Discussion in 'sandboxing & virtualization' started by nozzle, Apr 16, 2018.
Is there any benefit in running Sandboxie and Windows Defender together?
Absolutely there is, as far as I know they should run great togther. Unless your running every applicaation and software sandboxed then you would need something else such as an AV for protection when not running sanboxed.
Yes, they run great together. Last time this 2 programs conflicted (and only time they have ever conflicted), was when MSE1 first came out. Never after. In my opinion, WD is the best choice of AV to use along Sandboxie. I dont use AV but if I was to use one, no doubt WD is what I would be using, specially in W10 were a lot of 3rd party antiviruses mess up the system (my opinion).
About the benefits of using WD along SBIE. For me personally, there is none but that's only because every file and program that runs in my computer, run sandboxed every time they run. Anything that I download, runs sandboxed during their lifetime in my computers. Also, I hardly ever install anything outside the sandbox for testing or for trying programs. Pretty much I never install something new. Installing programs outside the sandbox is my Achilles heel, and I am very concious of that, so I basically never do it. Sometimes I want to install a new program and 99 times out of a 100, after pondering and pondering about it, I end up not doing it. So, if you can be strict and restrict yourself like that, and run all files you download or get created in the computer sandboxed every time thy run, then no, there's no benefit of using anything along SBIE.
But for most people using he computer like I do, would be hard and boring. So, you really have to weight some of the things I said, if you cant restrict yourself from trying programs all the time and most people cant, then you are better using WD along SBIE, which meets the officially recommended way of using SBIE (The AV detects whats known to the AV and SBIE handles the rest). Is a great combo, the best. You ll never get a Sandboxie message about WD. When I say never, I mean never.
The great thing in my opinion on how I use Sandboxie and my computer is that, yes, I have to restrict myself in what I install outside the sandbox and have to be strict running everything sandboxed (easily done though as it gets done automatically) but other than that, I do whatever I want to do with my computer. I use the computer like computers were designed to be used before the first viruses were invented. Using SBIE like I do, allows me to use the computer that way, like malware did not exist. I go to any site I want to go, to me all sites are the same, I treat then all the same. To me, the Safe browsing thing doesn't exist. As long as I always use SBIE, and run anything I run sandboxed, I know when I turn off the PC, is clean every time, it doesn't matter where I been or what I ran. So, in some ways, I am freer and less restricted than most users in some aspects of using the computer and the internet.
WOW, awesome post Bo,thanks. Gives my brain cells something to chew on, if I can wrap those brain cells around all the neat possibilities that you are throwing at us.
@bo elam, may I ask how SBIE protects you from information theft on the web? - I use SD and it surely doesn't!
You can protect your sensitive files and folders via Sandbox settings. For example, you can block programs running in the sandbox from accessing your personal files and folders. You can also hide the information in the folders instead of blocking the folders that way programs in the sandbox can create new files in those folders. Also, to restrict even more the possibility of your personal information getting stolen, you can restrict the programs that are allowed to run and have access to the internet.
Combining those settings protect your personal information. To make it easier to use Sandbox settings, the thing I do is keep all my personal files and folders pretty much all within a few folders. That way I dont have to go all over the computer looking for them.
Something extremely important I do to protect my information from getting stolen that doesn't have to do with Sandboxie is I install as few extensions and plugins.as possible. The lesser the better. And only install well known extensions, extensions that have been around for a long time. Keep in mind, if you install a bad extension in Firefox, when you run the browser in the sandbox, some of the restrictions that you put in place wont apply. The malicious extension can hijack Firefox and silently steal your keystrokes and send them home. So, we have to be careful not only with the programs we install but also with the extensions we install. I don't try or install extensions just because they sound nice. Sandboxie cant protect us if we are already infected. Sandboxie can only protect us if we start with a clean system to begin with.
So, to me the extensions and plugins thing is huge. When I started learning the basics in security (I still only know the basics), I remember I opened Firefox and would see a bunch of plugins and extensions. I had no idea what they were, what they were for and thought they all came with Firefox. The truth of the matter was that none came with Firefox but it took me a while to realize that. Ever since I learned that none came with Firefox, I started keeping track of the extensions and plugins The one plugin that really opened my eyes was Java. When I started looking at Java in my XP, there were 13 Java installs in my Programs in Control panel. I had no idea what it was, if I needed or what, in fact I wondered what would happen if I got rid of them all. Would my PC die if I did that? To make it short, I uninstalled 2 or 3 at a time, rebooted and kept things like that for a few days, uninstalled a few more and so on until I got rid of them all. It was like discovering America when I realized that my computer did not break down without Java and that I had no use for it. Never installed it again.
Today I keep no plugins installed but I still use Flash a lot. What I do is install Flash in a sandbox and use that sandbox for Flash activities. I keep it for a few days, delete it and install it again.
And last. I open and close Firefox a hundred times a day. I don't mix browsing activities. In my personal view, this is important. In other words, if I am going to do something sensitive, I do it in fresh browsing session, and use that session only for that activity, when is over, I close the browser and delete the sandbox. When I read someone talk or brag about keeping their browser open for 20 hours and having 100 tabs open, I figure that's an easy way to get infected. I imagine all the garbage that's accumulated, lurking in the browser when someone does that, and they they open another tab and do banking. Bad.
Joann, thats pretty much how I protect my sensitive information from getting stolen and from keyloggers.
You are welcome, Acadia. I am glad you like it.
@bo elam, thanks for your insight (and tips) re that most important security matter.
You are welcome. By the way, you can use Sandboxie along Shadow defender. They work very well together. I am not using SD now but used to use it for trying other programs. Never had an issue using both programs at the same time.
I would rather not use both (probably for the same reason you are not using both). I'm quite content with SD (insofar as its protection goes), but I will incorporate some of your other suggestions to reduce my exposure to identity/information theft.
That is precisely why you prevent everything except chrome.exe from running inside the Sandbox
theft from the web is only possible with limited access (read above) and limiting processes have access to the web - read SBIE manual!
anyhow first is close to silly, because there is no default windows folder for important data. define your own critical folder list but avoid windows system folders because it can cause misbehave of proccesses in the box. the simplest solution - dont want web access - dont allow - or do not use. it is not wise for native users to screw on things if they are not aware of the consequences.
thats no general problem - just started chromium v69 in a box - working. go to sbie forum and ask for help about.
I mean that chrome.exe is forced into the sandbox, but nothing else can run inside it.
i will check that out stay tuned. v69 (v70 is in use) starting up as forced folder. ok, v70 would start also forced, same (new) profile (from previous v69). i can not speak for my full featured profile - not tested. Windows 8.1, Adminrights, no limitations for sandboxie.
Separate names with a comma.