I Can See Underbelly Of The Net With SANDBOXIE!!

that is why everyone should have multiple security layers covering all areas.

If my sandboxie happens to fail then my hips would prevent any malware from installing

 

Am I right in assuming then that if you want to remove a file from Sandboxie, you should scan it first with your AV (NOD32)?

 

That is what I do.
My AV,AS and if it is not to large of a file, Virus Total.

 

1- If u have downloaded the file urself and trust it, why to scan it?

2- And if u have a real time AV, it will catch it even inside the sandbox.

 

This is true. Just making the point in response to Dieselman's statement. Thanks

 

Because, as has been demonstrated countless times, we all know how reliable a random person's opinion of a random file's trustworthiness is.

 

1) in reality not every downloaded file is trusted beforehand so to scan it is IMO good practice[virustotaal,jotti]

2) if signatures are up to date,what about zero days exploits ? Hips better suited.

I can feel with the O sub P that ditching realtime stuff has advantages,but trust only one app. goes to far IMO. I did it too but i keep Boclean and ondemand Cureit and SAS.
And if going realy dodgy i protect the whole lot with Returnil.

FYI over at Sandboxie forums some guys there using only Sandboxie as their sole protection. Hmmm.

 

It's actually possible - but of course you need to look at how you're going to use your computer. A sandbox isolates everything, good or bad. It can't tell whether what it isolates is actually benign or malicious, but that's absolutely no problem if you don't intend to ever let anything out of isolation. It's ideal for someone who never or rarely installs new programs, and only downloads those from reputable sites like download.com or straight from the vendor.

 

In that case I doubt that scanners will benefit him for long.

 

Hi,

The real danger of surfing Net with SandBoxIE is, IMO, the user deliberately or knowingly allows a file recovered from sandbox, but

What if the file accidentally leaks out (some say SBIE's anti leak function is not that 100% foolproof), what other remedies does user have ?

I am thinking these: Put SBIE in DW, anything leaks out there is treated as UNTRUSTED by DW (restricted right), if it can not execute, it can not infect.

If, only if DW fails here, user's AV on-access-scanner should pick up something, or other HIPS should too.

If they unfortunately do not react/act on this, user's behaviour blocker, in theory , will alert user too. In the very unlikely situation, if all these fail, user's virtualization app, such as DeepFreeze, or Shadow Defender etc will finally protect user, of course, if user has done this surfing in shadowed(freeze) mode.

Would this layered defense system be an ideal one ?

 

No - it would be what I call Michelin Man - walking around on a hot day with multiple layers of clothing. what sort of surfing habits could possibly justify such excess ? It would be bad enough if success could be guaranteed but even with so many layers infection is still possible. I can see that some may prefer Sandboxie, whilst others feel more secure with a real time AV and yet others opt for HIPS but to just load on layer after layer is just madness as far as I'm concerned - sorry far from ideal.

 

Yes. I scan all files before opening them. Even Nvidia drivers.

 

Agreed. Look at the Security Set up post. There are people running 5 layers of protection. Thats dumb in my opinion and overly paranoid. What are people so affraid of? So whats the worse thing that can happen if you get a virus. Reinstall Windows. Like all of us haven't done that before. No protection is 100% effective. Mainly it comes down to common sense.

 

I can have tons of security layers without using security software. Also, I can have zero security layers (unpatched machine without hardening, security software, 3rd-party software, etc) and still stay clean. The number of layers means nothing.

Financial loss.

Agreed.

 

Hi,
Common sense , IMO, is essential, but you know, in some instances, may not that great enough.

My theory is, if your resource is sufficient, either Hardware wise or software wise (deep pocket to acquire applications), more layered system will not go wrong that much.

One single infection of any sort will make you feel so uneasy; re-installation is the simplest thing to do, but how about the data destroyed by virus, or got stolen by trojan, don't you worry ?

One ounce of prevention is better than ? I believe in Insurance for that raining day.

Take care.

 

As lucas said, financial loss. Also identity theft.

muf

 

I have never ever been infected in over 5 years. I would rather enjoy my pc(desktop & laptop). I have downloading this and that and surfing this and that with no problems what so ever. I also never download or install anything I do not know. So many infections simply come from people going click happy and not taking the time to read what they are installing. Sticking to the subject at hand and like I said I have always been able to see the underbelly of the net WithOut Sandboxie. Using NOD32 and Comodo I feel safe. I also have a good knowledge of what is always running on my pc.

 

Come on now. How many times have you heard of this? Most identity theft is from people picking threw your trash. People are so paranoid. I check my checking account and credit card on a daily basis sometimes hourly basis. I know what I buy and what I have at all time. I shred all paper. Honestly speaking if somebody stole my credit card or bank account its not the end of the world. I still have a paycheck coming in. If you are the victim of identity theft most banks help you and you are not responsible for the charges. Find me a case of identity theft where the person lost everything they had. House,car,boat,money,every last penny they had. I have never heard of any cases like this.

 

That is as silly as wearing a scuba diving mask, aqualungs, and wetsuit and taking a deep sea flashlight with you every time you step into the bathtub.

Is it wrong, per se? Absolutely not.

 

Which would take far much more time and agrravation to fix then just reinstalling windows.

 

A bit OT but restore a clean image is nicer then a complete reinstall.

Identity theft is something where SBIE comes in handy,cause you can set browser as the only one to connect,keyloggers can collect but can't phone home.Simply deleting the sandbox and your fresh again,no traces left !!

 

I always think of the car insurance analogy. You've got fire, theft, comprehensive, glass and collision insurance on your car/cars. So when was the last time your car caught fire, was stolen, had a rock break a window, or had an accident? probably either never or once or twice quite a while ago. But most of us have all that layered insurance. So security software is the same thing.

 

For a home user to loose some intimate data,i agree its not the end of the world,reinstall,restore and your set. In general there's no financial loss cause the bank will compensate you.

But don't talk about big companies,hacked corporate networks with a downtime of even just a few hours cost big $$.

 

That suggestion that because most people do such and such it must be ok concerns me. The first law of insurance is that you never insure something that you can afford to loose. yes there are insurance junkies just as there are security software junkies but that does not make mania a happy state. The ideal in both cases is to have as little ( insurance or security) as is required in the circumstances - otherwise you fall into the trap of paying 30% extra just in case your new Freezer fails with the first 5 years.

I don't go in for dangerous surfing but if I did Sandboxie or similar might be helpful but I can't see the sense in just loading one more layer after another.

 

Very OT but what to think about a worldwide powerloss[it can happen] in terms of human suffering and financial losses.

Alas but we ourself build this highly binaries dependent society so we have to take the losses if it happen.

At least if it happen i can't get to Wilders...not nice !!