Virtualization security - the end for security updates?

They both sound like reasonable solutions to me, just different.
With application virtualization is there a "side door" that things like scripting, plugins, or video codecs could get through?

 

as far as I read and understand in bufferzone publisher website (trustware.com) there is no meaning for such threats as anything running in bufferzone 'thinks' it is running in the 'real' pc where it actually runs on a 'dummy' environment that only exactly 'looks' like the 'real' - so if there is a virus or so, it attacks 'dummy' targets, and this whole thing is probably running at the kernel level.

 

Sounds interesting and worth looking into. Thanks.

 

Correction - they fixed the 'Confidential' folder with their new version, they simply automatically protect 'My Documents' without naming it as 'Confidential'.

 

Already posted that, however, I would like to tell you that I found out in castlecops.com that they run this beta program and you can get their new pro version 2.10 free of charge for beta testers.

http://www.castlecops.com/print-1-164865.html

The link to their beta program was broken so I contacted their support (support@trustware.com), provided my details and got the full version for free...

 

I may be wrong (I haven't had GesWall installed in a while) but I'm sure you can create or copy and adapt the existing rule to make any folder confidential - that way the folder can be called whatever it was named before.

I'm planning to give the latest version of GesWall a try so I'll see if I'm talking cr*p or not

 

I really feel Bufferzone is a top notch program and just wish the free version was more flexible, but running various processes, programs, etc can still be done. And it has an advantage over 'ShadowSurfer/ShadowUser' because no reboots are required.

 

my bro would like to have a look at this

 

Yes, but some sandboxes/virtualisation programs use only acces resitiction like GeSWall and DefenseWall. Some also have file system virtualisation (SandBoxie and BufferZone). All these programs allow you to use 1 OS.

Only the true OS virtualisation programs (VM Ware) require another OS in the virtualised environment

 

the problem with true OS virtualization is that it takes a lot of your CPU and it can't communicate with your 'real' OS

 

I only tried VM and the slow down was so bad I went back to sandboxes using no OS or File virtualisation.

 

Hi, the solution is very simple. U can change the folder name as u like and then change the name in GesWall rules as well. I tried and it works very well. No isolated( untrusted) application can access this folder. Nice

 

in bufferzone they use the 'confidential' in 'My documents' folder - they added a 'lock' icon to it