- Jan 24, 2011
- 9,378
BufferZone Pro 4.0 Beta Released
- Thread starter Jack
- Start date
- Status
I tried Bufferzone and it's a great product. I'm glad they released a working version for the 64bit
OS. Hopefully they will improve on this beta and make it even better. 2+ rep thanks for the info.
OS. Hopefully they will improve on this beta and make it even better. 2+ rep thanks for the info.
MetalShaun
Level 1
- Mar 3, 2011
- 424
Ill just copy my post over from the Comodo forums about this product.
"Its a very good program i have tested it quite intensely recently. In terms of usability it is spot on, its very simple to use and has lots of features and configurable. There is a few niggles that would make me not use this program (if it didn't have these i would actually be very tempted to use this over Comodo).
Firstly it allows programs to add themselves to the start up when they are running in the buferzone. This is usually fine because any program that was added to the startup up in the buferzone runs in the bufferzone again at startup. But i infected the buffer zone so much that when when i restarted the VM it just ground to a halt because of lots of startup entries and one particular file that would constantly spawn other processes once started and would use about 80% of the CPU. After leaving the machine to sit for about 10 minutes i had over 130 processes running in taskmanager. I got round it by killing the few problem processes in task manager (was painfully slow) then clearing the buffer zone of active processes. You could probably also do this by starting in safe mode but you shouldn't really have to, bufferzone should maybe prompt you for the startup processes or something so the machine is still usable.
Also i found the bufferzone a little leaky, its very good at virtualization most programs run in the bufferzone fine but i think this is at a slight cost to security. After infecting the machine with around 60 or so samples and entirely cleaning the bufferzone there were a few registry keys and files in the system32 folder that remained and seemed to be created on the real system. I am not sure if this is actually a security risk or not (the files could run in th bufferzone on execution) but you still expect everything to be removed when you empty the bufferzone and everything to be redirected to the Virtual deposit on the C drive."
Cheers
Shaun
"Its a very good program i have tested it quite intensely recently. In terms of usability it is spot on, its very simple to use and has lots of features and configurable. There is a few niggles that would make me not use this program (if it didn't have these i would actually be very tempted to use this over Comodo).
Firstly it allows programs to add themselves to the start up when they are running in the buferzone. This is usually fine because any program that was added to the startup up in the buferzone runs in the bufferzone again at startup. But i infected the buffer zone so much that when when i restarted the VM it just ground to a halt because of lots of startup entries and one particular file that would constantly spawn other processes once started and would use about 80% of the CPU. After leaving the machine to sit for about 10 minutes i had over 130 processes running in taskmanager. I got round it by killing the few problem processes in task manager (was painfully slow) then clearing the buffer zone of active processes. You could probably also do this by starting in safe mode but you shouldn't really have to, bufferzone should maybe prompt you for the startup processes or something so the machine is still usable.
Also i found the bufferzone a little leaky, its very good at virtualization most programs run in the bufferzone fine but i think this is at a slight cost to security. After infecting the machine with around 60 or so samples and entirely cleaning the bufferzone there were a few registry keys and files in the system32 folder that remained and seemed to be created on the real system. I am not sure if this is actually a security risk or not (the files could run in th bufferzone on execution) but you still expect everything to be removed when you empty the bufferzone and everything to be redirected to the Virtual deposit on the C drive."
Cheers
Shaun
Along the lines of what you are saying MetalShaun, I've seen a review of Sandboxie which allowed some empty and harmless folders be created outside of the Sandbox or BufferZone but they were seemingly not in any way a problem, perhaps this is the same situation that you have seen? I will not or do not plan to test the BETA but I will almost definitely use the Final once I see it has been out a bit and generally works well for the majority of users.
- Jan 24, 2011
- 9,378
“This beta version is the next step in our development of BufferZone Pro 4.0. As we enter the beta phase, we will be engaging with our beta testing community to ensure that version 4.0 exceeds the expectations of our customers. We look forward to hearing their responses to the new version, as well as what other capabilities we can incorporate to continue offering the most superior Threat Virtualization product on the market. We expect that the general availability version (GA) will be released in the third quarter of 2011″ said Trustware CEO Jim Penosky.
So we will have to wait until we can get our hands on BufferZone Pro
Also Penosky added that :
"Our goal is to provide customers with the most current and accessible technology. The first stage was to eliminate the yearly payment for BufferZone Pro protection and open the door for BufferZone Pro’s preventive security to be used freely by home users. Now, adding support for the 64-bit versions of Windows makes BufferZone Pro even more accessible”
So BufferZone Pro will stay free even in version 4.Awesome News!
So we will have to wait until we can get our hands on BufferZone Pro
Also Penosky added that :
"Our goal is to provide customers with the most current and accessible technology. The first stage was to eliminate the yearly payment for BufferZone Pro protection and open the door for BufferZone Pro’s preventive security to be used freely by home users. Now, adding support for the 64-bit versions of Windows makes BufferZone Pro even more accessible”
So BufferZone Pro will stay free even in version 4.Awesome News!
MetalShaun
Level 1
- Mar 3, 2011
- 424
Tweak said:
I am very familiar with programs like bufferzone, geswall and sandboxie and i always look out for this. They were definitely not empty folders. One was some random data file on the desktop. one was i think a DLL (but my memory is not great) in the system 32 folder and the others where registry keys left over from a rogue. Bufferzone is a little different than Geswall because when you move something into the bufferzone it is moved into the virtual directory on the C drive (which you can change which i think is a great feature) and just a shortcut is left where the orignal file was for usability reasons. So when you download a file to the desktop you actually get two files, one is C:\Virtual\Users\user\desktop\Malware.EXE (actual file) And C:\Users\user\desktop\malware.LNK (just a harmless shortcut). But in this case it looked like the actual file was created in the system32 folder and not a shortcut. I believe the file was Probably still under bufferzones restrictions when executed , The file on the desktop still had the bufferzone logo in the corner of the Icon. It could well be a usability thing that certain directories/programs/registry keys are not visualized and exist on the real system (like Comodo's auto sandbox). But these files should still have been removed when the Bufferzone is emptied.
cheers
Awesome, thank you very much MetalShaun for the added information as well as the insight, as you might have guessed I was only asking if perhaps it was possible, now I better understand both what you are dealing with and how the links to the file works, really appreciate the added knowledge. I've only toyed with it a tiny bit so hopefully I get the chance to play with it more soon.
MetalShaun
Level 1
- Mar 3, 2011
- 424
Finally got my email to Beta test this program, can't wait to see how well this program works on 64bit was very excited about this when I last used it.
- Jan 24, 2011
- 9,378
MetalShaun said:
I'm waiting a validation since 03/28/2011... I'm starting to think I'll never get a email back from them... :dodgy:
Not a lot of updates were available in this months.....could be this due to the lack of transparancey in the beta development or they've stumble upon the 64bit Patch Guard and can't go around her..... :s
- Status
