Quote:
Originally Posted by mart44
It seems to me that you don't think Sandboxie does what it claims to do, not to any degree.
Me? I'm just an end user who reads a lot and weighs up what people and articles say. That's what most of us end users do before installing and using security software I think. I'm possibly not going to understand explanations of how you put Sandboxie to the test.
|
Well I apologize if it came out wrong. The "claims" I was referring to in that quote are specifically Wittmann's claims in the OP. Those are not Sandboxie's claims. Sandboxie is a sandbox application. One needs to understand it's scope and its limitations to understand how to use it correctly, rather than just believing some blabber about it being the 'ultimate security application' and 'impregnable'. It specifically mentions protecting web browsers as one of it's strengths on it's own website, which is correct. However, by erasing all changes after each session it is acting like incognito mode. It does not stop viruses exploiting your browser or getting on your computer. It just erases them when you close it down, assuming of course, those viruses don't also carry sandbox escape exploits like the one documented above. Web browsers incidentally do have their own sandboxing built in, and IMO that is more thoroughly tested than Sandboxie's, because they are subject to sustained and targeted attack by experienced experts such as at the pwn2own hacking contests. I haven't seen any such tests for Sandboxie to back up the OP's claims.
Quote:
|
That's where other forums come in. Since your own strongly felt opinions seem to go against popular opinion, it would be good to read a debate between many people regarding why you think Sandboxie is a poor security program. It could draw some flak but you seem up to the job. Also, I'm sure the Sandboxie developers would like to know about the vulnerabilities found and the way you found them. They could then say if they thought the test was valid or not and work on improvements if warranted.
|
I never wanted to get too involved in this to begin with. The sandbox escape I found involves using proprietary, undocumented Microsoft APIs that Sandboxie does not claim to protect or prevent. Pretty much everything they claim is monitored and/or blocked is. But it'd be unreasonable to expect them to have covered every undocumented hole in Windows and that brings me back to the original point - Wittmann's claim that Sandboxie alone negates the need for windows updates or any other antivirus. That's the main problem here.
Quote:
|
Incidentally, I'm running Sandboxie on a fully patched Windows 8.1 system. Since this is the case, might you have the opinion the program is not needed because patches negate the necessity for it? Sandboxie forms part of a layered security approach on my system but with the tirade I might get in saying what the other layers are, it's probably best to remain silent.
|
No, I'm not saying additional security is not needed on a fully patched system. The very nature of patches involves fixing issues that were not previously known before the patch was released. No system is perfect. Pwn2own 2014 proved even the latest fully patched versions of all major browsers and Windows 8.1 itself is still vulnerable. Additional security of your own choice is not a bad thing. Flagrantly boasting about running an OS that's been unpatched for several years claiming it's fully secure because Sandboxie protects against all bugs and threats, like the OP did,
is a bad thing. He even later claims 'all other AV programs are a complete waste of time'. That is stupid, and dangerous.