Does anything enter Sandboxie from Vista?

Discussion in 'privacy technology' started by tonyseeking, Apr 30, 2009.

Thread Status:
Not open for further replies.
  1. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    Here is my question, as I am confused :blink:

    Is using Sandboxie good to access and login to my bank? Is it good to use for Netbanking and important websites like accessing my credit card account online etc?

    If I load Sandboxie, it loads IE8. But does everything I do in sandboxie then similar to being a new and totally seperate PC running IE8 where anything on Vista, even infected files, keyloggers etc cannot "enter" the Sandboxie session?
     
  2. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    The keyloggers or whatever can enter the Sandbox, but they cannot escape it and get out onto your computer.

    If I understand correctly, it is important to delete your sandbox before going to your bank's website. If you go to the system tray and right click on the icon, choose "show window". The go to 'sandbox, "default box", and then click on "delete contents". Then tell it to delete sandox. That way if something bad was in there it will be gone.

    But I don't understand why you would use IE. Firefox is sooooo much better.
     
  3. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Of course.
    Down here, the some of the bloody banks havent coded their security options on the pages properly :mad:
    I've been onto my bank the NAB for over 12 months trying to get this fixed.
    As anywhere up to 25% of users in Australasia use FF as primary browser: cant see what the fscking problem is.
     
  4. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    Hi tonyseeking,

    I agree with the points already made (I too use Firefox in preference to IE) but I would like to make some additional comments to further help you understand both the advantages and the limitations of Sandboxie. I'll do it in the form of a Q&A.

    Q. If my PC is already infected with a keylogger, will Sandboxie protect me when entering secure details online?
    A. No, Sandboxie does not detect or protect against active malware already installed on the PC. For that you need other anti-malware tools such as: anti-virus, HIPS, behaviour blockers, etc.

    Q. Will Sandboxie protect me against social engineering attacks: for example, what if my online banking site gets hacked and replaced by a fraudulent copy that looks just like the real thing?
    A. No, Sandboxie does not verify the authenticity of websites. For that you need other tools such as: anti-virus, phishing filters, site advisors, etc.

    Q. Do I really need to use Sandboxie when visiting websites that I trust as safe, such as my online banking and shopping sites?
    A. It's up to you. The main purpose of Sandboxie is to protect you against the possible malicious actions of web sites that you regard as untrusted. If you're not sure about the safety and security of a particular website then you shouldn't be entering any personal information in the first place. If you do visit online banking and shopping websites from within a sandbox then, as caspian said, you should first empty the sandbox before banking or shopping, and again afterwards before resuming general web surfing.

    Q. Will Sandboxie protect me against browser hijacks, drive-by downloads, etc while surfing the web?
    A. Yes, this is its intended purpose. All malware encountered while surfing within the sandbox environment will stay in the sandbox and can't infect the PC. Bear in mind though that whilst the PC is protected, you are still vulnerable to social engineering attacks.

    Q. Will Sandboxie alert me if malware is encountered while surfing within a sandbox?
    A. No. Sandboxie restricts the activity of malware silently by restricting its behaviour and containing it within the sandbox. In many cases, this does prevent malware from running, due to the restrictions imposed by Sandboxie in order to maintain a secure sandbox environment.

    Q. Will I get additional privacy from using Sandboxie for web surfing?
    A. Yes. All changes to the file system and registry are virtualized, so no traces of the session remain when the sandbox is emptied.

    Hope this helps.

    Regards
     
    Last edited: Apr 30, 2009
  5. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    Because when I run "Sandboxed Web Browser" it loads IE8 not Firefox. But that could be because I don't have Firefox "installed:, I run the portableapps.com firefox from a truecrypt container.
     
  6. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    Thank you pegr for taking time to reply to me with a great Q & A format.

    I read everything you said and it has helped me to understand.

    I have one question however, that is still unclear to me... what exactly is "social engineering attacks", and how can I protect myself against these?
     
  7. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    Hi tonyseeking,

    What I mean by social engineering are scams whereby the main purpose is to steal personal information that can be used for financial gain: credit card details, bank account logon credentials, passwords, etc.

    Some examples: -

    1. Criminals put up a fake shopping site with the intention of fraudently capturing your credit card details.

    2. A hacker hacks into your bank's website and replaces it with their own fake version that looks just like the original. The hacker is after your account logon credentials that they can then use to steal money from your account.

    3. Rogue anti-virus programs such as Antivirus 2009, which play on peoples fears to try and persuade them to part with cash in return for installing a useless piece of software that then, in this case, may also go on to download malware onto the PC as well.

    A good anti-virus program containing an active web-filtering component from one of the top-rated anti-virus vendors, bolstered by browser tools such as phishing filters and site advisors, can all help to determine the authenticity and intent of websites. As a lot of folk here at Wilders advise, a multi-layered approach to security provides the most effective defense.

    There is no doubt that Sandboxie does provide very good protection but you have to understand the limitations of what virtualization products such as Sandboxie can achieve. They can help to protect the PC but they can't protect the user from themself. In the end, the most vital component of any security strategy is common sense on the part of the user.

    As the main concern of your post appears rightly to be the security of your personal data, I just wanted to help you understand the limitations of virtualization products in general. I'm a great fan of virtualization products and I use both Returnil Premium and Sandboxie (paid) as part of a multi-layered security strategy.

    Regards
     
  8. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    I think that comment sums it all up.

    Common sense, based on knowledge and education on how best to protect myself. That is why I read everyday, learn everyday, ask plenty of questions.. to raise my awareness so I can protect myself from myself ;)
     
  9. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    Oh I see. Sandboxie automatically opens up your chosen default browser. But if you right click on the icon and choose "show window". Then click on "Sandbox". Go down to "defaultbox" and follow it straight across to "run sandboxed" and then on over and click on "run windows explorer". Then when that opens up, click on desktop (or whatever drive you are looking for) over to the left. You can choose any browser or any program that you want to run sandboxed.....like Yahoo Messenger. You can actually open your truecrypt folder sandboxed and thenm run your browser sandboxed.
     
Loading...
Thread Status:
Not open for further replies.