BleepingComputer.com: Security ? Stop `em or Chase `em

A Layman`s guide to security and eternal peace.
==================================

After many years of browsing the net and experience with almost all the popular security programs, I have arrived at this conclusion. No Masters Degree to understand it, just practical experience, common sense and the discovery of a unique security concept.

All our available security programs adopt a "Trailing" policy, they engage in a perpetual fight against infections by discovering all the new bugs as they come along and update their data base or "signatures" accordingly. That is a case of closing the gate when the horse has bolted. You never actually catch the horse.

We all know that prevention is better than a cure. Nobody wants to increase their security by experiencing the trauma of the last theft.

So, conventional AV, AM and such devices are OUT and Sandboxie is IN.

Ronan Tzur/Tzuk has devised the most brilliant approach to security available on the entire net. He has dispensed with the "Follow the leader" principle of all other programs and constructed what is in effect a "Maximum security prison", a Virtual space or "sandbox" where we can play our games in total abundance and freedom. All goodies and baddies are invited - come to the party. The baddies can do no harm, they can hobble around in the sandbox, going nowhere and when the browser is shut down, all the contents including the baddies are exterminated.

NOTHING gets out of the sandbox into our system - THAT is sheer brilliance - prevention is always better than deriving a cure, but you would be amazed at how many safety precautions are taken AFTER the event in modern society and transportation systems. Thousands of lives are lost in the eternal quest to make things more safe.

Sandboxie to my knowledge is Tzuk`s only revenue, so if some bug by a miracle finds an escape route out of the sandbox, then Ronan will with lightening speed block that leak. He has no alternative, because if Sandboxie ever developed a dent in it`s impenetrable armour, then Tzuk`s formidable program would become worthless and sales would plummet downwards faster than a lead balloon.

Tzuk`s miraculous Sandboxie is NOT a "Follow the leader" concept it is a "Get out of that" concept. Rather similar to the old Alcatraz "The Rock", where an astonishing record of only 3 escape attempts were made in it`s entire existence and they were not proven successful.

Conventional AV, AM and other "Follow the bugs" programs ? Pay your money and enjoy what they provide in repairing the damage. Sandboxie ? Pay your money or take the free version and enjoy a "Stop `em getting out" philosophy to go where you like on the net - Hackers and Bug purveyors ? Get lost !.

It is widely stated by many geeks that Sandboxie is all you need in terms of security. I have not read a single comment which is detrimental to Sandboxie. That is the extent of confidence it has generated. I personally agree, but would not be without my AV and FW. I just like belt and braces.

This post has been edited by John Bull: 22 September 2010 - 08:21 AM

Hello,

Sandboxie is a nice program, but these days, a securer version of Windows with proper configuration is a better way to go.

A more "secure" version of Windows...doesnt make it completely secure. Sandboxie seems to take out any chance of being infected, period.

John Bull, on Sep 22 2010, 09:12 PM, said:

This is important.

Securing your own computer system against infection is one side of the coin. The unavoidable flipside is the malicious activity an unsecured computer can be guilty of even if it is a sandboxed virtual instance of the OS.

Sandboxing is a completely valid security measure, but I have qualms about seeing it recommended as an ironclad solution for the layman. Especially if the implication is that it is then acceptable to avoid any further security measures like firewalling and malware monitoring.

A major contributor to online malicious activity such as DDOS attacks, spamming etc is the availability of unsecured computers online. An unsecured virtual session is just as usable in this way as an unsecured physical system. The only difference is that it is not enduring, the infected session ceases to exist when it is terminated. But re-infection is likely to be trivial once an infection source logs the IP - even if the system's IP is not static another session will have the same IP if the modem has not been cycled, and if it has, a range scan will find the new session.

Duty of care means a firewall and AV monitoring needs to be used even when sandboxed, and it's only sense to protect yourself against the possibility of being used in an attack against other computers. (Even just to avoid legal liability if anything was traced to your IP. And some ISPs suspend your service if your IP is logged as being involved in spamming etc.)

When it comes to the belt and braces, I think of it this way. Sandboxing is like wearing lead underpants. Protection is great, but I still want at least a belt so my pants don't fall down on the street.

This post has been edited by Platypus: 22 September 2010 - 06:39 PM

Hello,

"A more "secure" version of Windows...doesnt make it completely secure. "
Why?

"Sandboxie seems to take out any chance of being infected, period."
How?