization and Sandboxing...Differences in Avast

Discussion in 'other anti-virus software' started by Securon, Nov 29, 2010.

Thread Status:
Not open for further replies.
  1. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,935
    Location:
    London On
    Good Morning ! I'm utilizing the Virtualization and Sandboxing components on Avast Pro 5.0...and being new too it's implementation on my system was wondering what the major differences are between the two ? Sincerely...Securon
     
  2. ALookingInView

    ALookingInView Registered Member

    Joined:
    Sep 14, 2009
    Posts:
    365
    Re: Virtualization and Sandboxing...Differences

    A sandbox is a type of virtualization. I hope I've understood your question correctly.
     
  3. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    401
    Location:
    France
    Re: Virtualization and Sandboxing...Differences

    Not at all.

    Actually a sandbox is a contained and controlled environment in which programs can be run.

    The purpose of this can be testing,security...

    And it can be achieved using different technologies like:
    - policy: access, execution, and so on rules are applied to ensure a program doesn't misbehave.
    - virtualization: actions performed by a program are either simulated or are applied on a virtual copy of the system or files. Hence,if the program is destructive, destruction is not permanent.
     
  4. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    Re: Virtualization and Sandboxing...Differences

    then Avast must have misunderstood the concept of sanbox and virtualization...

    or perhaps they just sanbox but do not virutalize. for the latter it would require a (separate) guest environment on the host system

    avast sandbox.png

    it sounds Avast got a bit carried away and mixing up sandbox with a virtual environment. there is nothing in the documentation pointing that Avast is generating a virtual guest.

    here is quite a visual description of sandbox from sandboxie

     
    Last edited: Nov 29, 2010
  5. ALookingInView

    ALookingInView Registered Member

    Joined:
    Sep 14, 2009
    Posts:
    365
    Re: Virtualization and Sandboxing...Differences

    http://en.wikipedia.org/wiki/Sandbox_(security)

    http://www.avast.com/pr-avast-free-tops-the-paid-competition-to-get-a-plus-rating

    Doesn't look like I was that far off, though in hindsight maybe I should have said "can be viewed as a type of virtualization".
     
  6. culla

    culla Registered Member

    Joined:
    Aug 15, 2005
    Posts:
    504
    Re: Virtualization and Sandboxing...Differences

    i hope they're paying Tzuk for sandboxie or are they ripping him off o_O
     
  7. ALookingInView

    ALookingInView Registered Member

    Joined:
    Sep 14, 2009
    Posts:
    365
    Re: Virtualization and Sandboxing...Differences

    I believe AVAST Software a.s. built their own.
     
  8. culla

    culla Registered Member

    Joined:
    Aug 15, 2005
    Posts:
    504
    Re: Virtualization and Sandboxing...Differences

    they should have called it something different then :rolleyes: :D
     
  9. Vladimyr

    Vladimyr Registered Member

    Joined:
    Feb 11, 2009
    Posts:
    461
    Location:
    Australia
    Re: Virtualization and Sandboxing...Differences

    Nice one culla!

    Seriously though, Sandboxie do not own or define the word sandbox any more or less than Norman, Avast or Comodo, etc. These (and others) all provide something they describe as a "sandbox" but each has a different approach.
    Indeed, because language is a virtual organism, in relation to IT security software, the meanings of words like "heuristic", "cloud" & "sandbox" are constantly changing. Initially they may have referred to a specific technique, process or taxonomy, but once they "stick" and become accepted jargon, the necessity for the word to accurately describe the actual process diminishes (and may eventually disappear completely) and instead the word comes to mean the outcome or effect, as newer and different mechanisms are employed.
     
  10. kwismer

    kwismer Registered Member

    Joined:
    Jan 4, 2008
    Posts:
    240
    Re: Virtualization and Sandboxing...Differences

    i'm with you so far, though i would rather call it an isolated environment than a controlled one

    and this is were i would disagree. blocking behaviours according to some criteria (a policy) is behaviour blocking, not sandboxing.

    a policy based system doesn't create any sort of other environment such that something can be in or not in that environment (corresponding to whether something is in or not in the sandbox). with policy based systems everything is subject to the policy (though the policy can be complex enough to allow for different things to have different rules - including an allow all rule).

    even literal sandboxes (big wooden boxes that hold sand) isolate an environment (a sandy environment that is boxed in). policy based systems don't do environment isolation because there is only one environment.

    agree with this too, though i suspect some people will get caught up on the word virtualization, thinking that it can only refer to virtual machines. both hardware virtualization and application layer virtualization can be used for sandboxing, though there are distinct differences between the properties the sandboxes have depending on which one is used.

    you can also implement environment isolation (sandboxing) using disk imaging and even using separate physical computers (which i hope should be obvious - if a virtual machine can act as a sandbox then so can a separate physical machine).
     
  11. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    401
    Location:
    France
    Re: Virtualization and Sandboxing...Differences

    Agree.

    Behaviour blockers try to guess from the number and types of violations if a program is misbehaving, and block it if the criteria are met. A policy sandbox will forbid any violation.

    Right. Then instead of environment, I should have used the word boundary. But still sandbox in IT is really an environment: the one of the things possible, and the rest. But the things possible may be more complex to define than only geographical boundaries (owner, context...)


    Ok
     
  12. kwismer

    kwismer Registered Member

    Joined:
    Jan 4, 2008
    Posts:
    240
    Re: Virtualization and Sandboxing...Differences

    :doubt: if it blocks behaviours it's a behaviour blocker (this should be recognized as a tautology). whether it's 'guessing' or it has a policy to go by is immaterial - that's just an implementation detail.

    a sandbox requires 2 environments: 1 inside the sandbox and 1 outside. enforcement of behavioural policy doesn't provide for an 'inside/outside' pairing.
     
  13. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
  14. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Re: Virtualization and Sandboxing...Differences

    You describe how I see it. Sandboxie using Virtualization to achieve
    Sandboxing and Defense Wall doing it by enforcing policy restrictions
    are examples of what you said.

    Bo
     
  15. ALookingInView

    ALookingInView Registered Member

    Joined:
    Sep 14, 2009
    Posts:
    365
    Re: Virtualization and Sandboxing...Differences

    Don't forget avast! Internet Security.
    The paid products are also mentioned on that page, in freemium fashion.
     
  16. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Re: Virtualization and Sandboxing...Differences

    Yes. Sorry I overlooked Internet Security having virtualization as well. :)
     
  17. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857

    Attached Files:

    • 9.jpg
      9.jpg
      File size:
      787 bytes
      Views:
      337
  18. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,935
    Location:
    London On
    Good Morning ! I ran into some sort of bug with Virtualization today. When I went to Virtualize Firefox this morning it would'nt initiate...same with Internet Explorer 8. So I did a fresh re-install of Avast Pro...and re-boot too initiate Virtualization and at the moment both browsers are operable with Avast's virtualization. But my question is has anybody run into a similar problem ? Because Virtualization is the one feature and benefit that attracted me to Avast in the first place. Sincerely...Securon
     
  19. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,935
    Location:
    London On
    Good Morning ! Just an update, as mentioned Virtualization now works with Firefox...but strangely not with I.E.8 yesterday as I mentioned in my previous post both we're operable. There has to be a bug with Virtualization ! I left a post on the Avast Forum, because apparently I'm not the only one experiencing this glitch. Sincerely...Securon
     
  20. ALookingInView

    ALookingInView Registered Member

    Joined:
    Sep 14, 2009
    Posts:
    365
    I've had a number of minor issues with their sandbox, nothing like that though.
    Worst case scenario, their 60-day money back guarantee is very generous.
     
  21. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    I'm sure they are on it and will be fixing bugs asap.
     
  22. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I have had some minor issues with it that I know 5.1 will address.
     
  23. ALookingInView

    ALookingInView Registered Member

    Joined:
    Sep 14, 2009
    Posts:
    365
    Totally agree.
     
Loading...
Thread Status:
Not open for further replies.