My friend wants to learn how to use sandboxie.

Discussion in 'sandboxing & virtualization' started by cheater87, Aug 11, 2011.

Thread Status:
Not open for further replies.
  1. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    What would be the best way to teach someone who is new to the program. Shes a beginner. I showed her some youtube videos but shes still confused on how it works. Shes also worried if it would affect her computer in any way. I told her it would not affect her PC or delete anything important. But she wants me to ask you guys for extra help. Also what programs/processes would go to add to the safe list and what do you type in exactly to get them in there?
     
  2. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    If it were me, and she really wanted to learn, I would focus on file structures. Make sure she understands what directories and files are, how they are arranged. Show her how the sandbox directory is a type of mirror to an extent of her real file system.

    Recovery is really what SBIE is about. Where things went and why you can't find them. Teaching someone about how that works means they can find what they are looking for, and that is usually the main battle.

    Showing the different ways to open things (like forcing or drag/drop) is another thing I would show them.

    I usually sum it up with something like

    "What you open in a sandbox is treated like the real program. In fact, it is the real program. The difference is that whatever happens when it is sandboxed gets put into a special folder. If you look at this folder, you will see it is almost identical to the real locations it is mirroring."

    I don't go into much more detail than that, because frankly most home users aren't into the details anyway. Just assure them it works, and all you have to do is realize where things get written to when sandboxed.

    I wrote an article devoted to just that on my website, if you are interested.

    Sul.
     
  3. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Please post article. And is there an easier way of explaining? That should a bit too confusing for her.
     
  4. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    I am interested, would you post it or give us a link.
    Thanks:)

    Bo
     
  5. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
  6. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
  7. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,892
    Just saw this thread...Good question, it might give me the incentive to go further than when I bought a SB license in May, after a BitsDuJour special offer.

    Still to dip a toe in the water....:D , i.e Sandboxie
     
  8. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I don't think anyone can use Sandboxie and actually USE it without understanding what it does. It needn't be complicated. If a user does not understand what a file and folder are, and how to find them, I don't think Sandboxie is the proper choise.

    There are plenty of people who know what my documents and my pictures are, but don't go much further. I have set SBIE on these people computers, and they eventually quit using it or call me so much wondering "where did my picture go I just downloaded" that eventually I take it off.

    How sandboxie works and ways to tweak it are not something one needs to know. But what sandboxie does, that is something you do need to know. Fortunately it is a very basic level of understanding that is needed. Still, it is amazing how many people really don't want to know that much :blink:

    I still think for her to use it, without you babysitting all the time, you have to show here what it does. The only other option is to set it up for her, give here some ground rules, and hope she follows them.

    Sul.
     
  9. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    I'm not familiar wit the file system that's going to be inside the sandboxie but I wanted to use sandboxie just for browsing websites for websites that I'm not sure if it's safe or not and that's about it. Not using programs in sandboxie mode. Would this still be difficult or what should I do? Also, if files like firefox.exe or adobeflashplayer.exe or plugin.exe was inside there, am I also supposed to empty those out of the sandbox when I exit out the browser? Is it safe to empty out the safe files thats inside the sandbox that would be running or would it affect a part of my programs in my computer or any part of my computer? Also, is it safe to empty out everything inside the sandbox even the files that I dont know about? since Im not familiar with names of the files? I'm cheater87's friend by the way thats interested in using this program
     
    Last edited: Aug 12, 2011
  10. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
    Has your friend asked for advice , or did you suggest S.B ? Most people, I recommend SB to, say, thanks, but no thanks, then carry on regardless.
    While SB can be extremely easy to use, ( for basic browsing ) if you are not keen to learn some/all of its capabilities, then nobody is ever going to teach them to you.
    Some people here know how to use SB to the extreme ( clever buggers :D )
    However I have drawn a line, ( because of my limited knowledge ) and I feel extremely safe.
    It's impossible to say, without, your friend actually posting. It's pointless trying to advise through a third party
     
  11. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Here is how I would put it.

    If you browse with sandboxie, what you do is contained. There are some threats, but not to the system itself, rather to what you are doing while online. You could have your keystrokes logged as an example while browsing with sandboxie, or you could get a virus within sandboxie, but it will never leave the sandbox and get to the real system (normally anyway).

    Many people who use sandboxie will put settings in place so that only the browser (firefox, IE, opera, chrome, etc) is allowed to run within the sandbox. This takes care of most threats, because if only the browser can run, keyloggers and viruses etc cannot.

    So, yes, you could use sandboxie and remain relatively problem free, and rest easy knowing that you are.

    The downside to not understanding what sandboxie is doing at a file and folder level is that things will happen that confuse you. Because sandboxie keeps what happens in the sandbox separate from the real system, things you do are kept in a special place, that being the c:\sandbox folder.

    One good example is that if you start Firefox in a sandbox, and then update it, the update will occur, although it is only occurring within the sandbox, not to the normal firefox on your system. Every time you start firefox sandboxed, it will use that update. If you start firefox outside of the sandbox, it will not be updated. This is sandboxies job, to keep what happens in the sandbox out of the real system.

    If you were to delete this firefox sandbox, the next time you started firefox in the sandbox, it would no longer be updated, because the real system never got the update, only the sandbox that firefox was using did. You would repeat the process, updating firefox, which would only apply to the sandboxed version of firefox, not the real version.

    This tends to be the confusing factor for people using sandboxie. Another good example is when people download a music file. If they save it to MyDocuments or Desktop, then sandboxie puts a prompt up saying "you have just saved a file to MyDocs. This is in the sandbox. Would you like to 'recover' this file from the sandbox to the REAL MyDocs?".

    This is an option in sandboxie, to help you recover to those common places. If you say yes, then that file will be placed in the real MyDocs folder, and when you go looking for it, you find it. If you say no, it remains in the sandbox folder (c:\sandbox) somewhere. If you go looking for it in your MyDocs, you will NOT find it, because sandboxie has done its job and kept it out of the real system.

    If you download a music file, and place it somewhere else, like maybe in a custom folder you made, like c:\MyMusicFiles, then sandboxie is not by default going to prompt you to 'recover' that file. It will still exist in the c:\sandbox folder, but unless you realize that is where it is, or make some configuration change to sandboxie to help you, it will forever remain in the c:\sandbox folder.

    But you needn't get flustered about this. It is what sandboxie does, it keeps what you do within the sandbox away from the real system. You only need to understand what files and folders are, and how to find the c:\MyMusicFiles folder that you saved your files to. It is easy, it is in c:\sandbox somewhere. And not just anywhere. You don't have to go on an hour long hunt to find where sandboxie put your music file you downloaded. It is in a very logical location with the c:\sandbox folder. But you do have to know that is what happened, and that is where it is at.

    I think you can do it. The very fact that you are here posting shows that you have a genuine interest. You will undoubtedly be flooded with people here offering to help you. WE love our programs, and are almost always excited to help others appreciate what we appreciate.

    Press on, learn a little bit (not a whole lot really) and you will find it might do what you want and more.

    Sul.
     
  12. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    The only way I'm gonna be in sandboxed mode is only if I click on the sandbox icon? if I click on the original Firefox icon on my desktop, I wont going to be in sandbox mode? How can I make sure if I'm not in sandbox mode? Also, I heard theres an option if you exit the browser, everything on the sandbox browser will be deleted when you close the browser. Is this option safe if you put a check on that option? What if the safe files are inside the sandbox like the ones that was running that's inside the safe list? If you delete those, would anything get affected or is it safe to delete everything that's inside the sandbox? For example if I was on youtube if you put the flash player plug in inside the safelist and if you put firefox inside the safe list and if those files get inside the sandbox since it's running, is it also safe to delete those as well? basically anything in general thats inside the sandboxie?
     
  13. Peter 123

    Peter 123 Registered Member

    Joined:
    Feb 1, 2009
    Posts:
    177
    Well, for me the most simple explanation for beginners is the following:

    Let her imagine a very expensive, valuable table. In order to protect its surface she puts a tablecloth on it (made of plastic, let's say) whenever she uses the table (for eating, drinking etc.). ---> The effect: Whatever will happen on the table (peaces of the meal falling on it, crumbs, a glass of wine tipped over etc.etc.) - all will have gone from the moment she takes away the tablecloth. That means: The peaces of meal, the crumbs, the wine etc. had no contact and therefore no negative effect on the surface of the table itself.

    So
    - Her table is her computer (respectively her harddrive).
    - The crumbs, the spilled wine etc. are the malware (virus etc.).
    - And the tablecloth is of course ... Sandboxie! :)

    I know, that this is a very, very simple explanation/comparison, but I think it describes the essential principle of what's the function of Sandboxie. :D
     
  14. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Sounds good to me :)
     
  15. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    I sense after reading your posts that you are a little worry about what
    happens to your system when you delete the sandbox. I ll answer you
    in one word.....nothing. Nothing will happen to your real system when
    you delete the sandbox, no matter what files are inside. Your Flash, FF
    or anything else in your real system will remain as it was before you
    ran sandboxed. So, sooflymami, go ahead and set Sandboxie to delete
    the contents of the sandbox when closing. Its safe.

    When you delete the contents of the sandbox, the changes that ocurred
    while sandboxed are trapped inside the sandbox. Those changes is what
    gets deleted. The only things that don't get deleted are the files that
    YOU decide to keep, recover to your hard drive.

    sooflymami, use Sandboxie for all sites, not only for sites that you are
    not sure if they safe or not. Personally, I don't trust any site, not even
    Mother Theresas site.

    Bo
     
  16. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    My friend is worried that the windows update shield will stop appearing on the tray when using the sandbox. I told her shes OK but shes still a bit worried. She also wants to double check with you guys when there is an update on any of her programs, Like Itunes or Firefox etc. Shes is hoping that the updates will appear automatically even with sandboxie installed but not with these programs in the sandbox. Shes worried that Windows updates won't download in the background. Shes also worried about what to do if a pop up from a website opens in sandboxie.
     
    Last edited: Aug 12, 2011
  17. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Hi cheater, as long as sooflymami does her updates out of the sandbox,
    the updates will stay. She is using the free version, none of her programs
    are forced so her browsers are always going to be unsandboxed unless
    she clicks on the Sandboxed WebBrowser icon in her desktop or if she
    right clicks on the browsers icons and selects run sandboxed.

    She ll know she is running sandboxed when the SBIE Pizza slice shows
    the pepperonis on it or when the browser displays the pound # signs.

    Bo
     
  18. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Lets see what we can come up with here.

    Your computer has an Operating System, called an OS, probably windows vista or 7. Viruses etc want to mess with your OS so they can have control. Sometimes certain parts of the OS have flaws which the bad guys can try to use to take control. This is obviously bad.

    When you install a program, such as Firefox or iTunes, there is the possibility that these programs will also have flaws. And again, the bad guys try to use Firefox to gain access to the OS so they can have control.

    Both the OS and the programs like Firefox can be updated. Updates usually add new features or fix flaws. This is obviously good.

    Your goal is to come up with a way of doing things that makes you secure. Sandboxie is but one tool you can use.

    When you use Sandboxie, what you are doing is starting the program like normal. It is the same program you always use. However, when it runs sandboxed, ANYTHING that is created or modified while it is running is not changed in the real system but only in the sandbox. If you make a bookmark, it is only changed within the sandbox. If download a file, it is only created in the sandbox.

    The sandbox is a real, physical location. Just as you have a c:\program files folder, and a c:\windows folder, you also have a c:\sandbox folder. If you were to update Firefox while it was sandboxed, rather than updating the real Firefox folder that lives in c:\program files, it is putting what it would have put there in "c:\sandbox\sandbox_name\c\program files". It is the virtual environment that sandboxie creates and uses as it needs.

    The next time you start Firefox in the sandbox, all those updated files are still there if you have not deleted them. But, the real location of Firefox - c:\program files - was never touched. If you delete the contents of the sandbox, it only deletes those files that live in the c:\sandbox folder that pertain to its useage. You are free to delete the sandbox because it doesn't mess with your real system at all.

    If you used Firefox in the sandbox, and you downloaded a document, and it was never "recovered" from the sandbox to the real machine, then when you delete the sandbox, that downloaded document is also deleted.

    If you have installed iTunes on your real system, and you don't start it in a sandbox, then any updates it gets are written to the real location. Sandboxie does not do anything unless you tell it to. It is limited to you requesting a certain program to run in the sandbox. It is the same with your OS. If your machine gets a windows update, it is not running within the sandbox, so whatever gets updated gets updated on the real machine.

    If your windows is set to update automatically, sandboxie will not interfere no matter what you are running within it. You can run Firefox in the sandbox, and windows update will do its thing, because you never told windows update to run in the sandbox. You would not want to do that anyway.

    If you start Firefox in the sandbox, and you have it update automatically, it will update, but it will only apply when Firefox is running within that sandbox. If you want Firefox to update the real system, you should run it outside of the sandbox.

    Regarding popups in the sandbox - you don't really have to worry about it as much. You don't really want things going crazy in the sandbox, but if they do, simply close the program being sandboxed, and then delete the contents of the sandbox. Then start over. While it is possible to get a bad thing like a keylogger in the sandbox, it is easy to clean it up and start over, and you don't have to worry that the bad thing got to your real system.

    The #1 thing you can do for your sandbox is to restrict it to only allowing your specific applications to run within it. If you use Firefox and Adobe Reader, then learn how to make those two programs the only thing that is allowed to run within the sandbox. This one little change will keep unknown bad things like keyloggers from ever being able to run in that sandbox. It then allows you to browse using Firefox, read .pdf files with Adobe Reader, and no matter what pops up, nothing else can run.

    Sul.
     
  19. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    We got it installed, tweaked the settings and gave it a test run. Works great. :)
     
  20. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    I was on my Sandbox FF browser and in the middle of using the Sandbox browser, it said there is an FF new update available so I exited out of the sandbox and clicked on the original FF icon on my desktop but the update did not pop up automatically even though the sandboxie one automatically gave me a notice. I have my settings set as to delete everything when sandbox browser closes. In the future, would it still give me an automatic notification even though this happened? Since the automatic thing didn't appear on the original FF browser, I went to Help-About FF and updated it that way.
     
  21. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Yes it will still auto update. :)
     
  22. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    I have Firefox set to "Ask me what I want to do" because it tells me
    when an update is available(if I don't know about it) but it does not
    update automatically, giving me a chance to close the sandboxed
    browser and do the update as is supposed to be done.
    Out of the sandbox.

    Bo
     
  23. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    Even if the update stuff all got deleted inside the sandboxie, it shouldn't affect for future automatic FF update? does anyone know if the FF auto update stuff affected or got deleted? the ones that provide auto updates?
     
  24. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Change Firefox updating from automatic to Ask. It works better for you
    when you are using Sandboxie.

    Bo
     
  25. crofttk

    crofttk Registered Member

    Joined:
    May 15, 2004
    Posts:
    1,976
    Location:
    Eastern PA, USA
    Your "real" FF, outside of the sandbox was never touched, including not updated. Autoupdate and everything else about FF outside of the box is the same as it ever was. Just like Las Vegas, what happens in the sandbox, stays in the sandbox - until you delete the sandbox contents. What happens outside of the sandbox stays outside of the sandbox. For your purposes, they are separate universes. HTH

    +what bo said.
     
Loading...
Thread Status:
Not open for further replies.