I Can See Underbelly Of The Net With SANDBOXIE!!

Thanks LUSHER. First read it when Coldmoon mentioned it on a thread. I was just starting to get interested in virtualisation, particularly Sandboxie and Returnil. I was (I think) in the same position that Aaron is now and wanted a basic inkling into the differences. I found it was very helpful and helped me get a basic grasp of what it is all about. Appreciated.

 

Very well written Lusher. It gave me a good quick insight into virtualization.

 

Hi Kees.

If you download a file from within SafeSpace to your desktop (for example), it is tagged to ensure that when it is next opened or run, it runs back inside SafeSpace again. These tagged files are clearly visible by a red border surrounding them.

The net effect is that you can still download whatever you want and keep it stored with your other private and trusted files, without having to worry about what is lurking inside it, and without having to manage your files any differently.

Best regards,

Kris.

Artificial Dynamics.

 

So please let me get this straight as i understand it.

Robotdog for example would work to remove the "hooks" of DEEP FREEZE or some other ISR, but running under LUA it would not be able to displace those drivers/hooks? What about from userland? The same? I mean either way if ROBOTDOG for example could not elevate itself to Admin then for all practical purposes it can do no harm since it has not the proper privileges to carry out it's purpose.

 

easter, LUA with SRP is freakin' awesome. you could probably get away with using only an AV with LUA with SRP and still be in almost total safety! best of all it doesn't bog down your system with lot's of apps.

 

You got it right EASTER

 

Thanks greatly for all your inputs, nothing is more disappointing and disconcerting then to experience disruption by a foulware by some chance it's only mission is to create maximum disruption of a PAID software and rob a user of their internet service in the effort they would need to affect a repair.

You guys rock the house with your wit and knowledge on these matters, thanks.

 

Sorry to intrude, but I can't figure out what LUA is, and SRP as well. Will you please help me on that? Thanks

 

LUA

SRP

 

Hey, Thanks!

 

Freud would have loved sandboxie as it reveals (worldwide) all the varied perversions from the almost unlimited sex preferences to the materialistic obsessions that are sexual alternatives. I can picture him glued to his computer (protected by sanboxie) spending all of his time relishing humankind's confirmation of his theories.

 

Holy crap man... try reading science fiction or something! or you might develop some type of umbilical fixation in your old age... Me I took up smoking Cuban cigars

 

What would he think if he was able to delete a trojan while using Sandboxie while his C drive was locked in Returnil?

 

If I took too much time thinking about what my clients do with their computer before they call me to fix the issues they have... I might make a career change! I think I would barf I could see the content of that sandboxie cache... in the event it still existed after a user session of course.

 

And Freud should said this H.C. quote is quite revealing about the real nature of this guy. lol

 

I should have put in a grin icon to indicate the post was tongue-in-cheek. Your assessment was right on target nonetheless.

Freud's theories are intellectual mal ware and I wish there was a sandboxie for the mind to turn on before I read a book, that way I can avoid being infected by persistent absurdities put forth by the likes of Freud. His ideas have infected much of 20th century thought and it seems only now are they fading somewhat.

For me I think I'll take up feeding alley cats as the newer trash cans with lids make it harder for them to eat a decent meal.

 

Even when running under a limited account?? I'm running XP Pro, one account admin (only used for MS updates and program installs/uninstalls) two limited acounts and one power user account. Simple file sharing is disabled which allows me to set granular restrictions to any folder I want, including critical folders such as c:\Windows and all sub folders plus several others. These have only: "read & execute" "list folder contents" & "read" rights administered to them on the limited accounts, including power user (though this account has a few escalated priviliges on some non-system folders).

So if I'm running sandboxie and set a file outside it under one of these limited accounts, how could it gain higher priviliges than those of the account? Is it because the sandboxie driver is at administrative level?

 

Cuban Cigars?? I'm jealous. They're banned here in the States, unless you know where to look, which I don't.

I'm wondering about this Robotdog. With Sandboxie working and Faronics AE running. Between the two, I doubt Robotdog has a prayer without user help. I don't think AE would even let it start.

 

You can get them from Canadian mail order shops... or in any Canadian Cigar shop, But price is steep. To get cheap Cubans I have to go to Havana... Otherwise I settle for some decent Honduras made Grand Habanos #3 and Grand Habanos Corojos # 5 that I have to order from the United States otherwise I get burned real hard by our good Canadian Dealers and the tax man... (Best Alternative I know to a Mid Grade Cuban cigar and available right in the USA real cheap!).

If ya want ta know here is my fave: http://www.stccigars.net/habano.php
for a strong full bodied puff http://www.stccigars.net/corojo.php

Try and let me know!

 

Don,t smoke guys! atleast over here at Wilders.

 

Yes... wildly of topic!

 

Getting back to SandboxIE, would you guys please address the following:

My wife uses her WinXP laptop for email and online banking. Her laptop has a wireless internet connection to our DSL gateway (which provides a hardwae firewall). Would SandboxIE be enough protection? ...if not, what else is necessary and why?

PS. Forgot to mention that her browser is IE.

 

Simply put... No!

If you want to download anything into your pc out of the sandbox you should also have an av, and I would go with a HIPS as well...

 

This is the human element. My wife doesn't want to be bothered. I've put Sandboxie on her computer. She rarely uses it even though all she has to do is click that icon which sits right under the MSIE icon on the desktop. She has good antivirus which, fortunately updates or it would never be current.

I've downloaded Returnil to her desktop, but she doesn't want it installed "right now." She trusts her AV, hardware firewall and Windows firewall, which might be enough. Her problem is, on the two occasions she's been infected with malware (from graphics arts sites she frequents), it's because she downloaded a thing and when something popped up warning her, she just clicked without reading the warning.

I remember one. She asked, "What's this mean?" By the time I got the 4 or 5 steps to her computer she'd clicked okay, so I never knew what 'IT' was except that it took a reformat and reinstallation of Windows, using the DELL CD to get rid of 'IT.' She still hasn't learned.

If your wife will use Sandboxie, and scan files with a good AV, or even two (one on demand), that might be enough.

 

Chuck, are you sure we are not married to the same woman? .......your description sounds just like the way my wife uses the internet and I have also been asked to help her after she has clicked on somethings she shouldn't have (usually an email attachement)!

Chances are she won't use anything that isn't completely automatic (transparent) in operation - so I guess that answers my original question, but now I have to determine the best security solution for her.