Sandboxie Versus Virtualbox Ubuntu

I am curious who prefers to use Sandboxie and who would rather use Virtualbox with Ubuntu running on it. (Or another Linux dustribution, e.g Fedora, OpenSuse etc)

I use Virtualbox and run Ubuntu. I think this is a lot easier, better and more secure than running Sandboxie.

Anyone else care to comment with reasons for their choice for Sandboxie or Virtualbox?

 

i am not familiar with virtual box, as i dont run linux at the moment, but its hard to imagine anything being much better than sandboxie.

you say you think virtual box is better, what do you base your opinion on?

thanks,

chrome

 

I don't imagine banking online in a VM will do much.

 

There are horses for different courses and both Sandboxie and Virtualbox excel in their intended purpose.

 

Well Virtualbox allows a person to run Linux as a "guest". This is a lot safer and more secure than Sandboxie IMHO. Linux is a lot more immune to nasties that Windows and Sandboxie.

 

Well it does a lot actually. It allows me to transfer money etc

 

Virtualbox running another OS will take much more RAM than just one OS and Sbie. It seems like overkill to me just to be or feel safe. On the other hand, A live cd may be even more secure than a VM. The thing that bothers me about Linux is how would I know that my OS is malware free? Does it have many free scanners that I can scan the system like is available to Windoz. I know scanning is not 100%, but it goes a long way in easing one's mind.

Keeping an OS updated can be done on either OS which goes a long way in keeping a machine secure. With either OS, one can shoot oneself in the foot by unknowingly installing an app that contains malware (yes, I know about the repositories). In Windows, I can scan a download for free before installing it. Does Linux have that option? That is a serious question by the way.

I think both methods can be secure, but IMHO to say one is better or safer isn't correct. Also, setting up a VM can be difficult and time consuming let alone trying to fix a little hardware problem within Linux. Don't get me wrong, I'm not a fan of Windows, but Linux still has a ways to go before it's mature.

Like Franklin has already said, there are horses for different courses so folks can use whatever makes them feel safe. For me it's an updated system, Sandboxie and when the surf is rough I activate Returnil. All downloads are also scanned by Virustotal, MBAM, SAS and Antivir. I'm even trying a LUA at the moment. With that said, I do plan on trying a Linux VM again soon because I want to learn more and I like the idea of open source OS's.

 

Yes, I have personally tested Ubuntu Linux running as a guest Virtualbox, and Linux is very secure.

 

1. I have 2GB RAM and have dedicated 512MB RAM to Ubuntu (even though 256MB will suffice in most cases). Vista and Ubuntu runs smooth for me. However, I have tweaked Vista not to run many services that I don't need.

2. Linux is open source, so you can see if it contains any malware. And there are programs you can check it for rootkits, virus, etc, e.g RKHunter, clamscan, Doctor Web, Avast for Linux etc.... However, Linux is rather immune to such things. I been using Linux for 10+ years and never been infected with a single thing.

3. And most apps etc are free for Linux, and yes, you know about the repos and only the linux developers etc have access to them. So I am rather confident as they all check them before released. And security updates are released very promptly.

4. Ubuntu is updated a lot more often than Windows. Linux is rock solid compared to Windows. But I still use Vista to play online games. But I would never use Windows for critical tasks such as accessing my Bank, Credit Card website etc. For all that I use Linux.

 

I only had 896MB of RAM when I last tried Ubuntu and PCLOS in VMware player and VWware server. I had problems with the player version and the server version slowed everything down a little. It was on a tweaked XP home OS.

As far as me being able to look at open source code and determining if malware is present is not a good argument. Most folks (like me) are computer users and not programmers. I do acknowledge that open source apps have more eyes on the code which theoretically should make it safer.

I'm also curious why if your so confident in Linux your not running it as the main OS and Vista in a VM? Is it because of gaming performance?

As far as Sbie and security. You can set it up to only allow certain programs to run like your browser. That should eliminate keyloggers from executing during an online session. If you delete the sandbox contents before and after a financial transaction, you should be safe. You can also prevent a sandboxed app from accessing certain files and folders that may contain "sensitive" information.

It all comes down to what your more familiar with.

 

Just because linux is open source does not make it anymore secure.

 

I used to boot into Ubuntu that is installed on my external HDD. Yet I was too lazy to keep rebooting between Vista and Linux, so I now run Virtualbox

 

Open source is a lot better than closed source, as it allows people to read the code and compile it themselves. Yet with MS Windows for example, that's not possible.

And I agree, open source doesn't mean it has to be more secure. However, with open source, nothing is hidden that may compromise a persons personal security.

 

Ok I understand your question... and I am unable to provide any evidence or data for my comment, hence the reason I ended my comment with "IMHO", indicating it was not a factual statement, but purely based on assumption, which in turn is based on limited and incomplete understanding and exposure.

 

The problem is your cpu, hpa, vga, bios and especially your network boot rom and router as controlling endpoints. You can use what you want if these hardware parts are successfully attacked or possibly compromised by default from industry. The thinking has to change like "I run linux I am save" say: "I use hardware made by humans = I am always unsafe"

 

Both Sandboxie and VirtualBox are for different purposes - especially if VirtualBox is running something other then the host. Also, to add to my last statement about VMs and online banking, if any type of malware, keylogger, etc affects the host, the VM won't help. Malware will still be in affect, and keyloggers will still log keys inputted into the VM.

 

Credit for being so honest. So you basically have no idea which is more secure. The important thing is using something you feel comfortable with and you understand. Also, you know how it protects you, it's weaknesses and strengths. If you don't know how to use it, how it works and what it covers then you will be the weakest link.

muf

 

No they won't.
Show me one Keylogger or test app that can read from VM.

See here

 

I respectfully disagree. Virus, spyware, rootkits, keyloggers, trojans etc are also a main concern, and Linux is pretty much immune to these, where Windows is not.

 

This is not accurate. Because I have tested keylogger testing programs, e.g zemana etc, and whatever I type in my Virtualbox Ubuntu session is not picked up in Windows keyloggers. If you doubt this, then I challenge you to test any keylogger testing program or an actual keylogger and see for yourself.

And if Windows has any malware, it wont "jump" over into the virtualized Ubuntu session.

 

I wouldn't go as far as saying, "So you basically have no idea which is more secure." because it is very common knowledge in the security community that Linux is more secure than Windows.

 

Exactly, spot on!

And I tested it myself, and no keylogger was able to read what I typed into Virtualbox Linux Firefox etc.