Sandboxie any problems?

Discussion in 'sandboxing & virtualization' started by JerryM, Nov 15, 2007.

Thread Status:
Not open for further replies.
  1. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    I know some here use Sandboxie or something similar. I have not tried such applications, and do not have the knowledge to do much trouble shooting on a computer.

    Accordingly, I am wondering if such applications are prone to problems with access to sites or other problems.

    I have felt that KIS is all I need, especially since I am a safe surfer.

    Thanks,
    Jerry
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    I've been running Sanboxie for quite a while with no issues. Also excellent help is available on their forum.
     
  3. tradetime

    tradetime Registered Member

    Joined:
    Oct 24, 2006
    Posts:
    1,000
    Location:
    UK
    Likewise, cannot think of a single issue with Sandboxie and have been running it for several months now. I should perhaps say that I only use it for web browsing, I do not install programs in it to test, nor play with malware in it.
     
  4. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    I use it extensively online myself. I often get myself infected when I clean up client pc... It keeps saving me expanding rear-end... Without performance loss...

    They released a new version on the 11th. I'm just testing the upgrade since yesterday. So far it's an improvement at all level on an already great product!

    Go for it!
     
    Last edited: Nov 15, 2007
  5. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Here I wrote an article on safe web surfing for all you safe surfers!
    You can check it out here: http://www.hermes-computers.ca/index.php?pid=46

    Not to frighten you but I see hostile Iframe on an enormous numbers of web sites. I must be spending half my working time helping people clean them up... nasty!
     
    Last edited: Nov 15, 2007
  6. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,150
    Location:
    Mass., USA
    Ditto.
    I find it fairly intuitive as well. Don't have to make a hobby out of it to benefit from it's efficacy.
    System impact is minimal.
    Tzuk (the developer) is very active in it's continued evolution.

    Digressing a bit here if I may, but one of my primary reasons for liking this software (enough to register), is it's convenience, aside from all the security benefits (and they are substantial).
    Before SandboxIE, I was constantly turning cookies on/off (depending on site visiting), as well as Java, JavaScripting, etc. Made me crazy.
    OK, I'm at Wilders, cookies on. Browsing elsewhere, cookies off. Other trusted sites, damn, they're not rendering correctly, Java/JavaScript on.
    Constantly clicking permission stuff depending where on the web I was.
    At the end of sessions, I was constantly reviewing, subsequently selecting/deleting cookies, as well as clearing history, etc.
    Ahhhh....With SandboxIE, I find the browsing experience much more relaxed.
    Cookies, Java, JavaScripting, all ON.
    Browsing done, close browser, EVERYTHING gone.
    Simplistic approach. I like simple.
     
  7. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Speaking of exploding malware within sandboxie for fun... Anyone here experienced with it that way?
     
  8. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    It's not much fun at all when the malware invariably succeeds in doing exactly NOTHING. No alerts, no cascade of popups telling you how Sandboxie just defended your computer against the LATEST ZERO-DAY 100% UNDETECTABLE TROJAN, no anything at all. Just... poof. Boring.
     
  9. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Hahaha... Darn there goes my next hobby idea!:)
     
  10. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Many thanks, All for the comments.

    If I understand it, Sandboxie is primarily for surfing. If I want to download a program I would not do it through the sandbox.

    I don't bank on-line, but would that go through the sandbox or would there be a problem of access and completing whatever business one would do?

    Regards,
    Jerry
     
  11. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,912
    Not at all! We bank all the time. I was so impressed with it I coughed up $25 after I used it for less than a day. The free version is about the same, however, it is my understanding you'll eventually get nagged.
     
  12. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    You can download anything using Sandboxie and then recover it later. I've only played a little with the new version, but it seems to ask you immediately if you want to recover the file after downloading it. You can also set it up to recover files, bookmarks, etc without interaction. I can't comment on the banking, but the site should work like normal.

    I've used version 2.86 and now 3.01 and I really feel safer with SBIE. It's also been very stable on my machine. Some of us have access blocked to My Documents when an app is sanboxed. This keeps whatever app you are running from accessing possible private files in My Documents. When you download it, make sure to go through the tutorial to get a feel for how things work.

    cheers,
    innerpeace
     
  13. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Thanks, again.
    The tutorial is a good suggestion. Like a few others I usually don't read the directions until I have problems.

    I have not installed it yet, but it does look very interesting. I'll see if there are more comments, but so far no downside has been mentioned. I would have thought it would slow down surfing a lot. Evidently not.

    Regards,
    Jerry
     
  14. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Go to your banking site with a "cleared" SandBox, carry out your banking/on-line transactions and then clear the contents before visiting any other sites.

    Never had a problem with SB; lightweight, stable, and does not slow down browsing even on dial-up. Highly recommended.
     
  15. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    ROFL :)

    @JerryM : registered user too; $20 = good deal for the unlocked version.
    Concur with all comments : a little gem. :)
    Couple of things:
    _Adobe PDF Reader will freeze a sandboxed FF session ( at least for me it does): ie open a PDF in the sandboxed browser = massive slowdown/freeze, and may need reboot. Use Foxit or other PDF reader in the session or just recover the file to wherever and read outside the s-box: scan it first if not sure of source ( even then...)

    _ A mal in the sandbox can execute and may be able to read from your HD files and send out through the browser. The said mal as a rule cannot escape the box to install: vanishes when sandbox deleted.
    There was one thread some where where one identified trojan: Prueba ?, escaped the sandbox. Not sure it was confirmed: Tzuk addressed the problem afaik.
    Kernel level drivers cannot be installed via the box which is another solid layer.

    _ your regular "anti" real time tools are able to scan the sandbox as per any file system and pick up nasties if they arrive.

    FF in sandboxie = rock solid.

    _Yes banking, purchasing etc is fine: just launch a fresh browser session after deleteing the default box contents = clean session.

    **Any mal already on your box will still be able to run: ie Keylogger will still catch typing.

    Default set-up is fine to start: fine tune as you go along and learn.
    Learn how to Erase the default box contents rather than just delete.
    Get it. You'll like it.

    There are discussion here re other Sandbox/Hips hybrids: DefenceWall, GesWall : all good tools. Sandboxie just great oob.
    :thumb:
     
  16. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    Am I the only one who has found that it slows down the initial log on ? only by a second or so - but irritating nonetheless. I'm sure that I read somewhere that
    extra time to log on was quite normal as Sandboxie has to set up its virtual environment ? Normal surfing thereafter.

    I should add I only tried to use it with Firefox. I didn't even think to use it with IE ( I'm not that brave) Perhaps it really works best with IE and is less necessary with Firefox Opera etc ?
     
  17. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    @Longview
    LOL yes possibly even more important with IE : MicrosftIE = sIEve ;)
    With FF = WALL.

    I do have (FF has issues) problems with some sites: my supposedly security conscious bank for &*#%'s sake thinks IE is better than FF.
    USe the: IEView addon: https://addons.mozilla.org/en-US/firefox/addon/35 while sandboxed with FF and sandboxie will open sandboxed instance of IE.

    The latest release of sandboxie has had some config changes: the right click extensions from the control applet no longer have "Launch IE" as option, just "launch Browser" which starts default browser ( FF for me) Any other browser session (ie non default) requires a separate shortcut.
     
  18. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    I know... I see this with all large institutions and businesses. Far too many IT managers are now Pen Pushers instead of engineers. They attend All Microsoft conventions getting programed by marketing hype and are much too busy looking for a freebie hand out from Microsoft to have time to think for themselves. Being addicted to a misguided "Risk Averse Decision making" turned upside down...

    Perhaps they should remain focused on Technical expertise skills instead of a poor mix of tech and Business skills, and stop trying to please CFO's as they currently preach. Perhaps more intelligent technical decisions would be made..

    Personally I think they standardized themselves into a pit!
    The rule of thumb is the less technically savvy you are at any level the more likely you are to stay with Microsoft being ignorant of the alternatives and being afraid of thinking outside the box...


    Forgive my rant!
     
    Last edited: Nov 16, 2007
  19. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    While true malware can run while it is in the sandbox you can protect your data directories so they can't be accessed from the sandbox. Also malware can't start services or install drivers.
     
  20. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    @JeryM
    Pete is on the money.
    Default is very good, needs some adjustments to block access to data files etc
    Config entries can be fine tuned per user.
     
  21. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Thanks a bunch. You folks have provided a great deal of information. I really appreciate the help. :thumb:
    I haven't installed it yet, and want to go through the tutorial.
    I use FF all the time unless a site requires IE.

    Thanks again, and have a great day.:thumb:

    Regards,
    Jerry
     
  22. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Hi Longboard, what does this mean? Are you talking about going into the contents and deleting individual files? If so, why?

    innerpeace
     
  23. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    True! Even if some mischief enters in, it's trapped or confined, and confinement translates into two options, keep or dispose. Thats the benefit which SandboxIE offers and it's a very intelligent & wise concept that WORKS!
     
  24. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    @Innerpeace:

    http://sandboxie.com/phpbb/viewtopic.php?t=1954&highlight=eraser
    http://sandboxie.com/phpbb/viewtopic.php?t=650&highlight=eraser

    Search at sandboxie forums. Essentially 'delete' vs 'erase' with 3rd party tools.

    There are a couple of Config entries and Reg changes referenced at the forums to invoke true erase options with Eraser and s-delete from sysinternals.

    I tend to do this manually as per the first reference above: just peace of mind.
    Eraser takes about 1-3 minutes to wipe the sandbox on a 1 pass wipe after a long browser session with downloading. Would take longer if set to higher integer wipes.
    Regards.

    *** if you want to check this out, use Eraser v5.7 which for me is very stable and read the forums carefully before trying v5.8+**8
    http://www.heidi.ie/eraser/download.php
    http://bbs.heidi.ie/index.php
     
    Last edited: Nov 17, 2007
  25. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    I read somewhere that a few Trojans did bypass or broke through the Sandbox somehow. From my perspective where one succeeds others will too...
     
Loading...
Thread Status:
Not open for further replies.