Sandboxie .. Default Browser

Hi .. moontan - & - Page 42


Think how I've set Sandboxie to... Automatically Delete Contents Of Sandbox

Is enough for me at the minute


Thanks!

Zeena

 

Hi Page42


Do understand what you're saying
Been Reading: http://www.sandboxie.com/index.php?SecureDeleteSandbox

But perhaps you could tell me this....

Do you guys have to use your browser Un-Sandboxed when you want to post pictures on here?
OR
Do you have a way to do it while Sandboxed?

NOTE: I had to Un-Sandbox myself to post a picture.

Thanks!

Zeena

 

I post images on Wilders all the time from a sandboxed IE8.
Nothing to do any different.

 

Did you run into an error message when trying to upload the picture? Keep in mind what was said about additional components, especially if you've forced your browser to run sandboxed. Could it be that pesky "dllhost.exe"?

 

Just as a FYI, I don't have dllhost listed with either start/run or internet access. That said, it probably matters what OS and what other configurations exist as to whether or not dllhost must be added.

 

Perhaps it's browser-related as well. I don't know enough about the technical side of how that sort of thing is handled. I just know that in the case of Firefox, if I go to, let's say, save an image or file through the menu, dllhost rears its ugly head. So, I went ahead and allowed it access as well. I'm not certain if there are any security implications with such a move.

 

I have been looking for over 30min and am now more confused then ever. ................Will Sandboxie work on my 64bit Windows 7 lap top? Is it fully compatible?

THANKS!!

 

It will work just fine. The only issue on 64 is trouble getting around the kernel patch. But, extra protection was put in place in the form of "Drop My Rights" to help deal with the very small weakness.

 

I know you are not alone needing to allow dllhost start/run access but
on my case, running Firefox, Sandboxie has never given me a message
about it. I only allow FF to have internet access and start/run is only
allowed to FF, Plugin container and Foxit. Nothing else.
My IE sandboxed does not require dllhost neither, I think Page42 is
right when he says that its need to be allowed probably depends on
the OS or configurations.

Bo

 

Hi Everyone

I've only had 2 quick goes of IE8 Sandboxed .. As rarely use IE8 anyway!
Waiting to see what IE9 is all about

Not tried Firefox Sandboxed just yet!
Will no doubt have a go with Firefox Sandboxed at some point
But as Firefox is my Favourite Browser and Feel pretty safe while using it anyway... Would like to get Firefox 4 safely installed first.

I've also got Opera and although I love the way it looks...
Hardly ever bother with it coz one website will load super fast and the next will never finish loading

Chrome is the newest addition to my browser collection
Only had Chrome about a Week!
Feel that chrome is kind of inbetween IE8 and Firefox.

Don't really know what went wrong with me posting a Picture via a Sandboxed Chrome.
Box Did Pop Up!
Unfortunatly... Panicked & Shut It
Will have to have another go sometime - & - Try with Firefox too.


Thanks!

Zeena

 

Hi Zeena, Firefox is also my favorite browser. I know you feel safe
using it as it is but, remember, Sandboxie will only protect you if
you use it. In my opinion, Sandboxie its to be used all of the time,
not only part of the time. Use it every time that you browse and
learn it the way you are doing it now and I promise you, Viruses
belong in your past.
If you don't want to use Firefox sandboxed at this time, that's fine
but use IE8 sandboxed, then. When you use SBIE, it does not
really matter which browser you use, you are always safer than
using any other browser not sandboxed.
I sense that you are afraid of Sandboxie messing up your Firefox,
in reality that can never happen. Keep in mind that when you
close your browser or delete the contents of the sandbox, all
changes made in the sandbox are gone. In other words your
Firefox will be exactly as it was before you browsed sandboxed.
You can test what I am saying if you open Firefox sandboxed
and install a couple of addons or customize your toolbar while
sandboxed. You ll see that this changes will not be there, on
your real Firefox, when you open FF again.
By the way, I am using FF4 and in my opinion its a beauty,
working very well sandboxed or unsandboxed.

Bo

 

Bo knows.

 

Bo Knows Box

Follow what he says, it is true. On top of that, one must remember that once you get used to running a browser in Sandbox, if you want to make changes (like options/configs/plugins, etc) that will remain, you must start the browser OUTSIDE of sandbox, make the changes, then when you start it in the sandbox again, those changes can be seen.

It is also helpful to note that when you do this, you should delete the contents of the sandbox for the changes in the real system to follow into the sandbox.

So while what Bo says is true, what happens in the sandbox never effects the real thing, it is reverse that if you change the real thing, it might not reflect in the sandbox until you clean it out, then those new changes will be seen. This is especially true when you update the browser or plugins, etc.

Sul.

 

Hey Sul...
Another little thing I have noticed in my brief time with SBIE is that executables that I have downloaded from within a sandboxed browser, and subsequently recovered, are not able to be copied across my LAN. It is the strangest thing. I should do a little more investigation into the matter, to make sure that I can replicate it, but I have discovered that if I want to be able to access an executable (.txt files are not affected) from another pc in my network, I have to have downloaded it from an unsandboxed browser. Simply recovering it does not do the trick.
Wish I could think of a catchy little saying to go along with your name (like Bo knows), cause you have been a great Sandboxie resource to me here on Wilders.

 

What I have noticed is how smart SBIE is as to what it downloaded.

For example, I have a download directory where everything, from every sandbox, has direct access to. That download sandbox is forced to start anything in it into my "downloads sandbox", which allows no network access.

Anyway, if I download a file there, then MOVE it, the file retains some indication that is was put into a forced folder, and no matter where I MOVE it, as you state, SBIE starts it in the "downloads sandbox".

The same is true of any sandbox. Go into c:\Sandbox\box_name\etc\etc and grab a file and MOVE it. For me, as long as the sandbox that I moved it from was forcing, no matter where I MOVE it to, it opens in that particular sandbox.

That part, to me, is a nice feature, but it can also be a little cumbersome at the same time.

What I notice is that I have to COPY a file from a forced directory to anywhere else, then, and only then, will I be sure that it will not start inside of a sandbox.

So for me, I have adapted to where once I download something, and test it inside a sandbox, if I want to keep it, I COPY it out to wherever. Then I delete it from the forced directory if I no longer want it.

Sul.

 

For me too, Page.

Much of what I know about SBIE I learned it reading your posts, Sully.
.
Thank you

Bo

 

sorry to hijack this thread but here goes.. do you guys know any promo/discount on Sandboxie?
I'm planning to buy 1 lifetime license :<

 

My Firefox opens to about:blank, that way, whenever I want to make changes to Firefox that are to be kept (unsandboxed), I am not jumping onto a possible infected website. Also before opening up Firefox, I use my firewall to kill my connection to the router, so I can configure my Firefox in peace knowing that I can keep the changes without keeping something else that is unwanted.

Acadia

 

Hmm. I do things in a similar fashion. I have always used a blank homepage, but have not worried about killing the connection mainly due to the fact that I have no plugins or other reason to worry about what a blank page 'might' be doing. (well, that is historically, the need of flash on so many websites has caused me to install that globally outside of the sandbox lately, but I still use flashblock whenever I can)

Since I have been using Sandboxie, after I install my browser I will generally configure it to my likings, import any bookmarks that I might need, and that is about it. I know then that if I later want to make a change for real, there is no cache or anything else to get worried over, it was all created in the sandbox.

I guess I am an SBIE fanboy, although I must be an 'epic fail' fanboy because I realize it isn't for everyone I must say though, that since I have been using a separate box for each browser, and have not used the browsers outside of the sandbox, browser related concerns have gone to an all-time low. Now it is files I download from WAN or LAN that I am primarily concerned with, or a program that I don't sandbox.

Sul.

 

Hi Everyone


Thanks for all your Replies

Bo - & - Sully
After using Sanboxie just a few days... I'm already Hooked!
Guess the only reason I'm trying to wait for Firefox 4 before Sandboxing Firefox : Is Because...
At the moment Firefox updates automatically - & - I've also got my Add-ons updating automatically too.
Don't Panic! .. Only have well known and well researched Firefox Add-Ons ( No Script | AdBlock Plus | WOT | Secure Login | New Tab Homepage | Tiny Menu | etc. )
Once I've Got Firefox 4
My plan is to set Firefox and it's Add-Ons to only update when I check for updates.
Thus leaving me to enjoy a Sandboxed Firefox without having to worry about updates.

The reason I'm sticking with a Sandboxed Chrome just for now...
Don't Have Many Add-Ons In Chrome!
Just... Adblock Plus | WOT | Google Shorcuts | Google Mail Checker

IE8
Just can't be doing with all the Adverts on websites
There's one forum I visit...
It was ok in IE when I first started going there.
But these days...
No Way! - Would I wan't to go there in IE8. ( Adverts, Pop Ups, Green Text.. Something! )


Thanks!

Zeena

 

I don't bother with a blank starting page, but I do control internet access when updating Firefox/Addons/configuration out of the sandbox.

My Firefox update routine:

• Disable internet access
• Disable forced programs in Sandboxie
• Launch Firefox as administrator (I'm running in LUA)
• (Firefox opens but can't connect to any webpages...)
• Enable internet access and then do Help > Check For Updates and download the update
• Disable internet and then restart Firefox to install the update
• (Firefox restarts but can't connect to any web pages...)
• Close Firefox, enable internet and start Firefox normally in the sandbox

Add-on updates are done in a similar fashion (in LUA) along with any config changes too. No web pages are ever shown during any of these procedures.

 

While i certainly bow, to others superior knowledge, I think some people here are utterly paranoid. I think for some people, using S.B has made them utterly terrified of opening there browser normally.
Blank home pages, killing internet access, what are you people scared of ? Just to configure or update firefox. I think for normal people, this is ridiculous. You have to draw a line somewhere, I hope I never become this worried.

 

For me it is just the opposite. I am much less paranoid using SBIE because I know, for a fact, that if I delete the contents of the sandbox, the next time it starts, it will be absolutely 100% clean. And further, if it were to become infected, the problem would never bleed over to the real area(s).

For me, that is simplicity. Not using my browser (or as little as possible) outside of the sandbox is an easy task. Then by having one browser/sandbox for sensitive activities like banking/purchasing, and one browser/sandbox for other activities, I have very little fear. Not that I had a lot to begin with , but SBIE offers IMO simplicity and peice of mind, not paranoia.

It is true though that you must disable sandboxing to update/change the real locations, that is the only drawback in my mind.

Sul.

 

I agree one can take it to the extreme. However, I would rather see "normal people" being overly cautious than just "button clickers". Might actually help things rather than continuing the botnets and such.

Sul.

 

As for Sandboxie making people utterly terrified to open a browser normally, that may be your perception, but it isn't mine. Sandboxie makes people feel secure, and offers them a way to experience peace of mind. Almost all SBIE users feel that way and recognize this. But to turn it around and say they are utterly terrified to open an un-sandboxed browser is missing the mark.

(This is one reason so many of us advocate for layered security... so if one program or layer is down or disabled intentionally, we are still confident that the other layers in place will suffice.)

Besides, a user must open the browser un-sandboxed in order to make configuration changes to it... that is, if the user wants the changes to stick.

So call us worried and terrified if it makes you feel better, but I would define my own personal level of concern over computer security to be healthy. It's not a bad way to be, or to feel.