Sandboxie any problems?

This is the ultra paranoid mode. One has to have physical access to your Hard Disk or sandbox and use third party recovery utilities for it to matter. Deleting the sandbox this way is only relevant if you are trying to hide what you do with your computer Ie during browsing. However by deleting the content (the regular way) malware cant "resurrect" itself so it's safe anyways...

 

Says who? : You implying something? : Where? : Who me?
You are correct.
I just tend to use Eraser and/or CC or s-delete to actually 'wipe' whatever I can whenever I can: files, folders, cache, VMs, e-mails, docs, photos, vids whatever : keeps kludge to a minimum.
Applying this to sandboxie is just an extension of my usual practice
Regards

 

It is actually wise to do so if you are to hand off your machine to someone, and there are multiple scenarios where this could prove to be more than just an intelligent thing to do... I just find it to be a lot of work

 

Reading this thread got me interested in trying out Sandboxie, which I have now installed. Interesting app for sure... I actually removed my AV for now, and put in ThreatFire instead. Performance is a hair better now in general. I'm not sure if I can actually do without the AV for good, but I think there's a fair chance I might be able to. Browsing is covered now, and the only time I really want to scan a file is when I download an executable in p2p. So we'll see how it goes... might just put Avira back on and use it on-demand only...

 

Kerodo,

Make sure you install NoScript add on for Firefox. It will really help...
AV's are good for scanning downloads but if you don't click on attachments you are probably safe with Threatfire as it will pickup executable trying to run giving you the chance to nip it in the bud, but it will do little for hostile web sites with scripts modifying browser elements and other such behaviors.

 

Threatfire works fine against drive-by too

 

Have you ever tested it? What kind of Site based script can it protect against?

 

Solcroft has tested Threatfire against malware and exploits with great success. Actually, dryve-bys are easy to catch for a behaviour blocker: a spoofed executable dropped in the browser cache which tries to hijack the browser's process to initiate outbound connection and deliver the payload.

Behaviour blockers are weak against rogue apps, macro viruses and time bombs. I'm not sure how they perform against file infectors and some worms.

 

Yes you are right. The reference I was making was not of the executable types but server cross scripting exploiting browser based vulnerabilities.

No script is annoying since it blocks all script indiscriminately until one authorized it to run which can be tedious. However it is the only means to protect effectively against such. I cant see how Threatfire or any other process scopes could be effective to protect against these unless an executable is dropped or activated.

 

Yes, NoScript is the only solution against XSS. Unfortunately, anti-malware apps can't do anything since nothing is dropped to the local filesystem. All the action occurs inside the browser.
Some discusion on XSS

 

Thanks, real good read! Just confirmed what I already new but with more details... weew that Helio like to write!

 

Thanks guys, so far so good with Sandboxie and TF.. I will have another go at NoScript also, haven't used it for a while....

 

@ Longboard, thanks for clarifying 'erasing' files for me. Thanks for the links too. I am the only user of my computer so I'm not worried about file recovery. I also don't have anything to hide that's considered too bad . I also use a virtualization program when going 'bad' places. I do value my privacy nonetheless so I may look into erasing with at least cc.

Thanks,
innerpeace

 

Perhaps a dumb question, but does Sandboxie also work with Newsleecher for example?

I'm still trying to understand how Sanboxie actually works (haven't installed it yet though), but it's not 'sinking in'. I use NOD32 as a AV and I have a MVP Hosts file. I use some Anti-Spyware tools from time to time, but I definitely am interested in other (easy-to-use preferably) tools to keep all malware etc out.

Are there any good tutorials or manuals regarding Sandboxie? Does it work alongside AV-scanners?

 

Hey Body... Visiting the product web site and reading helps...

My personal experience with it is very positive. All my security tools work perfectly with it. It's practically flawless!

Here is the info you may need if: http://www.sandboxie.com/index.php?HelpTopics