returnil & sandboxie freeware

Page 1 of 2 12 LastLast

  1. Posts : 28
    7 premium 64
       #1

    returnil & sandboxie freeware


    Ive been useing this combo for sometime now, and i havent found any malware able to bypass as of yet. So why do you need antivirus, hipps, bb, firewalls, etc?
      My Computer


  2. Posts : 5,056
    Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
       #2

    Sandboxes and other virtual environments have their place but I would say only for testing purposes or for developers. E.g. when you run your browser, it makes changes to your system- registry settings, internet caches, browsing history etc. Plus downloads including any malware and spyware install themselves onto your hdd. When you run the same thing in a sandbox, all those changes still appear to be happening, but they're never actually permanently written to disk- when you exit the browser and the sandbox, all those changes disappear.

    So what if I want to save all the history or make a persistent change? Yes, if you mean the user decides to do all the "risky" browsing in sandboxie, thats a good idea. But then these days, malware comes in so many shapes and sizes and from so many sources that its impossibe to categorize risky or safe. So should I run in sandboxie all the time? Thats not a feasible idea.

    Thats where an AV comes in. A good layered security with an AV, firewall and on-demand scanner will save you from all kinds of attacks wherever they may be coming from- the user doesnt have to take the dicey decision of what to browse in a sandbox and what outside.

    Also, Sandboxie runs only in 32 bit windows. Plus there is a bit of a learning curve about handling a virtual environment. I'll need to do some R&D but i think there are some malwares designed for sandboxes as well. A sandbox is also not a firewall, it cant save you from hacking attacks. Even in a sandbox, your IP address remains unchanged and is visible.
      My Computer


  3. Posts : 28
    7 premium 64
    Thread Starter
       #3

    I am running windows 7 64, but thank you for your reply.
    You maybe right about the rest.
      My Computer


  4. Posts : 5,056
    Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
       #4

    I am running windows 7 64
    Full disclosure: The 64-bit edition of Sandboxie provides a reduced level of protection compared to the 32-bit edition of Sandboxie.
    This shortcoming is the result of a new security feature introduced in 64-bit editions of Windows, called Kernel Patch Protection. This feature aims to protect the core of Windows (the kernel) by regularly performing self-checks to detect changes.
    The problem is that a stock Windows kernel does not provide all the facilities necessary to implement a security solution such as Sandboxie. On 32-bit Windows, Sandboxie can dynamically enhance the Windows kernel to provide the missing functionality. This is not possible on 64-bit Windows, due to the Kernel Patch Protection feature.
    It should be noted, however, that even with this disadvantage, the 64-bit edition of Sandboxie is still an adequate front line of defense against most types of malicious software.
    Additionally, in order to compensate for this disadvantage, the 64-bit edition of Sandboxie enables the Drop Rights setting by default. This setting may need to be disabled before software can be installed into a sandbox.
    Source: Sandboxie - Notes About 64 Bit Edition
      My Computer


  5. Posts : 622
    Arch Linux 64-bit
       #5

    At the very least, a firewall should be used to keep intruders/hackers out.

    Unless you use the Restriction settings of Sandboxie and/or the Anti-Execute setting of Returnil, there is nothing stopping malware from downloading, executing and performing certain actions such as keylogging.

    I wouldn't recommend using a computer without at least a few (on-demand) anti-virus/anti-malware. Any website can be hacked and there is no way you can know that a certain download is safe (without viewing every single byte of code).
    Bill2 said:
    So should I run in sandboxie all the time? Thats not a feasible idea.
    Many users do. There are easy ways of saving any created or changed file with Sandboxie.
      My Computer


  6. Posts : 5,056
    Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
       #6

    Many users do.
    I guess there are people who prefer technical solutions to a little bit of common sense.
      My Computer


  7. Posts : 622
    Arch Linux 64-bit
       #7
      My Computer


  8. Posts : 5,056
    Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
       #8

    Common sense is enough?
    It would appear so- for most people. AFAIK, most people work in a real environment and use AVs, firewalls etc. combined with common sense to keep themselves safe. What about you- do you work in a sandbox all the time?
      My Computer


  9. Posts : 622
    Arch Linux 64-bit
       #9

    What's wrong with replacing that AV with Sandboxie? For starters, it is more reliable, historically.
      My Computer


  10. Posts : 5,056
    Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
       #10

    malexous said:
    What's wrong with replacing that AV with Sandboxie? For starters, it is more reliable, historically.
    Nobody said theres anything wrong, we're only discussing pros and cons. If the OP is happy with sandboxie, I'm happy.

    But tell me, when you make a hole in sandboxie to save changes etc. permanently, isnt that also an entry door for malware?
      My Computer


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 02:51.
Find Us