Sandboxie technical tests and other technical topics discussion thread

Ok, if your "advanced" options are set up properly, even then the keylogging trojan will not run. BUT, even the original developer of Sandboxie used to state on his website (don't know if it is still there but I can look for it) that in order to play it extra safe, DELETE the sandbox BEFORE going to a financial website, then reopen it. That way you are assured that nothing trying to steal your future is still on your system.

Acadia
(I will try to find that webpage and edit this post with that link if it still exists).

EDIT: Here they are, the first one is, in my opinion, the most important.
http://www.sandboxie.com/index.php?DetectingKeyLoggers#defend
http://www.sandboxie.com/index.php?ProgramSettings#internet
http://forums.sandboxie.com/phpBB3/viewtopic.php?t=3099&highlight=stop activity

 

Thank you Acadia.

 

As mentioned by Fleischmann, you can Start Run restrict the sandbox, that would keep spyware that gets downloaded in the sandbox from running. If it cant run it cant steal your personal data. For malware that could hijack the browser and use it to phone home after stealing your sensitive files, you can block all programs that are running in the sandbox from having access to your personal files and folders. Take a look at File access>Blocked access and File access>Write only access.
http://www.sandboxie.com/index.php?ResourceAccessSettings#file

Also, take a look at the first link posted by Acadia. I think that link has good information.

Bo

 

Pete, would you please expand upon that... i.e, how do I access my data if I block access to those folders?

Cruise

 

Thanks Bo. I should have, but didn't have time to read the entire thread.

 

This is the link I am talking about. Read "Defending against keylogger" and forget the rest.
http://www.sandboxie.com/index.php?DetectingKeyLoggers#defend

Bo

 

Read about setting, File access>Write only access in the link that I posted in reply number 478. I think that setting is like in between blocking access to the folder and not blocking it at all. But to programs running in the sandbox, files are still hidden. If I want to have access to files while running sandboxed, I use a sandbox where I don't block access to files or folders or hide them.

Bo

 

Now, what does this mean?
What did Curt mean by that "Chrome's sandbox is not needed under Sandboxie"
What did he mean by that, did Curt answer you what did he mean by that?

Is it because of double sandboxing which Curt says it is completely unnecessary-why is double sandboxing completely unnecessary?
Or is it because Google Chrome's sandbox is more secure without Sandboxie, than Google Chrome's sandbox running under Sandboxie's protection (since even all of Google Chrome's plugins and also flash player are all sandboxed/under Google Chrome's sandbox protection)!?

 

What are other ways? Eset smart security 8, Malwarebyte antimalware paid with Avira free antivirus plus Hitman Pro RC 3.0 build 129 or something else?
This all consumes a lot of RAM resources, while Sandboxie consumes absolutely nothing.

 

I think he meant exactly what the words mean. Chrome doesn't need sandboxing if you run it under Sandboxie. And I agree with him, why shouldn't I? I have been using Firefox for 6 years under Sandboxie and never seen anything to make me wonder about if something has escaped the sandbox. And Firefox to this day, doesn't have a sandbox.

Bo

 

I still don't understand, does it mean/did you mean that I/you/everybody need to disable Google Chrome's sandbox protection in order to run it under Sandboxie's sandbox protection?
If I enable Google Chrome's sandbox, I shouldn't run it under Sandboxie, because double sandboxing is totally unnecessary regarding security, incompatiblity issues and similar-that's what I understood from your and Curt's posts.
Yes, running Mozilla Firefox under Sandboxie is the best option so far-at least for me.

 

CWS, those words dont say anything about disabling the Chrome sandbox. They just mean that Sandboxies sandbox is so good that for Sandboxie users, it is unnecessary for the browser to come with a sandbox. That is for people who use Sandboxie. For people who dontt use Sandboxie, it is great that Chrome and in the future, Firefox, have a sandbox. CWS, don't look for a hidden message in those words, there is none. OK.

Bo

 

I installed it sandboxed but it won't work at all. Outside of the sandbox it will work partly. Another question: can you make Flash Player work with Firefox inside the sandbox? I haven't been able to, this is really getting on my nerves. Of course the HTML 5 video player does work, but it downloads whole movies, no matter how big. This is a waste of bandwidth IMO, is this normal? Flash Player will only download data that's necessary.

 

Hi Rasheed, I did try the program. I did in XP and installed it sandboxed. But I have no idea how to use that program, after clicking a few things to see what happens, I got some kind of Windows error. After that, I deleted the sandbox. Perhaps, it would be better if I install it in the system under Shadow defender and then run it sandboxed. I ll do it in W7 but I like to know how to use the thing. Can you send me in a PM, something like an step by step guide on what to do to try to reproduce the problem you experienced. Do that and I ll try the program in W7 in a few hours.

About Flash, it should work. If you have Flash installed in the system, if you go to YouTube, you should be able to play videos. In some computers, Flash works better along Sandboxie after disabling Protected mode. What do you get when trying to view videos?

Bo

 

@ bo elam

I will see what I can do, thanks. About Flash, it will refuse to get installed inside the sandbox. But I guess I will install Firefox outside the sandbox, same goes for the Flash plug-in. Strange thing is that it works just fine with Opera 11 and 12.

 

Rasheed, in my W7, that's how I handle Flash. Whenever I need to use it, I install it in a sandbox and delete the sandbox when I am finish. You should be able to install Flash in a sandbox.

Flash its probably not installing sandboxed in your PC because you are trying to do it in a restricted sandbox and/or have Drop Rights enabled in that sandbox. That wont work. You should create a new sandbox, leave Start Run and Internet access settings on default. As well as not tick Drop Rights. Then try again.

Bo

 

Many use EMET for protection or MBAE is another program that offers browser/app protection.
Currently I'm testing HMPA 3 since Sandboxie is not designed to detect or disable key-loggers.

Also remember the 2 Sandboxie caveats:

♦ The Internet access feature is neither a replacement for a proper firewall, nor was it designed
as a mechanism to counter or hinder key-loggers.

♦ Some key-loggers could possibly circumvent the Internet access restriction by hijacking the Web browser
to be used as a vehicle through which to send out the recorded information.

Many users add browser extensions/add-ons to further protect.

Sandboxie is a excellent program, but not everyone uses it or may not know about it.
I'm all for using it. My point being is you can still find protection in other ways
that help prevent becoming infected without using Sandboxie.

 

Insofar as anti-keyloggers are concerned, I'm considering KeyScrambler. Any feedback would be appreciated.

Wendi

 

Bo, obviously there are reasons why Curt would say that running sandbox inside another sandbox is totally unnecessary, possibly of weakened security and compatibility issues.

 

Yes there are, of course, mainly compatibility issues. Invincea's team (specially Curt) told me that disabling Chrome built-in sandbox would make his life easier.
http://forums.sandboxie.com/phpBB3/viewtopic.php?f=17&t=20055

 

Does anyone think that Sandboxie is becoming more and more useless as more and more web-browsers are starting to use sandboxing technology, because after all running sandbox inside a sandbox is actually risky because of incompatibility issues, than security/protection level and etc.

It all started with Google Chrome, than continued with IE11, than now soon Mozilla Firefox will also have in-built sandbox and etc.; so what's the point of having Sandboxie if you already have sandbox inside the web-browser, they are all or will be equally secure as Sandboxie is, so what's the point of having Sandboxie, DefenseWall, GesWall, Bufferzone and etc. in the first place, since if web-browser is sandbox, than putting sandbox (web-browsers) inside the sandbox (Sandboxie, DefenseWall, GesWall, Bufferzone and etc.) is totally unnecessary and a waste of time as well potential decrease in security/protection level?

Yuki, Mr. Brian, Bo, Windows Security, Peter, Rasheed, FleischmannTV, Wat0114 and everyone else on these message boards; I will ask you for your expert opinions if you don't mind.

 

@cws
With all due respects, but you've been already answered posts above, but you are resilient to understand or accept the facts.

 

My question is with the question, why use 2 sandboxes (web-browsers) running one under another sandbox (Sandboxie, DefenseWall, GesWall, Bufferzone and etc.), that's all and does that make Sandboxie redundant?