Sandboxie Versus Virtualbox Ubuntu

Discussion in 'sandboxing & virtualization' started by truthseeker, Sep 16, 2008.

Thread Status:
Not open for further replies.
  1. truthseeker
    Offline

    truthseeker Former Poster

    I am curious who prefers to use Sandboxie and who would rather use Virtualbox with Ubuntu running on it. (Or another Linux dustribution, e.g Fedora, OpenSuse etc)

    I use Virtualbox and run Ubuntu. I think this is a lot easier, better and more secure than running Sandboxie.

    Anyone else care to comment with reasons for their choice for Sandboxie or Virtualbox?
  2. chrome_sturmen
    Offline

    chrome_sturmen Registered Member

    i am not familiar with virtual box, as i dont run linux at the moment, but its hard to imagine anything being much better than sandboxie.

    you say you think virtual box is better, what do you base your opinion on?

    thanks,

    chrome
  3. Pseudo
    Offline

    Pseudo Registered Member

    I don't imagine banking online in a VM will do much.
  4. Franklin
    Offline

    Franklin Registered Member

    There are horses for different courses and both Sandboxie and Virtualbox excel in their intended purpose.
  5. truthseeker
    Offline

    truthseeker Former Poster

    Well Virtualbox allows a person to run Linux as a "guest". This is a lot safer and more secure than Sandboxie IMHO. Linux is a lot more immune to nasties that Windows and Sandboxie.
  6. truthseeker
    Offline

    truthseeker Former Poster

    Well it does a lot actually. It allows me to transfer money etc :)
  7. Peter2150
    Online

    Peter2150 Global Moderator

    Well I run Sandboxie and a VM machine although not with Ubuntu. But for different purposes. I think Sandboxie is pretty tight, and so far has held up to all the attacks thrown at it.
  8. Peter2150
    Online

    Peter2150 Global Moderator

    Have you put that to the test?? I have enough confidence in Sandboxie to run without any AV or AS and no issues.
  9. innerpeace
    Offline

    innerpeace Registered Member

    Virtualbox running another OS will take much more RAM than just one OS and Sbie. It seems like overkill to me just to be or feel safe. On the other hand, A live cd may be even more secure than a VM. The thing that bothers me about Linux is how would I know that my OS is malware free? Does it have many free scanners that I can scan the system like is available to Windoz. I know scanning is not 100%, but it goes a long way in easing one's mind.

    Keeping an OS updated can be done on either OS which goes a long way in keeping a machine secure. With either OS, one can shoot oneself in the foot by unknowingly installing an app that contains malware (yes, I know about the repositories). In Windows, I can scan a download for free before installing it. Does Linux have that option? That is a serious question by the way.

    I think both methods can be secure, but IMHO to say one is better or safer isn't correct. Also, setting up a VM can be difficult and time consuming let alone trying to fix a little hardware problem within Linux. Don't get me wrong, I'm not a fan of Windows, but Linux still has a ways to go before it's mature.

    Like Franklin has already said, there are horses for different courses so folks can use whatever makes them feel safe. For me it's an updated system, Sandboxie and when the surf is rough I activate Returnil. All downloads are also scanned by Virustotal, MBAM, SAS and Antivir. I'm even trying a LUA at the moment. With that said, I do plan on trying a Linux VM again soon because I want to learn more and I like the idea of open source OS's.
  10. truthseeker
    Offline

    truthseeker Former Poster

    Yes, I have personally tested Ubuntu Linux running as a guest Virtualbox, and Linux is very secure.
  11. truthseeker
    Offline

    truthseeker Former Poster

    1. I have 2GB RAM and have dedicated 512MB RAM to Ubuntu (even though 256MB will suffice in most cases). Vista and Ubuntu runs smooth for me. However, I have tweaked Vista not to run many services that I don't need.

    2. Linux is open source, so you can see if it contains any malware. And there are programs you can check it for rootkits, virus, etc, e.g RKHunter, clamscan, Doctor Web, Avast for Linux etc.... However, Linux is rather immune to such things. I been using Linux for 10+ years and never been infected with a single thing.

    3. And most apps etc are free for Linux, and yes, you know about the repos and only the linux developers etc have access to them. So I am rather confident as they all check them before released. And security updates are released very promptly.

    4. Ubuntu is updated a lot more often than Windows. Linux is rock solid compared to Windows. But I still use Vista to play online games. But I would never use Windows for critical tasks such as accessing my Bank, Credit Card website etc. For all that I use Linux.
  12. innerpeace
    Offline

    innerpeace Registered Member

    I only had 896MB of RAM when I last tried Ubuntu and PCLOS in VMware player and VWware server. I had problems with the player version and the server version slowed everything down a little. It was on a tweaked XP home OS.

    As far as me being able to look at open source code and determining if malware is present is not a good argument. Most folks (like me) are computer users and not programmers. I do acknowledge that open source apps have more eyes on the code which theoretically should make it safer.

    I'm also curious why if your so confident in Linux your not running it as the main OS and Vista in a VM? Is it because of gaming performance?

    As far as Sbie and security. You can set it up to only allow certain programs to run like your browser. That should eliminate keyloggers from executing during an online session. If you delete the sandbox contents before and after a financial transaction, you should be safe. You can also prevent a sandboxed app from accessing certain files and folders that may contain "sensitive" information.

    It all comes down to what your more familiar with.
  13. jrmhng
    Offline

    jrmhng Registered Member

    Just because linux is open source does not make it anymore secure.
  14. Peter2150
    Online

    Peter2150 Global Moderator

    You missed my point. I have no doubt it is secure, but you said
    I am challenging it is a lot safer and more secure than Sandboxie. That's what i am talking about being tested. What passed in the linux vm machine that fails in sandboxie?
  15. truthseeker
    Offline

    truthseeker Former Poster

    I used to boot into Ubuntu that is installed on my external HDD. Yet I was too lazy to keep rebooting between Vista and Linux, so I now run Virtualbox :thumb:
  16. truthseeker
    Offline

    truthseeker Former Poster

    Open source is a lot better than closed source, as it allows people to read the code and compile it themselves. Yet with MS Windows for example, that's not possible.

    And I agree, open source doesn't mean it has to be more secure. However, with open source, nothing is hidden that may compromise a persons personal security.
  17. truthseeker
    Offline

    truthseeker Former Poster

    Ok I understand your question... and I am unable to provide any evidence or data for my comment, hence the reason I ended my comment with "IMHO", indicating it was not a factual statement, but purely based on assumption, which in turn is based on limited and incomplete understanding and exposure.
  18. SystemJunkie
    Offline

    SystemJunkie Resident Conspiracy Theorist

    The problem is your cpu, hpa, vga, bios and especially your network boot rom and router as controlling endpoints. You can use what you want if these hardware parts are successfully attacked or possibly compromised by default from industry. The thinking has to change like "I run linux I am save" say: "I use hardware made by humans = I am always unsafe"
  19. Pseudo
    Offline

    Pseudo Registered Member

    Both Sandboxie and VirtualBox are for different purposes - especially if VirtualBox is running something other then the host. Also, to add to my last statement about VMs and online banking, if any type of malware, keylogger, etc affects the host, the VM won't help. Malware will still be in affect, and keyloggers will still log keys inputted into the VM.
  20. muf
    Offline

    muf Registered Member

    Credit for being so honest. So you basically have no idea which is more secure. The important thing is using something you feel comfortable with and you understand. Also, you know how it protects you, it's weaknesses and strengths. If you don't know how to use it, how it works and what it covers then you will be the weakest link.

    muf
  21. vijayind
    Offline

    vijayind Registered Member

    No they won't.
    Show me one Keylogger or test app that can read from VM.

    See here
  22. truthseeker
    Offline

    truthseeker Former Poster

    I respectfully disagree. Virus, spyware, rootkits, keyloggers, trojans etc are also a main concern, and Linux is pretty much immune to these, where Windows is not.
  23. truthseeker
    Offline

    truthseeker Former Poster

    This is not accurate. Because I have tested keylogger testing programs, e.g zemana etc, and whatever I type in my Virtualbox Ubuntu session is not picked up in Windows keyloggers. If you doubt this, then I challenge you to test any keylogger testing program or an actual keylogger and see for yourself.

    And if Windows has any malware, it wont "jump" over into the virtualized Ubuntu session.
  24. truthseeker
    Offline

    truthseeker Former Poster

    I wouldn't go as far as saying, "So you basically have no idea which is more secure." because it is very common knowledge in the security community that Linux is more secure than Windows.
  25. truthseeker
    Offline

    truthseeker Former Poster

    Exactly, spot on! :thumb:

    And I tested it myself, and no keylogger was able to read what I typed into Virtualbox Linux Firefox etc.
Thread Status:
Not open for further replies.