Where Does Sandboxing Fail?

Discussion in 'other security issues & news' started by wildermark, Nov 30, 2006.

Thread Status:
Not open for further replies.
  1. wildermark

    wildermark Registered Member

    Joined:
    Nov 3, 2006
    Posts:
    30
    What are the weak points in sandboxing softwares? What prevents me from safely unplugging the network and going buck wild in a sandbox? :D
     
    Last edited: Nov 30, 2006
  2. MICRO

    MICRO Registered Member

    Joined:
    Jun 8, 2004
    Posts:
    1,020
  3. wildermark

    wildermark Registered Member

    Joined:
    Nov 3, 2006
    Posts:
    30
    Excellent, thank you. One thing though:

    I just fired up Sandboxie though and I made a new text file on my desktop.. opened notepad in Sandboxie and typed some jibberish in it and saved it... it didn't save the jibberish. I then opened cmd.exe in Sandboxie and moved to the desktop directory and issued the del command on the text file and it did not net deleted. I also tried with command.com.

    So, they have evidently fixed that in the newer version of Sandboxie... I don't see anything in their changelog about it though.
     
    Last edited: Nov 30, 2006
  4. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
  5. wildermark

    wildermark Registered Member

    Joined:
    Nov 3, 2006
    Posts:
    30
  6. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Billy@GreenBorder is a member of this forum ;)
     
  7. wildermark

    wildermark Registered Member

    Joined:
    Nov 3, 2006
    Posts:
    30
    GreenBorder must be some lame jokeware.. I installed it and didn't see any point of protection.. quite the opposite... so, I immediately uninstalled it and restarted only to find out that now my Vidalia/Tor is screwed over, some software is acting funny and doing some screwed up minimizations.

    At no time during the testing of GreenBorder did I have any network connections and I just looked through the interface of the software and 'GreenBordered' a simple text file. The system worked perfectly fine until I ran the uninstall and restarted. So, this junk can't be blamed on anything but GreenBorder.

    None of my AV/Spyware/Adware/Malware scans picked up anything, hijackthis looks clean as well as process explorer.. no ADS.. rootkit revealer is clean..

    I don't know what this lame GreenBorder **** did, but I'm pretty pissed.
     
  8. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,694
    Hello,
    Let's indeed hope that you downloaded it from the right place?
    And rule no.4432 - never test on a production machine.
    Mrk
     
  9. wildermark

    wildermark Registered Member

    Joined:
    Nov 3, 2006
    Posts:
    30
    I'm still finding **** that it has screwed over..
     
  10. sundazing

    sundazing Registered Member

    Joined:
    Dec 5, 2006
    Posts:
    9
    I am new here, but I read the test results posted in this forum and elsewhere online and Greenborder scored highest so I downloaded the latest version from their site last month.

    I have had no conflicts with it at all. My major reason for looking for this type of software is to use Paypal/Ebay securely at wifi hotspots. The only inconvenience I've had is streaming audio/video inside of a GreenBordered-protected Firefox browser.

    I emailed GB's customer service about this and almost immediately got a response. In fact, they were willing to call me for free and help me tweak GB via voice. I've written to them with a few other Qs and had the exact same type of customer service experience. Score: Excellent (and I am very hard to please).

    While GB currently costs $24.95 a year and other sandboxes may be cheaper, I have had no hacks into my system or my online accounts and no software conflicts. Moreover, like many other users, customer service is a very important component to me. I've also looked at another wifi security idea--iPig--which is recommended at Steve's grc.com expert security site, but have gotten no response from iPig (iOpus) to Qs on installing client software and their server's downtime. The idea is your data is sent via a nifty phrase encryption algorithm to their server/proxy and then sent on to the web. (I can't connect to the server now to even complete the iPig client installation.) Sounds great in theory, but frustrating and unreliable in practice if iPig's proxy server is overloaded most of the time...which is my experience now.

    So to me, a high-level IT professional, who would prefer to have solid protection without having to scribble 0s+1s myself or hassle constantly tweaking an app or have a great app only in theory but unreliable in practice, the $25 is worth it for the solid protection/time savings/convenience/customer support factors.

    I play to purchase the GB license shortly. BTW, ZA is incorporating KAV in its current security suite beta (check the ZA forum for more info). I'd like to use this suite when it's released with GB, so I am wondering what sort of probs people have had running GB with KAV or other AVs so far? Any info would be helpful.

    Thanks and I have really found this forum very useful.
     
    Last edited: Dec 5, 2006
  11. pilotart

    pilotart Registered Member

    Joined:
    Feb 14, 2006
    Posts:
    377
    I just use the BufferZone {free} SingleApp (version 1.9) to protect IE6 and can open other (like Firefox, etc.) from Right-click menu. It has worked great for my needs, (Sandboxie had been broken through for me.)

    Did see one Question on the AntiVir Forum about a conflict, using GreenBorder:

    http://forum.antivir-pe.de/thread.php?threadid=15194
     
  12. sundazing

    sundazing Registered Member

    Joined:
    Dec 5, 2006
    Posts:
    9
    I wouldn't call that a conflict, since GB isolates downloads intentionally. I'd call that an inconvenience since the AV update will install automatically on reboot, am I correct?

    I also agree with Rhod on the AV thread. GB not only does NOT state you don't need AV, they insist that you DO need to use AV, firewall, etc. as always. When you go to purchase, they have several versions to select from; the criteria is what AV product you are using so it is 100% compatible with those listed for specific versions.

    Last I looked at the testing orgs for sandboxes, Sandboxie failed significant test and was shut down by successful malware actions. GB was only sandbox to withstand that thread. Has this changed recently?
     
Loading...
Thread Status:
Not open for further replies.