- Nov 21, 2011
- 2,192
Seems to be a question that gets asked a lot recently.
Melih Comodo's CEO posted a link to this nice article.
Melih Comodo's CEO posted a link to this nice article.
How to Keep Your PC Safe With Sandboxing
- Thread starter NSG001
- Start date
- Jan 8, 2011
- 22,354
These are just some thoughts, nothing specific.
Sandboxie - Running in the sandbox from the start, or on-demand.
Avast Auto-Sandbox - Run programs in sandbox if suspicious.
Avast Manual Sandbox - Running in the sandbox from the start, or on-demand.
Comodo Sandbox - Runs all program suspicious or not in the sandbox (excluding the TVL).
For most parts Comodo Sandbox is like a paranoid human who is scared of running programs outside the sandbox, and their PC might be abducted by aliens.
Not everything needs to be sandboxed, that why I prefer Avast's Auto-Sandbox, and SBIE has the option to recover files.
Sandboxie - Running in the sandbox from the start, or on-demand.
Avast Auto-Sandbox - Run programs in sandbox if suspicious.
Avast Manual Sandbox - Running in the sandbox from the start, or on-demand.
Comodo Sandbox - Runs all program suspicious or not in the sandbox (excluding the TVL).
For most parts Comodo Sandbox is like a paranoid human who is scared of running programs outside the sandbox, and their PC might be abducted by aliens.
Not everything needs to be sandboxed, that why I prefer Avast's Auto-Sandbox, and SBIE has the option to recover files.
- Nov 5, 2011
- 5,855
.
And it would be nice to return to the topic:
Best Free Sandbox Virtualization Software: http://malwaretips.com/Thread-Best-Free-Sandbox-Virtualization-Software
It has 1,270 Views today, so it's popular.
Thanks!
And it would be nice to return to the topic:
Best Free Sandbox Virtualization Software: http://malwaretips.com/Thread-Best-Free-Sandbox-Virtualization-Software
It has 1,270 Views today, so it's popular.
Thanks!
Personally, I use Sandboxie for just about everything, including: browsing, opening my EMail client and opening files in my computer or recently downloaded. Most programs open up in their own restricted sandbox and none is allowed to connect to the Internet other than my browsers and Outlook Express, except when updating. At updating/upgrading time is the only time that I open programs out of the sandbox.
Doing it like this, its an easy, effective and quiet way of keeping my PC clean. No pop ups, no updating virus definitions or doing product upgrades that some time go awry and the best part of it, is that it works. Using SBIE all the time and following some (of your own) rules is all that's required together with a little bit of brain work for SBIE to work well.
Right after I learned, 3 years ago that there were technologies available that don't rely on definitions, I found Sandboxie. Choosing to use it, I consider, was a smart decision and one that has made my Internet experience a lot better than before. This is why I recommend SBIE.
Bo
Doing it like this, its an easy, effective and quiet way of keeping my PC clean. No pop ups, no updating virus definitions or doing product upgrades that some time go awry and the best part of it, is that it works. Using SBIE all the time and following some (of your own) rules is all that's required together with a little bit of brain work for SBIE to work well.
Right after I learned, 3 years ago that there were technologies available that don't rely on definitions, I found Sandboxie. Choosing to use it, I consider, was a smart decision and one that has made my Internet experience a lot better than before. This is why I recommend SBIE.
Bo
Littlebits
Retired Staff
- May 3, 2011
- 3,893
win7holic said:
Avast is the only one that applies the theory of sandboxing correctly.
It checks for digital signatures and file hashes and if the process is suspicious then it prompts you on what to do. You can do some checking before making your decision to Allow or Sandbox. If the file is from a trusted source, then you will know the file is safe.
Many open-source freeware and other files may not be digitally signed by the vendors because just because they are marked suspicious, doesn't mean that they are malware. It all depends on where you got the file.
There is completely no reason to sandbox digitally signed processes because there is no way they can be malware unless that digitally signed file has tampered with and usually that can be identified by the verification process which marks them invalid and suspicious.
I have never used any sandboxing applications for active protection, only for testing unknown programs. I simply never get infections by following my own common knowledge. I don't need a program to do all my decision making for me.
Thanks.
Hey Littlebits, unlike the Avast or Comodos sandbox, Sandboxie does not use any signatures and it never sandboxes anything automatically because it is suspicious or it is unknown. Sandboxie treats all programs the same.Littlebits said:I have never used any sandboxing applications for active protection, only for testing unknown programs. I simply never get infections by following my own common knowledge. I don't need a program to do all my decision making for me.
Thanks.
When you use Sandboxie, all decisions are yours to make, the program does not make ANY decision for you and the only way that a user can get kill when using SBIE, is when the user makes the wrong decision by recovering an infected file and running it out of the sandbox.
Decisions are for the user to make, the program does not make any decisions.
Greetings
Bo
Littlebits
Retired Staff
- May 3, 2011
- 3,893
bo.elam said:Hey Littlebits, unlike the Avast or Comodos sandbox, Sandboxie does not use any signatures and it never sandboxes anything automatically because it is suspicious or it is unknown. Sandboxie treats all programs the same.Littlebits said:I have never used any sandboxing applications for active protection, only for testing unknown programs. I simply never get infections by following my own common knowledge. I don't need a program to do all my decision making for me.
Thanks.
When you use Sandboxie, all decisions are yours to make, the program does not make ANY decision for you and the only way that a user can get kill when using SBIE, is when the user makes the wrong decision by recovering an infected file and running it out of the sandbox.
Decisions are for the user to make, the program does not make any decisions.
Greetings
Bo
Howdy Bo, I wasn't referring to Sandboxie in general, since it is a manual sandboxing application which does an excellent job if used correctly. You decide what to run in the Sandbox, however might not be good for novice users. Avast sandbox is different, it only prompts you on suspicious processes, it doesn't automatically run programs in the sandbox by default like Comodo does without notifying you and is very novice user friendly.
The point I was trying to make, there is no reason to either manually sandbox or automatically sandbox known safe processes with valid digital signatures. They can not be malware. Doing so will just cause you problems and extra unneeded work. Of coarse if you can add all of your web applications to a sandbox if you don't trust your own actions, but malware just don't automatically download and install itself, you have to manually do it yourself.
Avast sandbox does an excellent job flagging zero-day malware before signatures can be released.
Thanks.
Ayanami
New Member
- Jan 14, 2012
- 81
sandboxie is a wonderful application especially for testing unknown files (VM and Shadowdefender as alternatives if the application requires to install *.sys), but how about phishing and fraud sites? Even you open these kind of pages in sandboxie ,it can do nothing unless you have been aware of the risk .( no malware on the page,just ask you to put credit card number and passwords ) Social Engineering attack grows very fast in recent years .So maybe a good habit and sharp mind is the most powerful weapon
I might be wrong but I think the Avast sandbox can be set to either automatically sandbox or ask to sandbox when a process is unknown/suspicious.Littlebits said:Avast sandbox is different, it only prompts you on suspicious processes, it doesn't automatically run programs in the sandbox by default like Comodo does without notifying you and is very novice user friendly.
Avast sandbox does an excellent job flagging zero-day malware before signatures can be released.
Thanks.
I agree with you, I think the Avast sandbox is good and its probably going to be better as time goes on. People using Avast and not using other sandboxing software, should use the sandbox. I can not see a good reason not to. It is easy to use and if a bona fide program get flagged as suspicious, it can be excluded.
Bo
- Aug 23, 2011
- 2,291
bo.elam said:I might be wrong but I think the Avast sandbox can be set to either automatically sandbox or ask to sandbox when a process is unknown/suspicious.Littlebits said:Avast sandbox is different, it only prompts you on suspicious processes, it doesn't automatically run programs in the sandbox by default like Comodo does without notifying you and is very novice user friendly.
Avast sandbox does an excellent job flagging zero-day malware before signatures can be released.
Thanks.
Yes, but set by default to ask, which may be some kind of confusing for a complete novice user. They just need to set it to automatic and add a notification when a program is launched in the sandbox.
Similar threads
-
- Question
