Sandboxie

Like it Peter, see what else develops. My SBie seems to have an awful lot of files listed that look delicate - are they at risk of leaving SBie for the dreaded Far East ?
Screen shot :-


John B

 

Different subject. Just discovered a tiny surprise.

All my Desktop icons I can open in Sandboxie by right clicking and sending them to the SBxie DefaulBox, except IE8. The "Send to" option does not come up, it is a smaller and different panel. It is the only icon that has declared UDI.

I am sure somebody will tell me why and at the same time laugh at my inadequacy. I do not use IE8, I use FF but tried it for kicks.

John B

 

Step back and examine for a moment.. the sandbox was empty when you started it. If you went to a bank and input your PIN, possibly it still resides within the sandbox to be extracted at some point.

But, if you only went to a forum or other benign site, what is in the sandbox to steal? Only whatever data that was needed/obtained from going to a benign site -- which is what? Cookies and cached gifs?

I have no doubt that if you visit a bank, and data is stored within SBIE sandbox, a method employed by a website can take it as it pleases in most cases. SBIE is designed to keep what happens within the sandbox out of the real system. The flexibility of having multiple sandboxes with the paid version allows you to rest in peace that sandbox A is clean, but sandbox B is not, but you don't care because you don't do anything with it that would be worth anything anyway. You use sandbox A for that sort of stuff and it is regulated/deleted.

Sul.

 

I have said this for months and no one listens. I set SB to automatically delete contents. On my sons computer from time to time, if I open up the sandbox in C: there are tons of files that have not deleted. It has done this on all my computers.

If I uninstall SB like I do sometimes, then go into C: drive to delete the sandbox folder, it says it has a ton of stuff in it. One time I opened it up and there were files that had not deleted when SB was closed.

 

Excellent advice for anyone using multiple sandboxes.

For those using a single sandbox, in addition to locking down the sandbox as described by Peter2150, for additional security the sandbox should be emptied before visiting banking and shopping sites, then emptied again afterwards before resuming general surfing.

 

This ^^

Been using Sandboxie now for a few months now instead of Bufferzone and I've got it set up to delete contents and thats exactly what it does.

 

@dw426

No.

As per Pete & sully et al: they are on the button.
Your observation is also correct.
This is not a criticism of SB, just a pointer re correct set-ups ( as noted by sully ) and end-user insights.

We're all on the same wave here: just dissecting the finer points.

 

If you have set Sandboxie to auto delete then you can check by closing down your sandboxed browser and watch Sanboxies taskbar icon which should show a red cross briefly as it deletes the contents.

Sandboxie will only auto delete when no processes are running in that sandbox and if any files are eligible for quick recovery then that dialogue will show up before auto deletion.

 

What sort of havoc with the browser can be caused which is not reversed by deleting the Sandbox?

Well, if the same amount of care and responsibility is used without NoScript there shouldn't be any problem and Sandboxie is the safety net.

As far as the various issues mentioned, re- or misdirection, malware installation, keylogging, etc., I'd think merely deleting the Sandbox before doing essential work and limiting the session to essential work (and deleting the box immediately on completion) would see them off nicely.

By the way, I'm thinking that a responsible user would indulge in safe surfing here plus a DNS such as Norton and WOT-ratings. For the more adventurous types nothing may suffice.

 

I understand what you and the others are saying. The one thing I would argue with is care and responsibility without NoScript. In my mind, it's a little hard to prevent malicious scripts if, without NoScript showing you them and controlling them, you don't even know they are there. Perhaps I've become too reliant on it, but after seeing how many different scripts there can be on a website, I just feel uneasy with the limitation of scripting being disabled completely or allowed unlimited running. That's really, at this point, the biggest reason I've stuck with Firefox, as otherwise there isn't much left for it to offer in my eyes.

I don't know about WOT anymore, not to wander off subject, but how can I trust something that almost entirely depends on a regular users' "vote" as to whether a website is safe or not. I used LinkExtend for a while, but it seemed to really stall things and was too "busy". Anyway, back to my point. I just see tools such as NoScript as a part of being a responsible, careful user, with Sandboxie covering my screw-ups or things that I can't control, which is admittedly very little if, again, I am careful and responsible.

I didn't mean to turn this into an argument against Sandboxie or doubt its protection. I simply choose to use tools that are available to me and easy for me to use, to keep as much malware away as possible, and let Sandboxie handle the rest.

 

I'm completely opposite as I want any and all malware to run unimpeded and I actively search for it.

I used to use Noscript but it only got in the way. Even FF's inbuilt site checking is turned off.

Think of all those lovely fake scan sites you're missing out on.

My default sandbox is restricted to certain apps running/connecting which I use to find malware samples which are recovered from the restricted sandbox and ran within a default settings sandbox and analyzed with BSA.

For me using Sandboxie then most other security are redundant except system virtualization and Images.

 

Thanks Pete and Sully,

I've had Sandboxie for a month, and with these last configurations tips I can understand why some people are even running with no other layer.

Indeed, its versatility makes it really brilliant. A bit of a learning curve though for the average user. I've also stopped using NoScript as it was basically disrupting my browsing experience.

 

Fully accepted Peter. I am not all that conversant with the heart & mind of Sandboxie, just that I have been persuaded by all the postal comments made on Wilders to trust it implicitly.

The suggestion that some Bogey man can put his grimy hand inside my sandbox and grab the family jewels made me nervous. Your explanations plus one or two others have dispelled that fear.

Thank you : Te quiero Sandboxie
John B

 

Sandboxie's default deletion command [RMDIR] didn't always work for me too. Heidi Eraser works perfectly and never misses a beat. how to

Might be a pain for some having to download a 3rd party secure deleter and setting it up but it's worth doing. IMO. Anything dangerous in the sandbox is guaranteed to get nuked.

 

I have deleting manually but is it possible that the auto-delete doesn't work for you or your son because some process is lingering (uninformed thought on my part)?

 

Yes, SB has definitely made me more relaxed during my surfing. If I have to allow a cookie, or a script via NoScript in order to view a web page, no big deal, it's all going to be going bye-bye soon anyways.

And I always take tzuk's advice and dissolve Sandboxie before going to a banking site just in case a keylogger or similar Trojan has sneaked onto my system.

Acadia

 

Code:

Fourth, nothing running in the sandbox can access data locations on my machine

what to check in sandboxie to have this done?..

 

This post was buried by the more important issues. No problem, I have found out how to do it.

Right click SBxie tray icon.
Put cursor on DefaultBox>Run Any Program.
DefaultBox panel is shown - Run Sandboxed.
Enter " iexplore.exe " in box, click OK.
IE8 is opened in Sandbox.
All done !
John B

 

hey thanks a lot Peyer,great instructions

 

I wonder, it seems like there is always someone who says "that is great advice" when some of us talk about having multiple sandboxes, each doing something different, yet combined create the type of security we desire.

Is it a mindset or something related to the use of a suite, or just one easy thing to use for security? I guess I found it natural to think of using a different sandbox for different purposes, and really took it for granted that everyone would do the same. Yet it sounds sometimes like some folks just want a minimal amount of boxes and had not thought of using multiples for granularity.

For those of you who haven't thought about it like that, why not? Is it because you are using the free version with its one box limitation? Or do you find yourself just geared towards that suite type tool, where it is all contained on one unit for you?

Really curious as to what some people might find as non-interesting about using multiple sandboxes.

Sul.

 

Hello, i've just installed Sandboxie (paid) in Windows 7 x64. I would like to keep the Historiy in IE8, after the termination of the sandbox. Is that possible?
Thanks!

 

1. Yes, I have the free version. I'm trying to get a Paypal account because this programme definitely deserves to be paid for.
2. Some users (even at Wilders!!!), may want to know and to have just enough to get along safely while using the internet for their work (or whatever).
3. For folks like that, self included, I guess a minimum modification of the defaults should suffice:
a) drop my rights
b) restrict programmes that can run in the Sandbox.
c) delete the Sandbox as often as possible.

I know of quite a few people who are put off from using Sandboxie because of all the options experts (goodheartedly) lay out .