does anyone know what is virtualised during automatic sandboxing ?
Nothing is virtualized during automatic sandboxing. There’s only an access rights restriction.
So whats the point in having sandbox enabled?
Having sandbox enabled, you can manually sandbox processes and adapt the virtualization and restriction level to your needs.
Having auto sandboxing enabled, you reduce the popup alerts drastically, but you loose a bit of the absolute control (and in my opinion also security) Defense+ gives you. So, this is probably only a good deal for users, feeling uncertain about how to handle D+ alerts.
So if you know your system trust in D+ otherwise hope sandbox doesn’t let you down! Hmm think I’ll stick to CIS proactive with alternative AV for now.
Yes, but I see no alternative. Either you take the decisions on the alerts yourself or you trust in the software, that it allows/denies the appropriate requests. It’s basically the same principle with any security software. They all provide more or less options to fine tune the configuration.
The more interaction is needed, the more security you get (if you know, what you’re doing), since you can answer requests much more specific as the common policy can do.
While auto sandboxing silently enforces a default security policy, disabling this feature will bring up the D+ alerts, according to your monitoring settings.
It’s a pity, that you can’t sandbox an application (and therefore get depending on the sandbox level useful restrictions and virtualization), but also the alerts.
But this was far offtopic now…
full auto virtualisation i think would have been perfect because some software can bypass limited/nonadmin account restrictions.
Wait for v4.1. The last thing we moderators have heard is that it will provide full virtualisation.
Always wait for the next version, what a bummer :-\
The expectations of many users were very high as almost everybody, who had not tried the beta and RC versions, expected a SandboxIE like program.
You can manually sandbox programs and then you will have file system and registry virtualisation.
i did test all of the pre final versions … testing right now comodo dragon. it seems to me it moves quite nice even if sandboxed, opera load time is definitely bigger… i’m a opera user
Yep, I was waiting to see a SandboxIE like program, that way I could be able to ditch my sevurity setup for CIS. I currently have Avast, SandboxIE, and PcTools Firewall (CIS conflicts with Sandboxie).
Have not seen any conflicts.
It would be nice to be able to set default level of restriction for automatic sandboxing.
Like you can do for manual sandboxing, but defining that for automatic sandboxing.