To all Sandboxie fans, please explain

lol, sounds like she actually listens to you. My grandmother and many more 'mature' peeps I know are probably the best users. They do exactly what I show them, and they don't usually have problems.

It seems to be the peeps around 50 that are the worst. Many are still pretty new to the internet, especially with the falling prices of broadband. Heh, these are the ones who just cannot seem to resist clicking on the 'You've won' buttons.

I don't use DW, how does it handle and how many prompts does it throw, if your mom did not follow your directions, but decided she felt this uncontrollable urge to pretty much click everything? lol, that is what I swear many seem to do.

Sul.

 

LOL Kess

I don't think you are getting mean at all.

Getting mean is more like saying that SB users are suffering from cognitive dissonance - they buy the *idea* and then need to promote to others in order to justify the original decision. To get mean might be to point out how tribal theory works in such cases - the need to support *your* team and fight off all pretenders. To be even meaner you might have pointed out that ..... oh why go on ? You and I both *know* that the software we use is the best although I do have my doubts sometimes about some of the programs that you run

 

That's because you are from Cromwell Country, you can't help that


Thanks to Rich, some examples + explanation of files containing embedded code targetting exploits. It is a good read https://www.wilderssecurity.com/showpost.php?p=1378699&postcount=15

I advise SBIE users to apply the trick of having a second sandbox in which moved files are "quarantained" for a month or so, before moving them into the real file system (after AV check, chances of not recognising zero day is very very low after a month). See post https://www.wilderssecurity.com/showpost.php?p=1378536&postcount=38 or https://www.wilderssecurity.com/showpost.php?p=1378143&postcount=6 amongst others of how to tweak SBIE.
I have not used SBIE for over three years now, so when questions arise I hope experienced SBIE users will jump in.

Thanks to some wilders members I have accomplished my goal: SBIE is great with near 100% protection, just use it right! When you are less experienced or prefere more ease of use: use a policy sandbox in stead of a file virtualisation sandbox (DefenseWall paid for all threatgates, or GeSWall free for browsers only))

Cheers Kees

 

Kees, you bringing this subject up, allowing other users to share their tips has improved sandboxie's use for others.

I always thought I wouldn't need the paid version's 'forced files or folders' feature, but having files and programs in that sandboxed folder for a month, sounds like a smart idea.

Ronen, my credit card is calling your name.

 

just had a major flashback to my youth there.

 

Agreed 1000% That bloke is a legend.

 

As I understand it Sandboxie is not a software that was developed just for the use of a "techie" elite or those "in the know". All sorts of people might use it for various reasons and have a whole range of cognitive and critical abilities. All of those people probably have an opinion from their own particular perspective that might be useful to somebody. "Off the cuff" "pencil sketch" "slights" "stereotyping" and a certain type of "blanket" "critique" can just insult and disenfranchise those that might otherwise bring something useful and enriching to a broad debate.

 

LOL

 

Maybe a lot depends on the intended purpose a person wants Sandboxie to serve. My kids use their computer mainly for playing online flash/shockwave games and checking the odd email from their buddies. They download and install very little other than the odd wallpaper and screensaver. Mostly they just surf all over looking for new sites with these games and play them. It's an old pc, 8 yrs, so I needed a security combo that was light and effective. Sandboxie with NOD32 2.7 with its http checking disabled, behind a router is doing less to bog the pc down than anything else I've tried and I'm confident it is very effective for the purpose. They don't need to answer alerts, other than the potential they could get from NOD if they try to open something from the recovered folder, and they are aware of this possibility, having seen it before. Also with so many Wilders members also liking it, I couldn't help but get intrigued by it. I like it The forced files/folders feature in Sb is great, so I bought the license to take advantage of it, forcing their favourite browser and email client (i've already seen some stupid chain emails from my daughter's friends ) in it, and because I like to support nice efforts like this from exceptional developers like Tzuk. They can surf all over the place and if they happen to stumble on a dangerous site, all the crud will get flushed away when they're done. As for wallpaper and screensavers, they know how to recover them, and then this is where I guess I place enough trust in NOD to catch anything infected. If it misses something, I restore an image using Acronis. No big deal, really. I just like the fact that a potential drive-by exploit that NOD might miss is contained in the sand and flushed away when done

 

I am not a geek; I am a regular Thomas, not a Joe. I have pretensions to geekdom, but they are figments in my own brain. I find that the instructions on the Sandboxie site are thorough and clear. I printed the instructions to pdf so that I could use them on my system offline. I use Sandboxie because it is easy to configure and use; you can configure it for you individual style of computing and internet use. It works with the security I already have.

router
Online Armor
Sandboxie
NOD32
SpywareBlaster
Trojan Remover
and some ondemand scanners and rootkit detectors, plus PGP.

 

It all comes down to what you want the program to do. If you just want to be sure that your browsing is safe, Sandboxie is great, idiot-proof. My older brother is practically computer illiterate. Non only that, but he also doesn't care to learn anything. In his PC he has just a dial up connection which he uses sporadically to visit 1 site with news that can be of interest to him professionally. Other than that, he ignores and doesn't care about the existance of internet. I didn't bother to install to his PC an antivirus. He uses Sandboxie with no problems at all (with auto-delete on close and 2 download locations where i explained him that he will always say "no" to recovery unless he downloads something himself and wants to save it.). It's as simple as it can get for his needs. He would NEVER understand the trusted-untrusted things of DW, let alone the rollback feature or a pop up that he may get. And when i say computer illiterate, i mean it. He once called me panicked, because there "was something wrong with the window, it wouldn't get normal". He had clicked by accident the window button that reduces the size of a window (on top right corner, next to "minimize" and "close" ) and didn't know how to maximize it again. (yes, i know, unbelievable).

DW is a more "complete" solution, meaning it is not just limited to the browser. But, if you ask me, for my brother, i would have much more chances in making him right click "run sandboxed" , than explain him how DW really works, which took me some time to understand too. DW, for someone like my brother, would be great, as long as he doesn't touch anything, see no pop up and doesn't encounter an application that isn't in the presets. (where the solution is "Send a log to Ilya, wait for new file or driver"). A bit like this:

http://gladiator-antivirus.com/forum/index.php?showtopic=81068

With Sandboxie, you are not as covered as with DW, but, if you just want to secure the browsing of someone, he will never have to deal with such things.


Also, my brother would never try to understand the difference between trusted and untrusted and when to run something as untrusted and when not to.

So, the least geek i know, is happy with Sandboxie.
On the other hand, my brother would never arrive to this:

http://gladiator-antivirus.com/forum/index.php?showtopic=81142

He would simply phone me to tell me "this DW of yours that you put me is broken, i have uninstalled it, it made my weather program go dead". I mean, he would NEVER sign up to Gladiator forum and have a new driver sent to him. He actually never heard of the word "driver" before. So, it's better to keep things simple and just give him a sandboxie.

Now, for a more "normal" user, DW is the "complete" solution. With the downside of more $ needed and more CPU usage.

 

This is a question in itself. what does the "Normal" user require ? Far less than many Wilders enthusiasts is my best guess. There can be no doubt that SB, DW, GS, SD..... and many others are "good" programs - but are they really needed by the "normal" user ? As I don't use SB I have no idea if it has some way of advising the user when it has stopped something bad or is the idea that it would contain the badness if it ever tried to get on a machine. In trying to decide what the "normal" user needs does the probability or infection need to be considered ?

 

Yes, what is "normal" is a question. Anyway, i consider most users more normal than my brother. Because my brother doesn't want to listen for 1 minute anything about security and isn't what you would call a typical internet user.

Sandboxie doesn't warn that what's inside it is "malware". But for some actions it will notify that an action was blocked or "failed". In these cases you can suspect that what you executed wasn't as harmless as you would expect.

There is also this "but are they really needed by the "normal" user ?"

I would rephrase it in "Are they AWARE of the existence of these programs"? The reply is "no". The typical user just has an antivirus and a firewall and often doesn't know what exactly the latter is reporting to him...

I think that if they were AWARE of DW, SB, SD etc and someone explained to them what they do, many, many people, would want to use them. For Sandboxie in particular, i think it would make a very good add-on for the casual user. DW would also be a simple addition, provided that in case of "weird" application there is someone to guide them to support. Total virtualization systems like Shadow Defender, Returnil etc, i think are a bit less digestible. It's best if you have more than 1 partition, it becomes more complicated than what most people are ready to tollerate. But are great for more advanced users.

Instead, they aren't aware that these programs exist, and they keep living with their antivirus and get infected and complain about it all the time...

 

i dont have a problem with sandboxie i think is very cool app and get good protection,but couple of friends always ask me where to go to find theier pics
after downloaded from messenger(sandbox)(not to recover),they have to go hunting for it it is very inconvinient for them(noobies)

 

Well, that's why i keep Sandboxie for the browser and for running exes and simple installers. For more broad use, it can become more complicated.

I haven't used MSN Messenger for years. But, if you can set a standard directory for their downloaded images, then you can add this folder to "quick recovery". And every time a photo ends there, they will be asked to recover it. Another way, but less secure, would be to go to "direct access" and put the folder there. In this way, the folder will be non protected and all photos will be saved directly there.

DW, for sure, in such cases, is more straightforward. After all, as the name says, SandboxIE, was primarily made to protect the IE (the browser in general). It's designed to do that in the most simple way. When you go to other programs, well, it needs more work.

 

i agree 100%

 

Yes. That's \My Documents\My Received Files for Windows XP

 

That's the way I like to set it up, its' seamless and has no prompts. You can secure that up with the registered version by setting that folder as a ForceFolder.

 

Well spoken

 

Let me be very clear: I think SBIE is an incredible string program, just wanted to point out its Achilles tendon. When users are aware of this and experienced SBIE users provide them with solutions - work arounds, then I accomplished the goal of this thread

As for Ronen, Ilya, Xiaolin: I wish them as many users as they can handle in 2009: I have a sympathy for one man bands providing quality software

To conclude

THE WINNERS OF THE BEST SECURITY PRODUCT OF 2008 IS AN EX-EQUO DECISION

NR1 shared first place: SANDBOXIE - DEFENSE WALL - MALWARE DEFENDER

(sorry TRJAM)

 

its ok kees, I still respect you.

 

How does one actually do this? For example 2 sandboxes. 1 for Firefox, the other for testing. How can I move a file which I have downloaded from the Firefox sandbox directly into the testing sandbox?

 

you set the donwload location as a "forced folder"

 

I take the lazy man's way. I have Testbox A, Testbox B, Testbox C, etc. already created. If I want to use Testbox A to download and test some software, I just access the internet from Testbox A and download and install the program in that same testbox. After the install, I typically change that testbox so that nothing running in it can access the internet (Sandboxie Control>>Sandbox Settings>>Resource Access>>Internet Access>>Block All).

Aren't you downloading onto your "real" system?

 

The three right there is like fortknox SB,DW,MD if anything was to defeat them together it is time to give up computers.