Do you run your browser Sandboxed or not?
If yes, mention which Sandbox you use.

Well, to be honest, I ALWAYS sandbox IE7. I've gotten away somewhat from sandboxing Firefox, simply due to always bookmarking websites, updating add-ons and all that. It was becoming a hassle. I feel with NoScript and AdBlock Plus I am pretty safe. I use Sandboxie by the way.

Most of the time I do with DeepFreeze which is not exactly a sandbox but achieves the same results. Lately having FD-ISR Rescue I use one of the snapshots as a sandbox although I feel somewhat more protected with DeepFreeze running as well.

I was planning to use a sandboxed firefox to avoid getting trojans and stuff by my father's browsing habbits, but now I too find myself to always browse sandboxed Lol.

It gives me great confidence, I have become a happy clicker!

edit://Oh, I use SandboxIE!

I sandbox all browsers using Sandboxie. No problems with Firefox add ons. Just a configuration issue. I also have the browsers set to RunSafer with Online Armor.

Pete

-{ Quote: "Most of the time I do with DeepFreeze which is not exactly a sandbox but achieves the same results. Lately having FD-ISR Rescue I use one of the snapshots as a sandbox although I feel somewhat more protected with DeepFreeze running as well." }-

Yeah I know DeepFreeze, but that's good when you haven't got to deal with new programs often and documents. But it's good when you want to do "experiments" :D

Does running IE7 in "protected mode" on Vista count as a sandbox?

-{ Quote: "Does running IE7 in "protected mode" on Vista count as a sandbox?" }-
I don't think so:)

I answered "Yes rarely"
I dont feel I need a sandbox since I run Vista UAC SRP and firefox with noscript.
Sometimes I test sandboxies just for the fun of it (the las one I tried was Safespace)
I have Sandboxie installed, but inactivated, if I feel I want to test something that i know is malicious (that is the only time I encounter malware)

No sandbox here.

No sandbox

I do use Retunil or deepfreeze or shadow defender when going to unknown sites
but rely mainly on Shadow Protect/Acronis to get me out of a mess should I ever run into a nasty.

A hardware firewall + Firefox and a few add ons is enough security for me.

Yes, always. Sandboxie.

I run IE and FF constantly as an untrusted application in DefenseWall and DW locks also my data partition. It doesn't really matter to me, if I do this with Defensewall or Sandboxie. Isolating malware or making malware harmless is the same to me as long the malware doesn't execute itself.
Any mistake of DW or SB is removed anyway during reboot, so it won't stay permanently on my system.
DW or SB have only one thing to do, save the period between two reboots and that's all I ask from any security software on my system.

Would anyone here be surprised that sandboxing does not prevent getting hacked at all?

Off Topic

-{ Quote: "Would anyone here be surprised that sandboxing does not prevent getting hacked at all?" }-

Oh oh, there's a salesman at the door. ::)

Back On Topic

Yes, with Sandboxie. :thumb:

IE7 is always sandboxed on my system. Sandboxie all the way here. Created sandboxed web links and put them on my desktop that make going directly to my favorite sites within Sandboxie even easier.

I don't use a sandbox but I have Returnil on almost anytime I am on the internet and most of the time when I am not.

-{ Quote: "Would anyone here be surprised that sandboxing does not prevent getting hacked at all?" }-

Hello,

Would you be surprised that either way does not matter - you simply don't get hacked, at all?

OT, no sandbox, no need.

Mrk

Tried it a while back, liked it, then soon realized it's, at least for my surfing habits, a complete waste of time and resources. Presently and for the foreseeable future...never.

-{ Quote: "OT, no sandbox, no need." }-
OT is a nice abbreviation, it means On Topic and Off Topic, very handy. Was this post OT or OT ? ;)

I run FF sandboxed with Sandboxie 95% of the time. Once in a while I'll skip it if I'm just going to visit a place like this.

If Wilders is still marked green by SiteAdvisor, I also visit Wilders sometimes without sandbox, but only in special occasions. Normally I keep FF sandboxed, when I visit Wilders. Wilders has too many knowledgeable people and it is in theory possible that one of them changes into a bad guy ... ;D

No sand box here. That darned sand just gets everywhere.;)

Sandboxed with "SandboxIE" and also running "Returnil" together.

A good combination for exploring the net in my experience.

No.
A secure browser does not need a sandbox.
12fw

Opera with sandboxie here 99.9% of the time.

-{ Quote: "Would anyone here be surprised that sandboxing does not prevent getting hacked at all?" }-

Would anyone here be surprised that wearing a bulletproof vest does not stop people from shooting you?

SandboxIE here; 100% of the time.

-{ Quote: "Would you be surprised that either way does not matter - you simply don't get hacked, at all?
" }-

Would you you know if you got hacked through your browser? I bet you wouldn't.

Running FF/Noscript via Sandboxie whilst in Returnil mode inside a virtual machine.

Now that's paranoia for ya!;D

When browsing general safe sites and I want to update extensions normal. When browsing other stuff sandboxed.

-{ Quote: "Running FF/Noscript via Sandboxie whilst in Returnil mode inside a virtual machine.

Now that's paranoia for ya!;D" }-
Good grief, Franklin! You must surf in the darkest regions of the universe!

Quick question: I've got Sandboxie. But I'm struggling trying to decide whether to try Returnil (to supplement, not replace, Sandboxie). Do you have a favorite of the two...and why?

-{ Quote: "Good grief, Franklin! You must surf in the darkest regions of the universe!

Quick question: I've got Sandboxie. But I'm struggling trying to decide whether to try Returnil (to supplement, not replace, Sandboxie). Do you have a favorite of the two...and why?" }-
If I could only use one then it would definately be Sandboxie as it can be configured to stop all outbounds except for certain apps and also no other app can run except apps which are allowed.

When testing malware or apps you can have a look around in the sandbox to see what and where they install data.

Both are excellent apps with good support and they work fine together on my Vista/XP installs.

-{ Quote: "If I could only use one then it would definately be Sandboxie as it can be configured to stop all outbounds except for certain apps and also no other app can run except apps which are allowed.

When testing malware or apps you can have a look around in the sandbox to see what and where they install data.

Both are excellent apps with good support and they work fine together on my Vista/XP installs." }-
I appreciate your comments and agree with your lean and mean approach.

SandboxIE starts up with my windows and i use it On-Demand Only if testing a piece of malware or a drive-by site, other then that, plain jane=UnSandboxed mostly.

SandboxIE is really come of age and is real different security.

I like it.

EASTER

I changed, Returnil has replaced SandboxIE. Same thing accomplished, if malware invades my home, I reboot and it finds itself out on the front lawn with a sore behind.

-{ Quote: "I changed, Returnil has replaced SandboxIE. Same thing accomplished, if malware invades my home, I reboot and it finds itself out on the front lawn with a sore behind." }-
But there is a big difference between Returnil and Sandboxie.
Returnil only REMOVES malware from your HDD, while Sandboxie STOPS malware from executing and REMOVES also the malware after cleaning the sandbox, but only for sandboxed applications of course.
Sandboxie also protects your other partitions, while surfing on the internet.

-{ Quote: "But there is a big difference between Returnil and Sandboxie.
Returnil only REMOVES malware from your HDD, while Sandboxie STOPS malware from executing and REMOVES also the malware after cleaning the sandbox, but only for sandboxed applications of course.
Sandboxie also protects your other partitions, while surfing on the internet." }-

That's very true, I guess I just feel safe enough with a good AV, Noscript and the like. I also don't keep personal information on the computer, nor do I do online banking. It's probably not the best way to think, but I just figure there's not too much damage they can cause me.

-{ Quote: "That's very true, I guess I just feel safe enough with a good AV, Noscript and the like. I also don't keep personal information on the computer, nor do I do online banking. It's probably not the best way to think, but I just figure there's not too much damage they can cause me." }-
OK. With a good AV and Returnil, you can survive. LOL.

-{ Quote: "OK. With a good AV and Returnil, you can survive. LOL." }-


Awesome! Lol :) I still from time to time can't shake my old ways. KIS2009 looks awful interesting, what with ad-blocking, Hips, firewall, AV and everything else it has, but regardless if I'm willing to spend time working with the popups and configurations, the rest of the household is not. They've honestly gotten upset when my last firewall asked about an AV needing to call out (before I had set it to auto-allow it an outbound connection). That's why it's such a pain in the ass to be "totally secure" and why I've tried to find the most simple, idiot proof balance I can.

-{ Quote: "That's very true, I guess I just feel safe enough with a good AV, Noscript and the like. I also don't keep personal information on the computer, nor do I do online banking. It's probably not the best way to think, but I just figure there's not too much damage they can cause me." }-

Interesting how we all see and experience things so differently. I long since stopped using AV,AS,HIPS. FF3 and NoScript behind a harware firewall is enough for me. Oh yes and I do keep personal info and use on line banking, pay by credit card and other naughty things. I must admit though I do turn Returnil on when I go to the dark side like Paypal or Amazon. Returnil, DepFreeze, Shadow Defender are used mainly to protect my machines from me and the mistakes I make. Sandboxie I could never get to like and as I have never seen anything that it would protect me from it just seemed unnecessary.

-{ Quote: "Interesting how we all see and experience things so differently. I long since stopped using AV,AS,HIPS. FF3 and NoScript behind a harware firewall is enough for me. Oh yes and I do keep personal info and use on line banking, pay by credit card and other naughty things. I must admit though I do turn Returnil on when I go to the dark side like Paypal or Amazon. Returnil, DepFreeze, Shadow Defender are used mainly to protect my machines from me and the mistakes I make. Sandboxie I could never get to like and as I have never seen anything that it would protect me from it just seemed unnecessary." }-

Sandboxie when I use it is great for nothing more (so far) than doing my temp file/history cleaning for me. I don't know, I'm up in the air about it. So far nothing has really happened to me when just using Avast and Noscript/AdBlock Plus. I have come across viruses, but they've either been on webpages which Avast flagged and kept from getting me, or in .Zip files when P2P, and then I simply open up with IZArc, find the offending file, delete it, re-scan, and then perfectly fine.

-{ Quote: "Interesting how we all see and experience things so differently. " }-
That's because your setup is directly based on your surfing habits and what you do on your computer.
If I visit only Wilders and my bank website, I don't need any security at all.
No firewall, because I have a router.
No AE or DW, because I won't get infected, because I visit only 2 safe websites.
No FF, just IE, because any browser will be good enough to visit 2 safe websites.
You can't recommend your security setup to anyone, because that person is different from you.
Although my recovery is OK, my security is still not OK and that means I can't go wild on the internet and most probably, I will never be able to go wild, not with all these sophisticated threats of today and the future.

-{ Quote: "That's because your setup is directly based on your surfing habits and what you do on your computer.
" }-

and what else could it be based upon ? There would be little point me basing my set up upon the habits of someone else.

-{ Quote: "
You can't recommend your security setup to anyone, because that person is different from you.
" }-

I don't recommend my set up to anyone. As you say other people have different surfing habits. I do ask people to question whether or not they really need all the security that they have loaded and to question the assumption that they are clean because of their security when there may be no connection.

sandboxie can only protect if attacked. I'm not convinced that the threats are anything like as great as is so often imagined. you mileage may, of course, vary.

Yes : often
Have a shortcut to 'default box' and use Eraser.
Sandboxie: a truly great app. :thumb:

-{ Quote: "and what else could it be based upon ? There would be little point me basing my set up upon the habits of someone else." }-
I'm looking for a combination of recovery and security, no matter who is behind the keyboard.

-{ Quote: "I'm looking for a combination of recovery and security, no matter who is behind the keyboard." }-


Erik - you really are an Optimist. That day will only come when a machine is both behind and in front of the keyboard. So long as the user is human no combination of recovery and security is foolproof. Now aren't you glad that things are not as bad as many make out ? - because if they were none of the current solutions would provide sufficient protection.

-{ Quote: "Erik - you really are an Optimist. That day will only come when a machine is both behind and in front of the keyboard. So long as the user is human no combination of recovery and security is foolproof. Now aren't you glad that things are not as bad as many make out ? - because if they were none of the current solutions would provide sufficient protection." }-
When I started to create my recovery solution, I also had doubts to get that far, especially with ISR.
I probably won't reach the same level with security as recovery, but maybe I can get very close. I'm also waiting for new security softwares, based on new ideas.
Unfortunately the security industry keeps on re-inventing the existing wheels, so I have to be more patient.
It's never the software itself that interests me, it's the combination of several things, which aren't always related to software that can lead to a good solution.

-{ Quote: "Does running IE7 in "protected mode" on Vista count as a sandbox?" }-
-{ Quote: "I don't think so:)" }-
Yes, MS just uses a term, which is more understandable, unlike sandbox. ;)
-{ Quote: "http://en.wikipedia.org/wiki/Sandbox_(computer_security) - The sandbox typically provides a tightly-controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted. In this sense, sandboxes are a specific example of virtualization." }-
-{ Quote: "http://www.microsoft.com/windows/products/windowsvista/features/details/ie7protectedmode.mspx - In Protected Mode, Internet Explorer 7 in Windows Vista cannot modify user or system files and settings without user consent. Protected Mode requires the user to confirm any activity that tries to put something on your machine or start another program." }-
I use protected mode all the time in both version x32 and x64. It gets disabled only, when I require admin access to install activex. ::)

-{ Quote: "No.
A secure browser does not need a sandbox.
12fw" }-

No browser is 100% secure. There will always be exploits, etc.

Hi

I use Sandboxie free.

-{ Quote: "No browser is 100% secure. There will always be exploits, etc." }-


True - but does this really matter ?

Say - Browser is only 99% secure on any given day
Say - Probability of being attacked is x% on any given day
Say - Probability of Returnil not being able to restore clean system is y%
Say - Probability of Shadow Protect not being able to restore a clean system is z%

Perhaps someone here can work out the probability that only using a 99% safe browser + returnil and imaging will lead to disaster ? I'm not going to worry too much about less than perfect security. For me the extra percentage of security that Sandboxie adds can hardly be measured. On my old machines the lag on first launch is however noticeable.

-{ Quote: "True - but does this really matter ?

Say - Browser is only 99% secure on any given day
Say - Probability of being attacked is x% on any given day
Say - Probability of Returnil not being able to restore clean system is y%
Say - Probability of Shadow Protect not being able to restore a clean system is z%

Perhaps someone here can work out the probability that only using a 99% safe browser + returnil and imaging will lead to disaster ? I'm not going to worry too much about less than perfect security. For me the extra percentage of security that Sandboxie adds can hardly be measured. On my old machines the lag on first launch is however noticeable." }-

Actually I agree with lag, un-sandboxed, FF3 flies open, with it sandboxed there's a decent delay (leaving that annoying 5 second nag screen out of this)

-{ Quote: "No browser is 100% secure. There will always be exploits, etc." }-

Gotta agree here.

I answered " often ": once I used Power Shadow, now Returnil.

I´m not using a dedicated sandboxing product like for example SBIE, and that´s because on my system it slows the browser down. But I am "sandboxing" my browser (and some other vulnerable apps) with DropMyRights/SRP and HIPS. This all will make it quite hard for most (if not all) malware to do any damage, at least I hope so. ;)

-{ Quote: "Tried it a while back, liked it, then soon realized it's, at least for my surfing habits, a complete waste of time and resources. Presently and for the foreseeable future...never." }-

I mirror this.

-{ Quote: "No.
A secure browser does not need a sandbox.
12fw" }-
Rubbish! A browser may be secure, but a browser does not do a job a sandbox does, so how can a secure browser that has not the function of a sandbox give it exception so a sandbox ain't nessesary? ???
I rarely use sandboxing, safespace is too heavy for me, and sandboxie, well, I really don't like products that say they are free, but there is always that little advantage of paying. It puts me off, I don't know why, but on the whole, I'm sure its good. :)

I do not use any type of sandbox.I use Opera or FF.I am a safe surfer.

No sandbox.

I've got Sandboxie on my XP machine (which I rarely use) and as you can imagine nothing on my Mac!

I do right after I get paranoid, but then I uninstall SB after my downloads get messed up.

-{ Quote: "Well, to be honest, I ALWAYS sandbox IE7" }-
I sort of tar pit IE7. It has no permission in ZoneAlarm/AV to do anything other than ask for permission.

A sandboxed browser is great for avoiding reimaging due to malware trashing of the OS.

Although sandboxing is a good defense, a full suit of malware body-armor is still needed (AV, SBIE, reboot apps ect.).

don't forget that a crucifix and garlic may also be "needed" on occasion :dry:

-{ Quote: "don't forget that a crucifix and garlic may also be "needed" on occasion :dry:" }-

That's only good for bloodsuckers, like vampires and the taxman. ;D

Never!

-{ Quote: "No.
A secure browser does not need a sandbox.
12fw" }-

Conversely, with a sand box you don't need a secure browser ;D .

Oftentimes I sandbox my browser for testing of extensions, browsing dodgy sites, or just being paranoid for a certain period of time. For an unknown reason, my cookies seem to get deleted after opening my browser unsandboxed. Back then it doesn't truly affect the cookies saved.

Hello,
no at this time i dont see the point. i havent got infected in years.
maybe it would be a good idea for my friend since he gets infected alot.

I say I do not need sandboxie when I have two blood thirsty pitbulls on guard GW/SD*puppy*

hi all,

which version of sandboxie to install?
current version is 2.80

-{ Quote: "hi all,

which version of sandboxie to install?
current version is 2.80" }-

Current final version is 3.28 (http://www.sandboxie.com/index.php?DownloadSandboxie)

Test version is 3.29.05 (http://sandboxie.com/phpbb/viewtopic.php?t=3690)

-{ Quote: "Never!" }-

+1 :)

Through application virtualization. Benefits include :

browser isn't installed but runs from an .exe
will run from any media.
____________________


Registered version of Sandboxie.

I would very much like to use Sandboxie all of the time. Unfortunately, however, I also like using A-Squared Anti-Malware, and some of its components (e.g., Surf Protection) do not seem to be working in Sandboxie.

I am running google chrome 90% of the time. It claims to have a built in sandbox.

Only just discovered this thread. I voted for rarely - this is when I check out rogue applications for AV vendors and download through the sandboxed browser, but I haven't done much of that lately.

Most of the time I'm not sandboxed.

Sandboxed 99.9% of the time.

Reasons: Protection + Don't want any unnecessary clutter files.

My browsing habbits are positively lame but I like the little bit extra firewalling strength Sandboxie has - I see Sandboxie as an added layer of application firewalling.

Ran Sandboxie that good for downloaded stuff that you don't trust to open. Then you can see what's inside of the file. As for the Browser I didn't see much protection there even with that program nor with GesWall. Now not using them makes life better. Years ago RamDISK large enough to house the browser cache would be ideal but now with these virtual software base still slightly slower if they crash then you're up the creek!

Snadboxie with IE 7.

Sandboxed FF rarely on some sites when I don't forget.

Use Kaspersky's SafeRun for browsing. Usually use Chrome to browse.

Both IE8 and FF are forced to sandbox under Sandboxie. As long as you allow bookmarks and, in the case of FF, addons to update and stick, there's no real reason not to sandbox them.

Yes always, but I use GesWall.

I like my browsers blazing fast :argh:

All browsers and messengers are forced to run in a sandbox.
SANDBOXIE8)

Any sandboxes that work for 64 bit?

-{ Quote: "Any sandboxes that work for 64 bit?" }-

sandboxie has a 64bit beta, and Avast as well as KIS have sandboxes that both work on 64bit i believe.

-{ Quote: "sandboxie has a 64bit beta, and Avast as well as KIS have sandboxes that both work on 64bit i believe." }-

I'll have to look into that sbie beta then. I was under the impression that the sbie devs have given up on 64 bit.

Apparently not:

http://www.sandboxie.com/phpbb/viewtopic.php?t=7014&sid=fb83b240353139c3bcf92c55d89e0f82

FF within Sandboxie.

SandBoxie on Firefox, my main browser.