New
#1
returnil & sandboxie freeware
Ive been useing this combo for sometime now, and i havent found any malware able to bypass as of yet. So why do you need antivirus, hipps, bb, firewalls, etc?
Ive been useing this combo for sometime now, and i havent found any malware able to bypass as of yet. So why do you need antivirus, hipps, bb, firewalls, etc?
Sandboxes and other virtual environments have their place but I would say only for testing purposes or for developers. E.g. when you run your browser, it makes changes to your system- registry settings, internet caches, browsing history etc. Plus downloads including any malware and spyware install themselves onto your hdd. When you run the same thing in a sandbox, all those changes still appear to be happening, but they're never actually permanently written to disk- when you exit the browser and the sandbox, all those changes disappear.
So what if I want to save all the history or make a persistent change? Yes, if you mean the user decides to do all the "risky" browsing in sandboxie, thats a good idea. But then these days, malware comes in so many shapes and sizes and from so many sources that its impossibe to categorize risky or safe. So should I run in sandboxie all the time? Thats not a feasible idea.
Thats where an AV comes in. A good layered security with an AV, firewall and on-demand scanner will save you from all kinds of attacks wherever they may be coming from- the user doesnt have to take the dicey decision of what to browse in a sandbox and what outside.
Also, Sandboxie runs only in 32 bit windows. Plus there is a bit of a learning curve about handling a virtual environment. I'll need to do some R&D but i think there are some malwares designed for sandboxes as well. A sandbox is also not a firewall, it cant save you from hacking attacks. Even in a sandbox, your IP address remains unchanged and is visible.
I am running windows 7 64, but thank you for your reply.
You maybe right about the rest.
I am running windows 7 64Source: Sandboxie - Notes About 64 Bit EditionFull disclosure: The 64-bit edition of Sandboxie provides a reduced level of protection compared to the 32-bit edition of Sandboxie.
This shortcoming is the result of a new security feature introduced in 64-bit editions of Windows, called Kernel Patch Protection. This feature aims to protect the core of Windows (the kernel) by regularly performing self-checks to detect changes.
The problem is that a stock Windows kernel does not provide all the facilities necessary to implement a security solution such as Sandboxie. On 32-bit Windows, Sandboxie can dynamically enhance the Windows kernel to provide the missing functionality. This is not possible on 64-bit Windows, due to the Kernel Patch Protection feature.
It should be noted, however, that even with this disadvantage, the 64-bit edition of Sandboxie is still an adequate front line of defense against most types of malicious software.
Additionally, in order to compensate for this disadvantage, the 64-bit edition of Sandboxie enables the Drop Rights setting by default. This setting may need to be disabled before software can be installed into a sandbox.
At the very least, a firewall should be used to keep intruders/hackers out.
Unless you use the Restriction settings of Sandboxie and/or the Anti-Execute setting of Returnil, there is nothing stopping malware from downloading, executing and performing certain actions such as keylogging.
I wouldn't recommend using a computer without at least a few (on-demand) anti-virus/anti-malware. Any website can be hacked and there is no way you can know that a certain download is safe (without viewing every single byte of code).
Many users do. There are easy ways of saving any created or changed file with Sandboxie.
I guess there are people who prefer technical solutions to a little bit of common sense.Many users do.
Common sense is enough?
Sandboxie - Quick Recovery
Sandboxie - Immediate Recovery
Sandboxie - Applications Settings
It would appear so- for most people. AFAIK, most people work in a real environment and use AVs, firewalls etc. combined with common sense to keep themselves safe. What about you- do you work in a sandbox all the time?Common sense is enough?
What's wrong with replacing that AV with Sandboxie? For starters, it is more reliable, historically.