Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,690 --> 00:00:03,126 Let’s go through some sandbox applications 2 00:00:03,151 --> 00:00:05,613 you could use to protect your applications 3 00:00:05,638 --> 00:00:09,431 that interact with untrusted sources, such as the internet. 4 00:00:09,595 --> 00:00:11,969 Particularly, you want to sandbox your browser 5 00:00:12,056 --> 00:00:14,112 and email client as a minimum. 6 00:00:14,294 --> 00:00:16,336 So Windows sandboxes first. 7 00:00:17,317 --> 00:00:20,865 Have a look at this video on Bufferzone. It’s a commercial sandbox, 8 00:00:20,963 --> 00:00:23,645 but the video will give you a good idea 9 00:00:23,670 --> 00:00:26,614 of the sort of functionality that sandboxes offer. 10 00:00:27,215 --> 00:00:28,636 Welcome to Bufferzone. 11 00:00:29,071 --> 00:00:33,198 In this demo, we’ll show you how Bufferzone virtual container technology 12 00:00:33,476 --> 00:00:35,571 blocks ransomware and other exploits, 13 00:00:35,944 --> 00:00:38,066 prevents them from accessing your files, 14 00:00:38,474 --> 00:00:41,770 and keeps them from infecting other users in your organization. 15 00:00:43,170 --> 00:00:46,198 We received this ransomware inside an email attachment. 16 00:00:46,959 --> 00:00:49,421 It’s embedded in a word file that looks harmless. 17 00:00:58,437 --> 00:00:59,646 When you open the file, 18 00:00:59,937 --> 00:01:02,720 the malware silently downloads onto the computer. 19 00:01:03,389 --> 00:01:06,696 By the time you realize that the file isn’t legitimate and close it, 20 00:01:07,013 --> 00:01:08,077 it’s too late. 21 00:01:08,984 --> 00:01:11,199 At this point, the malware keeps quiet, 22 00:01:11,543 --> 00:01:14,559 so a lot of users would decide that the file was just spam, 23 00:01:15,041 --> 00:01:17,952 but in fact, the ransomware is busy working in the background 24 00:01:18,223 --> 00:01:19,668 locking our files. 25 00:01:20,246 --> 00:01:21,254 10 minutes later, 26 00:01:21,596 --> 00:01:23,904 the ransom note arrives threatening to destroy 27 00:01:23,929 --> 00:01:26,938 the encryption keys if we don’t follow their instructions. 28 00:01:27,421 --> 00:01:29,306 When we click on show files, 29 00:01:29,698 --> 00:01:33,690 we see a list of all the files on the disk that were supposedly encrypted. 30 00:01:35,675 --> 00:01:39,298 No worries. We are protecting email attachments with Bufferzone. 31 00:01:39,595 --> 00:01:43,674 The infected word file was opened in an invisible virtual container. 32 00:01:44,397 --> 00:01:46,545 When Word is running inside the container, 33 00:01:46,714 --> 00:01:49,215 it is actually segregated from the file system, 34 00:01:49,397 --> 00:01:51,620 the registry, and the computer’s memory. 35 00:01:52,619 --> 00:01:54,985 When the ransomware tried to access our files, 36 00:01:55,206 --> 00:01:57,026 they were copied into the container. 37 00:01:57,437 --> 00:01:59,725 The ransomware has encrypted the copy, 38 00:02:00,317 --> 00:02:02,308 but our original files are safe. 39 00:02:03,810 --> 00:02:06,390 If the exploit tried to write to the registry or memory, 40 00:02:06,579 --> 00:02:09,536 it would also be fooled into accessing the virtual copy. 41 00:02:10,579 --> 00:02:13,510 The Bufferzone container is also segregated from the network, 42 00:02:13,825 --> 00:02:17,013 so the ransomware cannot get out to infect other computers. 43 00:02:19,063 --> 00:02:20,577 To eliminate the ransomware, 44 00:02:20,705 --> 00:02:22,895 we simply empty the Bufferzone container. 45 00:02:25,381 --> 00:02:27,579 You see that the encrypted files are gone, 46 00:02:27,635 --> 00:02:29,376 but the original files remain. 47 00:02:30,507 --> 00:02:33,278 Bufferzone’s patented containment technology 48 00:02:33,547 --> 00:02:36,923 provides protection from phishing scams, drive-by downloads, 49 00:02:37,087 --> 00:02:41,468 malvertising, zero-day exploits, and many other types of advanced malware. 50 00:02:41,873 --> 00:02:45,328 It enables you to browse the internet, open email attachments, 51 00:02:45,516 --> 00:02:48,102 and open files from removable media safely. 52 00:02:48,511 --> 00:02:50,874 Try Bufferzone today. Learn more – 53 00:02:51,508 --> 00:02:54,157 So there you are. This product looks good, 54 00:02:54,437 --> 00:02:56,588 but I haven’t comprehensively tested it. 55 00:02:56,702 --> 00:02:59,449 It looks like they’re aiming at the business market though 56 00:02:59,474 --> 00:03:01,190 and not for personal use, 57 00:03:01,326 --> 00:03:04,540 but it looks like a very good product for Windows only. 58 00:03:05,516 --> 00:03:08,909 Another sandbox type of technology is Shadow Defender. 59 00:03:09,056 --> 00:03:13,319 Shadow Defender can run your system in a virtual environment 60 00:03:13,344 --> 00:03:15,520 which they call the shadow mode. 61 00:03:15,595 --> 00:03:20,263 Shadow mode redirects each system change to a virtual environment 62 00:03:20,288 --> 00:03:22,581 with no changes to the real environment. 63 00:03:22,802 --> 00:03:25,982 Not tested this one. This is Windows only. 64 00:03:27,087 --> 00:03:31,751 Another sandbox-like tool that works slightly different is Deep Freeze. 65 00:03:31,794 --> 00:03:34,080 And Deep Freeze is a kernel level driver 66 00:03:34,105 --> 00:03:36,752 that protects the hard drive integrity 67 00:03:36,823 --> 00:03:41,310 by redirecting information being written to the hard drive partition, 68 00:03:41,373 --> 00:03:43,146 leaving the original data intact. 69 00:03:43,690 --> 00:03:47,070 This redirected information is no longer referenced 70 00:03:47,167 --> 00:03:49,525 once the computer is restarted, 71 00:03:49,770 --> 00:03:54,774 thus restoring the system to its original state at the disc sector level. 72 00:03:54,933 --> 00:03:56,416 So essentially what this is doing 73 00:03:56,441 --> 00:03:59,402 is making sure that every time your system reboots, 74 00:03:59,458 --> 00:04:02,156 it restores to exactly the same state. 75 00:04:02,302 --> 00:04:06,159 This works on Windows, Mac, and Linux versions are available. 76 00:04:06,794 --> 00:04:09,045 But know, with this type of sandboxing, 77 00:04:09,143 --> 00:04:12,111 there’s no protection until you reboot. 78 00:04:12,183 --> 00:04:17,102 So an attacker, for example, could read your files with malware 79 00:04:17,190 --> 00:04:19,272 until you actually do the reboot, 80 00:04:19,327 --> 00:04:23,359 and then when you do the reboot, the malware will no longer exist. 81 00:04:24,167 --> 00:04:28,127 There is also the Deep Freeze cloud browser and desktop. 82 00:04:29,190 --> 00:04:32,293 Another kind of sandbox is Returnil. 83 00:04:32,421 --> 00:04:35,867 This creates a cloned version of your system partition 84 00:04:35,892 --> 00:04:38,314 to boot from and then work within. 85 00:04:38,465 --> 00:04:40,968 If anything does go wrong during your session, 86 00:04:41,056 --> 00:04:44,368 you reboot the system and the operating system environment 87 00:04:44,393 --> 00:04:46,395 is returned back to where it was 88 00:04:46,420 --> 00:04:49,435 before you turned Returnil protection on. 89 00:04:49,595 --> 00:04:53,155 But note that there is no protection until you do that reboot, 90 00:04:53,180 --> 00:04:56,517 so an attacker could be reading your files with malware 91 00:04:56,542 --> 00:04:59,654 or keylogging until you actually do that reboot. 92 00:04:59,765 --> 00:05:02,762 But once you do the reboot, your system is returned to normal 93 00:05:02,864 --> 00:05:05,604 and any malware or hacker will be removed. 94 00:05:06,373 --> 00:05:07,956 And this is what it looks like. 95 00:05:08,286 --> 00:05:10,548 It isn’t just a sandbox or virtual environment; 96 00:05:10,573 --> 00:05:13,509 it also has additional features including files protection 97 00:05:13,534 --> 00:05:16,157 and an anti-executable function. 98 00:05:16,188 --> 00:05:18,514 It’s free for private use only. 99 00:05:20,651 --> 00:05:22,488 The free Comodo firewall 100 00:05:22,513 --> 00:05:26,219 comes with a built-in sandbox and virtual desktop. 101 00:05:26,347 --> 00:05:28,525 The Comodo firewall is a good tool, 102 00:05:28,615 --> 00:05:31,337 but Comodo lately has made some mistakes 103 00:05:31,401 --> 00:05:33,237 with some of their security products, 104 00:05:33,262 --> 00:05:34,800 so I don’t have a great deal of faith 105 00:05:34,825 --> 00:05:37,190 in this sandbox and virtual desktop. 106 00:05:38,270 --> 00:05:43,992 Some antivirus offer sandboxing functionality like Avast antivirus, 107 00:05:44,071 --> 00:05:48,565 although I don’t recommend this as Avast are known to sell your data. 108 00:05:49,627 --> 00:05:51,524 Bitdefender also has Safepay 109 00:05:51,611 --> 00:05:56,175 which is a limited functionality browser providing sandboxing. 9857