Ken said:
On my Mac, I have Parallels Desktop for Mac, but I've learned that
Windows and Windows software can't be depended on to operate 100%
correctly, or as intended. And, I want to test a couple of programs
running as close to the "real world" as possible without doing any
permanent damage to my Windows install, regardless of how unlikely that
would be. I was considering using System Restore for this, until I
remembered the sandbox idea.
I've downloaded all three, and Sandboxie does still nag you.
Couldn't find a place on MS using the magnificent Bing (<--- sarcasm) to
download the program.
Gawd, I hate the websites that insist on you joining or using their
installer. Q#@%^@%$@%$ My experience using Brothersoft has been
horrible, I'll never use their site again.
I try to avoid Brothersoft. I don't trust that download site. I only
go there is the *author* of a program is using Brothersoft to provide
bandwidth for their downloads. Otherwise, I get the software from the
vendor's own site or someplace well-known, like Softpedia.com or
Download.com (although I dislike the wrapper Cnet puts on many, not all,
downloads from download.com). None of the products mentioned must be
downloaded at Brothersoft. Sandboxie uses Brothersoft to handle the
bandwidth for downloads - but they also have download links from their
own server and Techspot plus you can get it at Softpedia and
Download.com. All but Returnil have their own site do downloads of
their software (Returnil uses MajorGeek.com). SteadyState, VirtualPC,
VMWare Player, and Virtualbox are downloaded from their vendor's own
server, not from Brothersoft. Returnil uses the MajorGeeks.com site to
offload the bandwidth for downloads.
I don't remember that VirtualPC, VirtualBox, or Returnil make you
register (to download or install) but VMWare does and I haven't
re-trialed Sandboxie because I'm not interested in nagware; however, I
wouldn't care if some vendor wants me to register. I never use my true
e-mail address to register. Either I use a disposable e-mail account
(e.g., Hotmail, Gmail, Yahoo) or I use an e-mail alias (e.g.,
Sneakemail). I don't need to worry that they'll abuse the e-mail
address because for a disposable account it gets disposed of after
registration and for the alias it self-destructs at 3 uses (unless I
specify a different usage count in the alias or in the config for my
alias account). Unless you protect your e-mail address, figure it will
get abused.
"Couldn't find a place on MS using the magnificent Bing". Don't know to
what was supposed to "the program" since you didn't say. On WHAT were
you searching? Are you talking about Microsoft's SteadyState?
http://www.bing.com/search?q=micros...H&pq=microsoft%20steadystate&sc=0-0&sp=-1&sk=
http://www.google.com/search?q=microsoft+steadystate
Returnil will give you your desire to test the software or changes on
the real host (Windows+hardware) than the other solutions that emulate
the hardware (e.g., VMs) or attempt to isolate an application either
with system hooks or privileges (e.g., Sandboxie, GeSWall). The only
thing virtualized with Returnil is the disk writes which still go to the
real hardware but are secured within a specific cache that disappears
when you reboot. While using Returnil, yep, any malware will do
whatever it wants, you can edit document files, you can save a history
of web sites that you visit (which will still be in the index.dat file
even if you configure IE to wipe its history on exit), capture streamed
videos into local files, add printers or install software (as a long as
a reboot isn't required). When you reboot, ALL those changes you,
programs, or malware made are obliterated since they never were written
to the real hard disk (and where, also, are the registry's .dat files).
I test unknown and untrusted software in a VM. Then, if I have one,
move it to a sandbox. Then test it while Returnil is active. Lastly it
goes on my real host if it hasn't exhibited unwanted behavior in the
prior test environments and assuming that I decided it was something I
wanted during those trials.
