Sandboxie Support

Curt@invincea wrote:Sandboxie blocks exploits from affecting the host by containing them in the sandbox.

My general question about Sandboxie 4.12/alpha 4.13.5 are: against what forms of exploits, malwares, operation system vulnerabilities, dll injections, browser exploits, and etc. super-tightly configured Sandboxie does not, cannot and never will be able to protect against?
What about Invincea freespace (also super-tightly configured)?
Big thanks in advance.

Curt@invincea wrote:1) You can't block win32k.sys with Sandboxie.
2) MS did say that a workaround to prevent Duqu (and other True Type font vulnerabilities) was to remove access to t2embed.dll. So, you could have done the same with Sandboxie (by blocking t2embed.dll) -- if you had known to do it.

But could than and can now Sandboxie4 protect against Duqu malware by not blocking t2embed.dll, but yet with start/run restrictions?

This PDF discusses EMET and memory exploitation. http://www.invincea.com/why-invincea/mi ... omparison/

Curt@invincea wrote:This PDF discusses EMET and memory exploitation. http://www.invincea.com/why-invincea/mi ... omparison/

But what does this have to do with my questions about SBIE4 protection against all forms of exploits, including memory based exploits/memry-based malwares, plus buffer overflows?
Unless, you're saying that SBIE4 is very similar to Invincea when it comes to design and protection options, which I somehow doubt very much.

Lumberjack wrote:Unless, you're saying that SBIE4 is very similar to Invincea when it comes to design and protection options, which I somehow doubt very much.

Invincea is the name of the company, not the name of any software product.

Buster wrote:

Lumberjack wrote:Unless, you're saying that SBIE4 is very similar to Invincea when it comes to design and protection options, which I somehow doubt very much.

Invincea is the name of the company, not the name of any software product.

Seems Mr. Lumberjack is a bit reluctant, beforehand, to whatever Curt writes down as an answer to his questions.

Buster wrote:

Lumberjack wrote:Unless, you're saying that SBIE4 is very similar to Invincea when it comes to design and protection options, which I somehow doubt very much.

Invincea is the name of the company, not the name of any software product.

Yes, but this does not answer my questions about SBIE4 vs. memory exploits/memory payloads/malwares/buffer overflows and etc.

Invincea FreeSpace is built on top of Sandboxie.

Curt@invincea wrote:Invincea FreeSpace is built on top of Sandboxie.

Did you mean by this that by design, security and protections options Invincea FreeSpace=Sandboxie4?

Lumberjack wrote:Yes, but this does not answer my questions about SBIE4 vs. memory exploits/memory payloads/malwares/buffer overflows and etc.

I doubt any answer would satisfy you.

Lumberjack wrote:But could than and can now Sandboxie4 protect against Duqu malware by not blocking t2embed.dll, but yet with start/run restrictions?

Define "protect".

Lumberjack wrote: Did you mean by this that by design, security and protections options Invincea FreeSpace=Sandboxie4?

Lumberjack, I think Curt means that Freespace is Sandboxie and more. And when he posted the link below, he is telling you that what the link says, it applies to Sandboxie as well.
http://www.invincea.com/why-invincea/mi ... omparison/

To all: I know Lumberjack AKA as Coolwebsearch can be a pain in the butt with the barrage of questions but he is a nice kid. And he loves Sandboxie. Right, jack?

Bo

bo.elam wrote:

Lumberjack wrote: Did you mean by this that by design, security and protections options Invincea FreeSpace=Sandboxie4?

Lumberjack, I think Curt means that Freespace is Sandboxie and more. And when he posted the link below, he is telling you that what the link says, it applies to Sandboxie as well.
http://www.invincea.com/why-invincea/mi ... omparison/

To all: I know Lumberjack AKA as Coolwebsearch can be a pain in the butt with the barrage of questions but he is a nice kid. And he loves Sandboxie. Right, jack?

Bo

I do like Sandboxie, very, very much, actually I started to use it mostly because of your recommendations I've seen here on this and on and I did not regret it.
It's truly a wonderful piece of software, and the only reason why I ask so much questions is very simple reason:
I want to know, what else do I need to have for complete protection, and I wanted to know against what Sandboxie does not protect, so I can add protection in addition with Sandboxie.
So far the only thing that Sandboxie misses to protect are keyloggers and exploits within browser processes, if I'm still right?
Hopefully, curt will put in Sandboxie low level hooks to stop even keyloggers in the future (at least that was said on Wilder security forums, that sandboxie needs to block low level hooks if it wants to protect against keyloggers)?

Lumberjack wrote:(at least that was said on Wilder security forums, that sandboxie needs to block low level hooks if it wants to protect against keyloggers)?

The only time you need to worry about keyloggers is if you are banking or shopping on-line. So just delete the contents in your browsers sandbox before you bank or shop.
Now if you worry that your keystrokes are being monitored while visiting this or any other goofy website then you could use "Zemana's AntiLogger - Free", but frankly, who cares what we are all blathering about on the internet.

BoredNow wrote:... but frankly, who cares what we are all blathering about on the internet.

...the NSA? Shady Advertisers? People who really want to hack into your machine?