Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: returnil & sandboxie freeware


26 Nov 2010   #1

7 premium 64
 
 
returnil & sandboxie freeware

Ive been useing this combo for sometime now, and i havent found any malware able to bypass as of yet. So why do you need antivirus, hipps, bb, firewalls, etc?


My System SpecsSystem Spec
.

26 Nov 2010   #2

Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
 
 

Sandboxes and other virtual environments have their place but I would say only for testing purposes or for developers. E.g. when you run your browser, it makes changes to your system- registry settings, internet caches, browsing history etc. Plus downloads including any malware and spyware install themselves onto your hdd. When you run the same thing in a sandbox, all those changes still appear to be happening, but they're never actually permanently written to disk- when you exit the browser and the sandbox, all those changes disappear.

So what if I want to save all the history or make a persistent change? Yes, if you mean the user decides to do all the "risky" browsing in sandboxie, thats a good idea. But then these days, malware comes in so many shapes and sizes and from so many sources that its impossibe to categorize risky or safe. So should I run in sandboxie all the time? Thats not a feasible idea.

Thats where an AV comes in. A good layered security with an AV, firewall and on-demand scanner will save you from all kinds of attacks wherever they may be coming from- the user doesnt have to take the dicey decision of what to browse in a sandbox and what outside.

Also, Sandboxie runs only in 32 bit windows. Plus there is a bit of a learning curve about handling a virtual environment. I'll need to do some R&D but i think there are some malwares designed for sandboxes as well. A sandbox is also not a firewall, it cant save you from hacking attacks. Even in a sandbox, your IP address remains unchanged and is visible.
My System SpecsSystem Spec
26 Nov 2010   #3

7 premium 64
 
 

I am running windows 7 64, but thank you for your reply.
You maybe right about the rest.
My System SpecsSystem Spec
.


26 Nov 2010   #4

Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
 
 

Quote:
I am running windows 7 64
Quote:
Full disclosure: The 64-bit edition of Sandboxie provides a reduced level of protection compared to the 32-bit edition of Sandboxie.
This shortcoming is the result of a new security feature introduced in 64-bit editions of Windows, called Kernel Patch Protection. This feature aims to protect the core of Windows (the kernel) by regularly performing self-checks to detect changes.
The problem is that a stock Windows kernel does not provide all the facilities necessary to implement a security solution such as Sandboxie. On 32-bit Windows, Sandboxie can dynamically enhance the Windows kernel to provide the missing functionality. This is not possible on 64-bit Windows, due to the Kernel Patch Protection feature.
It should be noted, however, that even with this disadvantage, the 64-bit edition of Sandboxie is still an adequate front line of defense against most types of malicious software.
Additionally, in order to compensate for this disadvantage, the 64-bit edition of Sandboxie enables the Drop Rights setting by default. This setting may need to be disabled before software can be installed into a sandbox.
Source: Sandboxie - Notes About 64 Bit Edition
My System SpecsSystem Spec
26 Nov 2010   #5

Arch Linux 64-bit
 
 

At the very least, a firewall should be used to keep intruders/hackers out.

Unless you use the Restriction settings of Sandboxie and/or the Anti-Execute setting of Returnil, there is nothing stopping malware from downloading, executing and performing certain actions such as keylogging.

I wouldn't recommend using a computer without at least a few (on-demand) anti-virus/anti-malware. Any website can be hacked and there is no way you can know that a certain download is safe (without viewing every single byte of code).
Quote   Quote: Originally Posted by Bill2 View Post
So should I run in sandboxie all the time? Thats not a feasible idea.
Many users do. There are easy ways of saving any created or changed file with Sandboxie.
My System SpecsSystem Spec
26 Nov 2010   #6

Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
 
 

Quote:
Many users do.
I guess there are people who prefer technical solutions to a little bit of common sense.
My System SpecsSystem Spec
26 Nov 2010   #7

Arch Linux 64-bit
 
 

My System SpecsSystem Spec
26 Nov 2010   #8

Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
 
 

Quote:
Common sense is enough?
It would appear so- for most people. AFAIK, most people work in a real environment and use AVs, firewalls etc. combined with common sense to keep themselves safe. What about you- do you work in a sandbox all the time?
My System SpecsSystem Spec
26 Nov 2010   #9

Arch Linux 64-bit
 
 

What's wrong with replacing that AV with Sandboxie? For starters, it is more reliable, historically.
My System SpecsSystem Spec
26 Nov 2010   #10

Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
 
 

Quote   Quote: Originally Posted by malexous View Post
What's wrong with replacing that AV with Sandboxie? For starters, it is more reliable, historically.
Nobody said theres anything wrong, we're only discussing pros and cons. If the OP is happy with sandboxie, I'm happy.

But tell me, when you make a hole in sandboxie to save changes etc. permanently, isnt that also an entry door for malware?
My System SpecsSystem Spec
Reply

 returnil & sandboxie freeware




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:16 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33