Yes, sure it is, but anti executables and sandboxies dont have much value for the average user (not the completely layman) in a domestic environment, they are much more suitable for corporate usage.
The reason for this is because in most cases they are just blocking what the user wants to do without telling "him" why (usually they cant mark the file as malicious like an antivirus).
For example, the home user wants to run a crack (with a patch function), the antiexecutable or/and sandbox will simple be disabled because he wants to pirate that software and he will run the file anyway, unless the antivirus explicitly tell him that the file is actually dangerous, so in another words, get the real crack and not a disguised malware.
I dont need an antiexecutable to block hot party photos.jpg.exe, but I want an antivirus to protect me if I made a misjudgment while running the software that I need, a thing that a sandbox, because of some nasty malware tricks, cant do.
Kaspersky, ESET, Symantec and other big players would love to save resources that they spend with signature crafting, cloud infrastructure, researchers, false positive testing with "static" solutions like sandboxies and anti executables, but they cant do that, because those are not the answer for the malware problem.
I'm not sure, I think it's more that there's no clickthrough solution that also has negligible performance penalty, I've worked in a few fortune 500 companies, they all employed AVs/endpoint protection + some form of whitelisting on desktops, none used sandboxes (at least not for security). I'm not aware of why this is so but that's my experience.
The entry points for malware for home imo are mainly the browser and possibly email ( though as webmail is very common the later does not apply to many people ). A sandboxed or even better virtualized browser would protect the main entry point fairly well. MS has WDAG, HP is also pushing a solution like this (Sure Click) - the problems imo are WDAG's efficiency and Sure Click doesn't seem to work (at least on UAC accs, haven't tried admin).
The current lack of good existing clickthrough solutions though is different to the architecture being not fit for home use. E.g. snap apps do this very well ( with containerization ), Microsoft jumped into the native containers game a bit late but one day we may see something like this on Windows. Something like kata containers About Kata Containers | Kata Containers ( very lightweight ) would be even stronger than containerised apps (it's a virtualization solution, despite having the word containers as part of its name) but again this is a train MS didn't pay too much attention to initially.
With WSL2, I plan to actually use snap apps for browsing and email, but even this is not clickthrough enough for widespread use.
Last edited: