Question about expermental protection Sandboxie...

[Lumberjack]

I just saw this here on an older post, this is Tzuk's post:
Tzuk specifically said:
Differences between 64-bit Experimental Protection and 32-bit Protection:

1. There is no kernel mode protection for use of the EndTask API to terminate processes outside the sandbox.

2. There is no kernel mode protection that can prevent malware setting the password for a user account which does not have a password set.

3. There is no kernel mode protection that can prevent a program from writing event messages to the Windows logs.

Note that Sandboxie does offer user mode protection for all these things, in this version as well as past versions. However, it must be noted that user mode protection is weaker than kernel mode.

All in all, these are trivial differences and I think it is safe to say that with Experimental Protection enabled, 64-bit Sandboxie can now offer 99% of the security of 32-bit Sandboxie.

Edit:

One more detail I should mention about the differences. Where the 32-bit version is able to completely deny access to a resource, where necessary, the 64-bit version cannot do this. The 64-bit version can still prevent mis-use of the resource, but to be extra sure, the 64-bit version will immediately terminate any program that is misbehaving and issue a message - SBIE2314 Canceling process.

So what does this all mean that SBIE cannot protect against kernel level threats anymore in 64-bit systems?

I don't use betas I use SBIE 3.76, but if SBIE in this version on 64-bit systems uses user-level hooks they are much less secure than kernel-level hooks used in 32-bit systems.
And anyone using kernel level programs/bypassing/hacking can bypass SBIE (on 64-bit systems)?

I mean is there anything to worry about this?
I'm using 3.76 version.

And how does SBIE protect against the following, I found this on Geswall website:
http://www.gentlesecurity.com/protectnetwork.html

Thanks to all.