I Can See Underbelly Of The Net With SANDBOXIE!!

If you know your app. very well and also the WWW you can get away with a very minimal approach or no approach at all.
If i understand member Lucas1985 right he surfs the WEB without any protection. Hmmmm

 

I don't want to beat my insurance analogy to death but let me ammend it by saying insurance for what you perceive to be something that you can't afford to lose, as in the case of important files. I don't think a FW, AV, AS, SBxie and FDISR is over the top.

 

Correct, on some machines I do not use any protection. Just a bit of integrity checking to see that all is well

 

The bulk of infection sandboxie is good to defend against, is actually easily preventable by simply not activating executables one downloads prior to having them scanned by a good anti virus, the other important vector sandboxie is good against is related to web browser modification by hijackers or cross server scripts that exploit the web browsers... this can be easily done by using firefox and NoScript, with linkscanner Pro and SiteAdvisor from mcafee... (Which is actually the preferable protocol to use as you will more than likely use your web browser outside the sandbox at some point).

Sandboxie is a great tool, it works as intended but it has vulnerabilities in it's design in that it doesn't scan for malware prior to allowing something out of its protected environment, and only protects specific component that one selects prior to using them... It is not a substitute for even the lousiest firewall for example... As it would provide no protections against external port scanning and exploits... Basically it's nothing more than a strong box, leaving everything outside the box as vulnerable as it always was...

While sandboxie is a powerful self defense method, it is not one someone can use mindlessly and carelessly... as the end result will be ugly, if for examples one was to use it without backup protection and they managed to get infected the problem would be undetected until the system became unstable... This is an issue as I have seen computers with multiple infections that even when combined, actually exhibited few symptoms of infections... Meaning the infections could go undetected for a long time, thus increasing the risks for the rest of us as well.

Just a thought!

 

Before anything,key is to have sound images,if i hose my system in whatever way,a quick restore and i am back in business.

I give myself the luxury to ever slimming down toward a bare minium and see what happen,is there anything in it i don't like then FDISR or even ShadowProtect are in my arsenal.So in a way nothing can hurt !!

 

To pickup on some of the earlier posts on identity thefts...

I think many who never had a bad hit, have a tendency to minimize the risks, like some rich people who probably never lacked of anything, look at the poor, and make comments like "Let them get a job"... They simply do not understand something that is not happening to them, and trivialize the event, perhaps as a coping mechanism.

Identity theft is real, otherwise why would we be getting fishing emails almost daily from what looks like our banks, or from lookalike companies we often do business with?

It's real, some loose their credit rating, sometimes their homes as they suddenly become insolvent! with all the complicated implications this engenders...

This is no trivial matter...

 

I ask myself at least here on Wilders how many are really beaten up and suffered financial losses due to bad keylogger,i guess not that many.

 

Identity theft can have such disastrous results that I feel the need to take preventive measures.
The number of victims may be small compared to the number of people that bank or shop online, but I would want to at least try to tip the odds in my favor.
Hugger

 

Agreed. Live life. Dont worry it.

 

Intelligent Perspective indeed...
The other aspect which is rarely if ever discussed here is what is ones responsibility when our own technology is used to infect someone else's. I often try and raised the subject since I think many really do not give a poop if their own computers are infected to the gills with everything from spyware to rootkits...

They care not it seems that this also means that their own machine is actively working to infect as many as possible within the shortest time frame...

 

You have to consider that people use their computers many different ways. You have to properly identify your risk area. That is why there is no magic fix for everyone. But it is entirely possible that there can be a single fix for anyone. It's just that it may be a different single fix. For me, downloaded installations are easy. If you confine them to vendor or trusted sites, it is extremely rare to have a problem. (A/V or no A/V) I also have a separate computer for testing, if I choose to try something I am not sure about.

Dieselman identified his usage, his past history and his comfort zone. He gave Sandboxie a try and made a decision that he in fact did not require it. What is wrong with that?

A relative I sometimes help out is in import/export and gets about 200 emails a day. 80% of these are from China and other similar points. 80% have attachments. (Mostly proposals in Word form with an accompanying picture in jpg) I can't distinguish spam from real and have to literally at least look at everything. It is important to respond timely. I agree it is also important not to forward infected attachments. Competitors routinely try to bind you up with floods of junk, and I am not sure if they are actually getting anything or just happy to slow us down.

System crashes and screen bind ups that require a forced reboot cost me money. The problem for me is that the common solutions offered were just as likely to cause a crash or bind up, and simply left far too much 'uncaught'. Just the time spent scanning had an identifiable cost. Internet Explorer and Sandboxie fit the bill just nicely for me. Other than a hardware firewall, there is no other security ware installed. Our response time is improved, our down time is zero (literally), and profits are up. So there is a financial side to all of this.

 

Fine, This entirely assumes that you "Know" an infected computer from another.
It also assumes that Internet Explorer and Sandboxie are perfect tools without fail... And that u trust them implicitly to provide 100 % effective protection... It also assumes you will never have to extract executables outside the sandbox as you would have no way of knowing if the executable is in fact safe to use...

In my opinion, too much faith in anything usually proves itself to have been unwise somewhere down the road...

 

If it work for him with this minor protection,then he is smart in sorting out the real dangers and take just the necessary measures

Its kinda like real smart coding,such as high quality applications in a very small packages.

Its like comparing an all mechanical robust Leica M camera with only bare basic functionality to an modern Japanese Digital with all the bell and whistles.

Its just a state of mind with differ probably from yours.

 

Hi,

If the loss of any sort can be measured and dealt with, then there are NO problems. In fact,

The REAL problems are the lingering worries and anxieties thru days and nights, just because you DO NOT know how much in quantity and how wide in scope you have lost and will be lost. The remedies are likely beyond any assistance of Medical professions.

 

Identity theft is not the end of the world. And yes people should enjoy their pc and not go OTT on security software and worrying. But with identity theft, it causes a major PITA to your life. It will affect your life and family, at least until you sort out all the problems through your bank and the police. You'll always have that feeling that one day something may pop through your letterbox that starts it all over again. Yes it's not the end of the world, but for the time it takes to solve it, it remains a bad time in your life. And has been pointed out already, takes a lot longer to resolve than simply reinstalling windows. All I'm saying is that is it worth going a bit OTT with your software protection to make sure it doesn't happen or take the chance with limited software and fall into the trap...

muf

 

By identity theft I assume that the main concern is with bank and credit card details ? If this is the case I would have thought that any one of a number of
password/identity programs would be the best solution - 8 digit or more master
password - safe only open when necessary and machine rebooted before banking.

 

Food is a good analogy... You need it, its really important and a necessity.
However over heating will cause obesity and obesity leads to type II diabetes and increases the risk of heart failures and strokes. Also the obese die younger than the average...

The moral of this story, is you should eat well, but intelligently and you should do the same with your security products consumptions!

 

That is just an opinion. Others can think that using just a sandbox here might be more simpler.

If by cross server scripts u mean XSS , are us sure SBIE protectss against it? I think not.

Obviously one should not think even that a Sandbox is going to replace a FW.

That is true of any other security tool in exeistance.

 

Of course simply using a sandbox is by far the simplest protection... However I made my point in several posts on this issue before...
Sandboxie is a great tool, it works as intended but it has vulnerabilities in it's design in that it doesn't scan for malware prior to allowing something out of its protected environment, and only protects specific component that one selects prior to using them... It is not a substitute for even the lousiest firewall for example... As it would provide no protections against external port scanning and exploits... Basically it's nothing more than a strong box, leaving everything outside the box as vulnerable as it always was...

What could be added to this is that multiple applications on user systems have inherent vulnerabilities scanned for and exploited by hackers. Those are not covered in sanboxes. My point is simply that whatever sandboxie protects against there are open gaps that other tools are better suited to defend against.

As for XSS protections actually Not directly no... However by deleting the sandbox the modifications made to the browser or the system are erased and as such indirectly yes...

That comment is a response to some who think this tool is the only security required...

 

Bank Of America and Capitol One will call me if there are suspicious activity on my accounts. Over Christmas time Bank Of America called me to be sure all the charges were mine. So I logged on and went over everything on the phone with the lady and all charges were legit. I check my accounts daily and no every transaction there is. I might suggest you all do the same rather then thinking some security software can keep you safe. Sandboxie cannot tell you if somebody is using your account.

 

I am not following you here; Couldn't you ask that at any time after you were through adding security products? I addressed executables in my previous post, what and why should be added to the setup?

 

Come on. Not scanning files/ not acting as FW is not a vulnerability. It,s simply not its job.

I don,t agree. XSS will trsafer ur data( passwords etc) during a browser sesssion, so for all practical purposes it,s No Protection at all.

 

Of course it isn't it's job... The point again relates wanting to use this tool by itself... That is my only concern and is why I am writing these posts.

XSS manifests in many ways, not only as a password stealing trojan. However I am not personally aware of such an event taking place without an executable being injected into the system first. Thus doing it would trigger a good HIPS or even a decent antivirus... Again a good argument not to use sandboxes by themselves...

Even so Firefox with No script would prohibit this behavior should it take place directly from within a browser intercept if in some way it broke the SSL encryption used on most secured sites to protect against this. Given this possibility Firefox w/Noscript again proves a superior protection than a sandbox by itself.

 

I'm simply relating to the last comment in your post which states clearly that you chose to use only sandboxie with a firewall. and for performance reasons you are absolutely right... Nothing beats it.

My argument is that using a good HIPS with sandboxie is preferable. I like prevx because it encompasses all the basis... as in built in AV, AS, HIPS. all in one.

Again this is simply a personal preference, there are many good tools that cover many of the issues, most not stated here.