Multiprocessor and VT-x support?

Ideas for enhancements to the software
wraithdu
Posts: 1410
Joined: Fri Jun 29, 2007 2:54 pm

Multiprocessor and VT-x support?

Post by wraithdu » Fri Feb 29, 2008 8:39 pm

Something else (I don't remember what) got me thinking if either of these technologies are possible and or beneficial to Sandboxie. What do you think tzuk?

SnDPhoenix
Posts: 2690
Joined: Tue Dec 26, 2006 5:44 pm
Location: West Florida

Re: Multiprocessor and VT-x support?

Post by SnDPhoenix » Fri Feb 29, 2008 8:49 pm

wraithdu wrote:Something else (I don't remember what) got me thinking if either of these technologies are possible and or beneficial to Sandboxie. What do you think tzuk?
Something else? It was probably either something you read about Vista, or it is Rash's post about that stupid idea by those Wilders morons about making a hypervisor based hips. :roll:

wraithdu
Posts: 1410
Joined: Fri Jun 29, 2007 2:54 pm

Post by wraithdu » Sat Mar 01, 2008 1:07 pm

Actually it was a BSOD crash I was having with VirtualBox. I had VT-x enabled in the program, and my computer supports VT-x, but it hadn't enabled it in the BIOS yet. I enabled it, and the crashes stopped :)

But yeah, that other stuff happened around the same time.

tzuk
Sandboxie Founder
Sandboxie Founder
Posts: 16076
Joined: Tue Jun 22, 2004 12:57 pm

Post by tzuk » Sat Mar 01, 2008 4:09 pm

wraithdu wrote:What do you think tzuk?
I think it's very useful for platform virtualization, but pretty much useless for application virtualization a-la Sandboxie. The point of the virtualization technology is to enable "the hardware virtualizing software" (e.g. VMware) to present a better "fake" CPU to the guest OS that it runs. It matters to the guest OS because as an OS, it needs to manage hardware, including the CPU. Sandboxie, on the other hand, manages the OS (or perhaps more correctly, the OS API interface) and has nothing to do with the hardware directly.
tzuk

wraithdu
Posts: 1410
Joined: Fri Jun 29, 2007 2:54 pm

Post by wraithdu » Sat Mar 01, 2008 4:24 pm

That makes sense.

What about multiprocessor (core2duo, etc) support? Any advantage there?

tzuk
Sandboxie Founder
Sandboxie Founder
Posts: 16076
Joined: Tue Jun 22, 2004 12:57 pm

Post by tzuk » Sat Mar 01, 2008 4:27 pm

:?: :?:
tzuk

wraithdu
Posts: 1410
Joined: Fri Jun 29, 2007 2:54 pm

Post by wraithdu » Sat Mar 01, 2008 4:44 pm

CPU's with more than one core, like the Intel Core2Duo's. Apps without multiprocessor support can only use one core at a time. Apps with support can use both at the same time (I think referrred to as multithreaded as well). There are CPUs with 4 cores now as well (Intel QuadCore). I was wondering if Sandboxie's performance could benefit from such support.

tzuk
Sandboxie Founder
Sandboxie Founder
Posts: 16076
Joined: Tue Jun 22, 2004 12:57 pm

Post by tzuk » Sun Mar 02, 2008 5:45 am

The answer is no, but this question is irrelevant. A sandboxed application spends 2% of CPU time running Sandboxie code, and 98% of CPU time running application code.

In any case multi-processing is useful where a large task can be broken into multiple execution units. Sandboxie works in short bursts whenever it needs to do something on behalf of the application. No sense breaking that up into multiple threads of execution.
tzuk

wraithdu
Posts: 1410
Joined: Fri Jun 29, 2007 2:54 pm

Post by wraithdu » Sun Mar 02, 2008 7:38 pm

That's what I thought, so thanks for taking a minute to confirm :)

tzuk
Sandboxie Founder
Sandboxie Founder
Posts: 16076
Joined: Tue Jun 22, 2004 12:57 pm

Post by tzuk » Mon Mar 03, 2008 1:07 pm

Glad to. :)
tzuk

Rasheed187
Posts: 216
Joined: Sat Jan 14, 2006 11:08 am

Post by Rasheed187 » Tue Mar 04, 2008 10:20 pm

about that stupid idea by those Wilders morons about making a hypervisor based hips
Can you perhaps tell me why you think that it´s a stupid idea? And FYI, a lot of those morons are fan of SBIE. :P
Glad to. :)


@ Tzuk, can you perhaps reply to the questions in this thread? TIA :wink:

http://www.sandboxie.com/phpbb/viewtopic.php?t=2901

SnDPhoenix
Posts: 2690
Joined: Tue Dec 26, 2006 5:44 pm
Location: West Florida

Post by SnDPhoenix » Tue Mar 04, 2008 11:59 pm

Rasheed187 wrote:Can you perhaps tell me why you think that it´s a stupid idea? And FYI, a lot of those morons are fan of SBIE. :P
I don't think it is stupid idea, it just is a stupid idea...

I mean, it is like flying cars, sounds like a cool idea, but in reality it would suck, be dangerous, complicated, impractical, etc..

Also, it's true that many morons use Sandboxie, however those Wilders fanboys are so moronic they don't even have the right idea about sandboxie, or how it works, or how to use a certain function, or how to set x up, or how well sandboxie could defend against this or that, etc..
I constantly have to step in and correct them, and then ofcourse, they shut up after I straighten them out. :lol:

tzuk
Sandboxie Founder
Sandboxie Founder
Posts: 16076
Joined: Tue Jun 22, 2004 12:57 pm

Post by tzuk » Wed Mar 05, 2008 6:18 am

Rasheed187 wrote:@ Tzuk, can you perhaps reply to the questions in this thread? TIA :wink:
http://www.sandboxie.com/phpbb/viewtopic.php?t=2901
No. :wink:
tzuk

Rasheed187
Posts: 216
Joined: Sat Jan 14, 2006 11:08 am

Post by Rasheed187 » Wed Mar 05, 2008 9:02 am

No
I already had a feeling that you might say this, but can you perhaps explain why? Is this top secret stuff or something? I mean, I´m just an amateur, but I´m sure that hackers already have the answer to the first 2 questions, so I don´t see why you can´t answer them. And what about my third question, about the hypervisor HIPS? :)
I don't think it is stupid idea, it just is a stupid idea...
Well, personally I don´t have the technical knowledge to be so sure if it´s really such a bad idea, or if it´s even possible in the first place. But if folks can make the Blue Pill rootkit, you would think that such tech can also be used by HIPS. Actually, HyperSight already acts like a HIPS. Of course, the tech still needs to be improved.

The problem right now is that, if you allow certain stuff (or if HIPS is bypassed) malware can take complete control, and kill all security tools, including Sandboxie. But if there is always some security tool running in the lowest layer (acting as hypervisor), this ain´t (or shouldn´t be) possible. :D

SnDPhoenix
Posts: 2690
Joined: Tue Dec 26, 2006 5:44 pm
Location: West Florida

Post by SnDPhoenix » Wed Mar 05, 2008 9:52 am

Rasheed187 wrote:Well, personally I don´t have the technical knowledge to be so sure if it´s really such a bad idea, or if it´s even possible in the first place. But if folks can make the Blue Pill rootkit, you would think that such tech can also be used by HIPS. Actually, HyperSight already acts like a HIPS. Of course, the tech still needs to be improved.

The problem right now is that, if you allow certain stuff (or if HIPS is bypassed) malware can take complete control, and kill all security tools, including Sandboxie. But if there is always some security tool running in the lowest layer (acting as hypervisor), this ain´t (or shouldn´t be) possible. :D
Here, let me tell you what it is that is really grinding my nerves.
The fact that it is not a "true" hardware hips...

It would be like developing a program that uses your eth0 as a firewall, thats dumb, just use a software firewall, or a real hardware firewall instead.

Another thing I don't like about Hypersight (think thats what it's called) is that although it is using a part of your hardware (hypervisor) to act as an hips, in the end, hypersight itself is still software though, not hardware...

If it was a true hardware hips, then it would be virtually imprenatatable, but since hypersight is software, a piece of code could exploit hypersight, disable it, and now you are unsecured, something that would be nearly impossible if you were using a hardware hips instead, see what I mean?

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests