3rd party AV with Sandboxie, or not?

Discussion in 'Sandboxie (Invincea)' started by shmu26, May 12, 2016.

  1. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,248
    13,492
    Utopia
    I understand that Sandboxie has not updated their templates since they were bought by Invincea, and that there is a potential for Sandboxie to interfere with the functioning of the AV, due to Sandboxie's agressive hooks into the Windows kernel, and other reasons. They recommend to use the native Windows Defender, which doesn't conflict.

    What do you Sandboxie users run on your PCs? WD, or third-party AV? Or you aren't so concerned about AV, since you are sandboxed anyway?

    I was using Webroot SA, but I saw that SBIE doesn't even have a template for it at all, and furthermore, webroot has its own sandbox feature, and that made me concerned about hidden conflicts.
     
    Yash Khan likes this.
  2. Sandboxie Help

    Sandboxie Help From Sandboxie
    Developer

    Feb 26, 2016
    23
    55
    DC
    Correction. A/V conflicts with Sandboxie. Please get that straight. And we list the conflicts. We don't hide that.

    The aggressive hooks are needed, but unless you're a Dev supporting a program that has to work with Windows XP -Win 10 while working with a multitude of browsers, programs, security, tokens, etc.etc.etc.etc.etc. it's hard to grasp.

    There are 6 million A/V vendors it seems like. It's not our job to work with EVERY ONE of them. As we have our own proven, industry leading function to do...sandboxing-isolation- A container. Sorry we didn't dedicate resources to one particular A/V vendor. Your priorities are wrong it appears. Do you want to rely on A/V? Or proven containment????

    The templates open up holes in the sandbox and/or allow the A/V to work by ignoring the SB container. There are many other A/V software we've tested that works with SBIE. That's updated in our forum regularly and other long term, seasoned SBIE users have agreed Defender is all you need if your are curious what MAY be in the sandbox.

    Again, if SBIE is your primary protection, then the "extra" layer is just that...a feel good layer to see what is in the Sandbox.

    As for templates, That's not only an invincea issue. The original creator of SBIE wasn't a fan of templates either. Why should we waste resources on making A/V work with us when it's not needed overall & usually directly interferes with our product? We do that as a courtesy.

    As for other "Sandboxing" programs, well.... All I can say, there is only one Sandboxie. Proven. For over a decade. With 4+ million users.

    But you have Webroot....
     
    Yash Khan, Xtwillight and Spawn like this.
  3. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,248
    13,492
    Utopia
    Hey, I use Sandboxie too, my intent was not to criticize. You're doing a great job over there. I am just asking the community for input and advice, since I'm not a dev or a tester, and an ordinary user like me will let files out of the sandbox sooner or later, so it's good to have an effective AV as well. After all, some malware hides itself in a virtualized environment, so you can never be sure.
    The goal is multi-layered protection, in my opinion.
     
    Yash Khan, kuttan, davisd and 3 others like this.
  4. Morvotron

    Morvotron New Member

    Mar 24, 2015
    279
    1,881
    I can think on many ways to say that without being so agressive.

    Regarding to your question @shmu26, i've only used Sandboxie back on Windows 7 or virtual machines. On this Windows version, Sandboxie seemed to work well with my antivirus software, which name i can't remember right now. On virtual machines, i only tested Sandboxie on its own. Here on Windows 10 i've had way too many problems to install it and make it work, and very little time to ask for assistance on the forums, so i just rely on my main AV and tiny weightless complements to maximize security. Now about compatibility, Sandboxie Help Account has just said everything that could be said.
     
    Yash Khan, TerrakionSmash and davisd like this.
  5. FleischmannTV

    FleischmannTV Level 7
    Trusted

    Jun 12, 2014
    315
    1,157
    Windows 10
    I am of sorry if this sounds condescending, but in my opinion this so called "multi-layered protection" approach is a fallacy advertised by security forums and producers of companion products. The foundation of falling for this fallacy is the lacking of understanding how 1. Windows works, 2. malware works, 3. how malware prevention products work.
     
    TerrakionSmash and Yash Khan like this.
  6. XhenEd

    XhenEd Level 27
    Content Creator Trusted

    Mar 1, 2014
    1,607
    8,422
    Philippines
    Windows 10
    Default-Deny
    Someone's having a bad day at Invincea. :D

    Anyway, if a software is not in the current incompatibility list of Sandboxie, then I think that it may work fine. But, of course, any problem should be reported, so that adjustments can be made.
     
    Yash Khan likes this.
  7. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,162
    29,626
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    #7 Umbra, May 12, 2016
    Last edited: May 12, 2016
    i disagree, an OS should be protected from all attack vectors , if a single product does it , good, if not you need to fill the holes; in that case you need other softs , this is called the "multi-layer".

    you have a firewall = layer
    you have a AV = layer
    you have an anti-exploit = layer

    now those layers can be covered by a single product or by many.

    i'm using WD because i use Win10 ; i don't like Real-time AV.

    sandboxie is a full virtualization mechanism while the one in WSA is policy-one. nothing to conflict. at one time time i used both together but never used WSA sandbox; Sandboxie was safer and more convenient.
     
    Yash Khan, davisd, Duotone and 2 others like this.
  8. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,248
    13,492
    Utopia
    that's interesting, so what is your security
    could you please elaborate a little bit?
    I assume your approach is to use a single security product to its max?
     
    Yash Khan likes this.
  9. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,248
    13,492
    Utopia
    I saw from your security configuration that you use kaspersky. That's probably why you had grief from SBIE on windows 10.
    The only way I could get chrome to start up sandboxed with your configuration was by temporarily exiting kaspersky.
     
    Yash Khan likes this.
  10. Duotone

    Duotone Level 9

    Mar 17, 2016
    407
    2,517
    GEODETIC ENGINEER
    Philippines
    Windows 7
    Default-Deny
    #10 Duotone, May 13, 2016
    Last edited: May 13, 2016
    Yash Khan likes this.
  11. Kubla

    Kubla Level 2

    Jan 22, 2017
    95
    248
    United States
    #11 Kubla, Jan 22, 2017
    Last edited: Jan 22, 2017
    I have Kaspersky Total Security working with Chrome in Sandboxie but I had to disable scanning encrypted connections in Kaspersky but this is only for Chrome.

    Hitman Pro Alert works as well.

    * Note I found that running Chromium or Chromium trunks like Iron browser or Brave Browser disabling encrypted connections scaning was not needed.
     
    Yash Khan and shmu26 like this.
Loading...
Similar Threads Forum Date
Poll Prevent 3rd-Party Apps from "Spying" within Firefox Browsers and Extensions Dec 22, 2017
Promotional WonderFox 2017 Grand Christmas Party! Giveaways, Promotions and Contests Dec 19, 2017
Poll Which 3rd-party browser has best security features? General Security Discussions Dec 4, 2017