What do you think about Sandbox?

Hello friends!

I would like to know your opinions about “Sandbox” systems/software, that makes possible, for example, to run the browser making use of “virtualization”, by the way that nothing is changed in the system while we browse the web, increasing the security and decreasing the possibility of some malware infects the computer.

What do you think, for example, of softwares like SandBoxie and SafeSpace ?

Can we consider it as an additional (and valid) level of security, a “plus”, or the use of Comodo Firewall Pro V3 (with Defense+ activated) + Comodo BOClean makes it unnecessary?

What do you think about it?

I understand that it adds to security, but I consider overkill for me and not worth the bother, since I run Windows as limited user and use Defense+ etcetera. But I understand that others will prefer it.

Really, in the case you have mentioned, I think that tool is not really necessary. But I don’t run windows as limited user, unfortunately. :-[

I will try the tool and post here some comments.

Well, honestly (and I think I said that before, maybe too often) in my opinion most of those Sandboxing techniques are in fact hurting your layers of sec. That is why? It circumvents all other layers, letting all things happen until the next restart.

That’s the main problem of sandboxing tech.

Just an opinion. If knowing better, tell me otherwise.

I have tried both. Sanboxie crashed my computer so I uninstalled it. I was unable to install SafeSpace, the installer froze. That’s my experience with these two softwares (lol)!
I’m fine with Firefox(NoScript and Adblock Plus) and CFP 3. If you know how to use Defense+, you won’t need any virtualization software.

Cheers,
Ragwing

I have tried both, and the two solutions have crashed my computer, too. So, I have uninstalled it.

Strange, My computer never crashed. First of all Sandbox must be properly configured to run on your computer.

Virtualization & Sandbox are also two different things. You have misunderstood its concept.

Virtualization is technology that completely mirrors your actual computer setup and it can create a virtual storage disk within your PC where you can save documents, data, and files while using the System Protection feature.t is a framework or methodology of dividing the resources of a computer into multiple execution environments, by applying one or more concepts or technologies such as hardware and software partitioning, time-sharing, partial or complete machine simulation, emulation, quality of service, and many others.

Sandbox is usage of a virtual container in which untrusted programs can be safely run

Using Sandbox & Returnil with Comodo Firewall 3 with no problem.

i always run cracks and keygens sandboxed

Hello ultragunner,

So, I will try to make more tests now that I have improved my computer with more RAM.

Virtualization & Sandbox are also two different things. You have misunderstood its concept.

But, summarizing, are not both the concepts the same thing, or very similar? For example, Virtuozzo makes the same thing when “divides” an unique server in various (VPS). I think that, perhaps, the same can be applied to “Virtual Machines”.

And, regarding Sandbox tool, what it does? It creates, resuming, a “virtual place” on your computer, totally isolated of the rest, where you can safely rollback any modification, because “nothing” is changed in the computer itself, including HD, registry, etc.

So, due to the above, I think that “Sandbox” is also a way of virtualization. I think (this is my opinion) that it is the same thing.

Regards.

they’re not quite the same thing… Although very similar.

they're not quite the same thing... Although very similar.

Yes, in some aspects the response may be “yes”. I have to agree with this. But we have to agree that the simulation of an enviroment, independent of the reason, also is a form of virtualization, in a greater or lesser degree.

There are VM’s. This is 100% virtualization.
There is a program, called ShadowUser (I’m sure there are plenty of others like this, i just used only this one). This is also a true virtualization at some point. It needs reboot, it redirects all access to HD itself, writing everything to free sectors of HD and then redirecting HD reads, it works on the lowest level possible for this type of software.
And there is another program, called Sandboxie, which is not a virtualization but sandboxing software. It redirects file activity and registry modification (which IS also a file activity, since registry in fact is a file somewhere in %windir%\system32). It acts on files/folders/registry level. And from my experience i can suggest it blocks direct access to the hardware.
Correct me if i’m wrong.

And from my experience i can suggest it blocks direct access to the hardware. Correct me if i'm wrong.

I have to agree with it.

Nope, they are quite similar in some theory but totally different in concept. I helped develped sandbox by the way & also studied virtualization.
Sandbox is usage of a virtual container in which untrusted programs can be safely run
It does not create a virtual space but is just a virtual container, Pls understand the concept.
It does not creates, resuming, a “virtual place” on your computer, totally isolated of the rest, where you can safely rollback any modification, because “nothing” is changed in the computer itself, including HD, registry, etc. Virtualization creates, resuming, a “virtual place” on your computer, totally isolated of the rest, where you can safely rollback any modification, because “nothing” is changed in the computer itself, including HD, registry, etc.

I think that we are both misunderstanding what the other says.

If you verify, since the beginning of the post (except my first post, because I have changed some concepts, why not?), I am always saying that sandbox techniques are “similar” to virtualization, in some parts.

Agreed. By the way in setting up sandbox. Pls read the online instructions for more details. also see my post Returnil to try virtualization.

Pls read the online instructions for more details. also see my post Returnil to try virtualization.

Agreed, too.

I will take a look at that. I thought the Returnil tool very interesting. I will take a look and try it.

You helped develop the concept of sandbox? How old are you?

[b]Sandbox is usage of a virtual container in which untrusted programs can be safely run [/b] It does not create a virtual space but is just a virtual container, Pls understand the concept. [b]It does not creates, resuming, a "virtual place" on your computer, totally isolated of the rest, where you can safely rollback any modification, because "nothing" is changed in the computer itself, including HD, registry, etc. Virtualization creates, resuming, a "virtual place" on your computer, totally isolated of the rest, where you can safely rollback any modification, because "nothing" is changed in the computer itself, including HD, registry, etc.[/b]

Not very clear I’m afraid.

Seems to me there is

(1) hardware virtualization, where software is simulating hardware to get a complete “virtual pc”, so you need to install a brand new operating system etc… Level of isolation is very high. Some people will say this is “true” virtualization.

E.g. Vmware, Virtualpc etc.

(2)system partition “virtualization” , where the system partition (or other partitions) is frozen basically, so you can revert to an earlier state for the complete partition.

E.g returnil, shadow user pro, shadow defender, power shadow, First Defense ISR, Deep freeze

(3)Application “virtualization” - where only selected portions of your system is “virtualized” (note the quotes). Typically whatever app that runs in the sandboxed app, will make changes that are “virtualized” (typically they are directed to another location and/or tracked seperately so they can be flushed away).

E.g Sandboxie, Bufferzone.

(1), (2), (3) are described in terms of their effect.

Oh sure you could get fancy technical and point out that the products in (2) are not all using the same technology (is quick rollback really virtualizaiton?), but really does it matter to most people?

Even in the “weak sense” of virtualization described in (3), not all sandboxes do that. Policy based sandboxes like GeSWall mainly block file/registry changes without any “virtualization” at all.