well...can someone explain which is ideal for internet facing programmes....with gaotd OA offer i am using OA+Dr web av5....should i continue with sandboxie 3.38 paid or OA run safer gives ample protection...also i read somewhere that OA webguard does not work with sandboxie....is that the case?

IMHO If you're already using Online Armor's firewall and HIPS you should just use their RunSafer, it provides great protection.

Run safer explorer.exe (windows explorer not internet explorer) then logoff and login, now you are a nearly a limited user for most operations, run safer your internet browser too.

Hi,

I run my browser and mail-client with Sandboxie and both are set to RunSafer at OA.

OAs Web-Shield doesn't work with a sandboxed browser, but Banking mode works.

Cheers

-{ Quote: "Hi,

I run my browser and mail-client with Sandboxie and both are set to RunSafer at OA.

OAs Web-Shield doesn't work with a sandboxed browser, but Banking mode works.

Cheers" }-

Just a question here but wouldn't running your browser sandboxed with the Drop rights toogle on in SBIE be the same as RunSafer?

Ice

-{ Quote: "IMHO If you're already using Online Armor's firewall and HIPS you should just use their RunSafer, it provides great protection." }-

As a generalization, that isn't quite true. Runsafer will protect the system as long as the malware needs administrative rights to do it's deed. But if it doesn't then Run safer does nothing.

I've got several pieces of malware that lower rights doesn't help a bit, but sandboxie protects the system.

Also Run Safer doesn't prevent the malware from getting on the system nor make it easy to delete. Sandboxie does.

I run both of them and the work great together and compliment each other nicely.

Pete

I don't know if it matters or not but I run a sandboxed browser with OA webshield on and I have no problems whatsoever.

-{ Quote: "Just a question here but wouldn't running your browser sandboxed with the Drop rights toogle on in SBIE be the same as RunSafer?
" }-
Yes, but the difference is obviously that the browser must run sandboxed whereas RunSafer works always (as long as OA is running), even if the browser is hijacked by another application.

This doesn't matter much if you force your default browser or mailclient to run sandboxed.
But if not, RunSafer is the second safeguard.

Cheers

-{ Quote: "Yes, but the difference is obviously that the browser must run sandboxed whereas RunSafer works always (as long as OA is running), even if the browser is hijacked by another application.

This doesn't matter much if you force your default browser or mailclient to run sandboxed.
But if not, RunSafer is the second safeguard.

Cheers" }-

Very good point Subset. Now the light at the end of the tunnel is becoming clear. I don't force the browser, so I will use RunSafer as a safe guard with the sandboxed browser.

thanks
Ice

-{ Quote: "Yes, but the difference is obviously that the browser must run sandboxed whereas RunSafer works always (as long as OA is running), even if the browser is hijacked by another application.

This doesn't matter much if you force your default browser or mailclient to run sandboxed.
But if not, RunSafer is the second safeguard.

Cheers" }-

You are absolutely right. I do force my browser into the sandbox, but there are times I can't, so Run Safer is a good fallback.

-{ Quote: "How can the browser be hijacked by another application if you are running OA's HIPS.
" }-
Err... that was only hypothetical. :dry:
No, there is no 100% security and also human errors may lead into disaster, like trusting the wrong program.

For example, I have tested some apps with Trojan.Win32.KillAV.yp today.
Among other things it tries to run the default browser from a batch file with command line parameters (-url "http://www...")
Browser not forced to run sandboxed + no RunSafer. :ouch:
But with RunSafer the chance that really bad things happen is relatively small, even if I trust this Trojan.Win32.KillAV.yp (hypothetically...).

-{ Quote: "
But yeah, it seems RunSafer could be another layer of protection. It's just how far you want to go with your layering, without sacrificing usability and convenience." }-
RunSafer is set it and forget it, there is no popup for RunSafer and there shouldn't be big problems with browsers or mail-clients etc.

Cheers

-{ Quote: "As a generalization, that isn't quite true. Runsafer will protect the system as long as the malware needs administrative rights to do it's deed. But if it doesn't then Run safer does nothing.

I've got several pieces of malware that lower rights doesn't help a bit, but sandboxie protects the system.

Also Run Safer doesn't prevent the malware from getting on the system nor make it easy to delete. Sandboxie does.

I run both of them and the work great together and compliment each other nicely.

Pete" }-
How common is it for malware in the wild to be able to bypass lowered rights?
Thanks

-{ Quote: "How common is it for malware in the wild to be able to bypass lowered rights?
Thanks" }-

Probably not very, although it only takes once. Main thing is to understand the difference, and then you can make a sound judgement.

I like the idea of running the browser sandboxed with OA RunSafer. I see no slow downs combining the two. I have tried this on IE8 and FF3.5b4. Forcing the browser into a Sandbox doesn't sound like a bad idea either. The only issue I had with doing that was when FF issued an update for the browser and I had problems updating the browser. However, I could have downloaded the .exe and installed it that way. Good thread by the way.

Ice

-{ Quote: "I like the idea of running the browser sandboxed with OA RunSafer. I see no slow downs combining the two. I have tried this on IE8 and FF3.5b4. Forcing the browser into a Sandbox doesn't sound like a bad idea either. The only issue I had with doing that was when FF issued an update for the browser and I had problems updating the browser. However, I could have downloaded the .exe and installed it that way. Good thread by the way." }-
Hi IceCube1010

Have a look here for a temporary way to disable forced programs. http://www.sandboxie.com/index.php?FileMenu#disableforce

After you know Firefox has an update, you can use the above method to disable forced programs and then start Firefox during the allotted time limit you set and update it that way.

-{ Quote: "Hi IceCube1010

Have a look here for a temporary way to disable forced programs. http://www.sandboxie.com/index.php?FileMenu#disableforce

After you know Firefox has an update, you can use the above method to disable forced programs and then start Firefox during the allotted time limit you set and update it that way." }-

thank you innerpeace! Search and you shall find.

Ice

As updating is not possible of forced sandboxed applications until they are run un-sandboxed, so does a similar procedure apply to applications set to runsafer ? so when updating say my browser do i have to run it non sandboxed and runsafer? or are updates possible with runsafer option turned on?

-{ Quote: "Hi IceCube1010

Have a look here for a temporary way to disable forced programs. http://www.sandboxie.com/index.php?FileMenu#disableforce

After you know Firefox has an update, you can use the above method to disable forced programs and then start Firefox during the allotted time limit you set and update it that way." }-

Awesome to have this. I only stumbled on disabling forced programs through a right-click of the sandboxie icon.

Thanks for the link which shows how to set the time limit for disabling forced programs. :thumb:

-{ Quote: "

Have a look here for a temporary way to disable forced programs. http://www.sandboxie.com/index.php?FileMenu#disableforce
" }-

Wow! After all this time I never knew of this feature. Thanks innerpeace!

-{ Quote: "
It's amazing how much usability and configurability it provides!" }-

Indeed, lots of usability and configurability. Also, and maybe I'll sound like a broken record, but I have so much confidence in the security it provides that it is the only security app running on an old dog of a computer the kids use. for their needs I see no need to even run antirus on it. SB is configured to flush away all leftovers and force their Internet apps in the sandbox. It's a wonderful thing :)

-{ Quote: "Indeed, lots of usability and configurability. Also, and maybe I'll sound like a broken record, but I have so much confidence in the security it provides that it is the only security app running on an old dog of a computer the kids use. for their needs I see no need to even run antirus on it. SB is configured to flush away all leftovers and force their Internet apps in the sandbox. It's a wonderful thing :)" }-

It's funny but your probably right.
Ice

-{ Quote: "As updating is not possible of forced sandboxed applications until they are run un-sandboxed, so does a similar procedure apply to applications set to runsafer ? so when updating say my browser do i have to run it non sandboxed and runsafer? or are updates possible with runsafer option turned on?" }-
I have tried updating add-ons for firefox (outside the sandbox) with the runsafer option and had no problems. I may have even updated firefox itself but I can't remember :( . I'll have to try it next time I update. Which browser do you use?

-{ Quote: "Which browser do you use?" }-
main browser opera 9.64 run forced sandboxed+runsafer
chrome just runsafer....maybe I should also force sandbox it too.
IE8 only for checking windows updates

-{ Quote: "main browser opera 9.64 run forced sandboxed+runsafer
chrome just runsafer....maybe I should also force sandbox it too.
IE8 only for checking windows updates" }-
I don't have either of those to check. Hopefully someone else can confirm if an update is possible with runsafer on.

If you use a program like Returnil, it can be useful while trying new things such as this. If the update or your browser doesn't work then reboot and everything is back to normal.

I use OA paid without AV ver. 2.1.0.131 with Runsafer enabled, and Sandboxie free ver. 3.28.

I update Firefox and Firefox extensions (NoScript, AdBlock Plus, IE Tab and hideBad) outside Sandboxie with Runsafer on. It works for me.

-{ Quote: "I use OA paid without AV ver. 2.1.0.131 with Runsafer enabled, and Sandboxie free ver. 3.28.

I update Firefox and Firefox extensions (NoScript, AdBlock Plus, IE Tab and hideBad) outside Sandboxie with Runsafer on. It works for me." }-

That's good to know.

Ice

A lot of our users recommend SBIE and use it alongside OA :)

-{ Quote: "A lot of our users recommend SBIE and use it alongside OA :)" }-
Those 2 are all I'm using now for security and I am very happy with them. :)

I have it set up like most, runsafer and sandboxie together. :thumb: