Sandboxie .. Default Browser

Discussion in 'sandboxing & virtualization' started by Zeena, Mar 12, 2011.

Thread Status:
Not open for further replies.
  1. Zeena

    Zeena Registered Member

    Joined:
    Apr 25, 2008
    Posts:
    409
    Location:
    UK
    Hi .. mick92z - & - moontan :)

    Yep!
    Understand that it won't stop working after 30 days ;)
    But...
    Think for what we're getting the money is probably worth paying :thumb:

    Just can't believe it's took me approx 2 years to pick up the courage to install Sandboxie :oops: ... Oh! Well! - Got there in the End! :D

    Thanks!

    Zeena
     
  2. Zeena

    Zeena Registered Member

    Joined:
    Apr 25, 2008
    Posts:
    409
    Location:
    UK
    Hi :)


    Have just thought of one more Question...

    Say for instance I was browsing with Sandboxie and I picked up a Virus :argh:

    Avast Pops Up! - & - Offers to deal with the Virus!
    What happens once I empty Sandboxie?

    a) Does Avast Think... " Hold on a Min! - Where did that virus Go? " o_O
    OR
    b) Does Avast Not See The Virus... Because the virus is Not visible to Avast or the rest of my computer? :doubt:


    Zeena

    Thanks!
     
  3. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    548
    Location:
    Nottingham
    Avast will see the virus, and depending on your Avast settings will deal with it. For example if you ask Avast to send the virus to the chest it will take the virus out of the Sandbox and quarantine it. Then when you empty the box the virus will be deleted, but will remian in the chest.
    So there is nothing to worry about
     
  4. Zeena

    Zeena Registered Member

    Joined:
    Apr 25, 2008
    Posts:
    409
    Location:
    UK
    Hi mick92z :)


    I'll know what to expect Now - & - I'll be more Prepared :thumb:

    Thanks! ;)

    Zeena
     
  5. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    @Zeena

    You might find this useful

    http://mrwoojoo.com/sbie/index.htm

    It is paramount to understand what Sandboxie does and how that effects things. It is IMHO the foundation to using Sandboxie to its fullest potential.

    Sul.
     
  6. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    One issue I want to bring up if I may. It touched on saving things as you normally would, but it neglected to go a little further in methods of saving. To make my point, right-click "save as" will NOT work unless "dllhost.exe" is allowed to run in the sandbox. What will happen is you will go into a pop-up craze warning you it can't run. Just a small tip that perhaps a lot of folks overlook.
     
  7. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Thanks dw426. I haven't seen that behaviour before, but will certainly find out more about it.

    Sul.
     
  8. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    That might be the one annoyance I could say about Sandboxie. But, luckily, Sandboxie is extremely informative about such things. I know it is especially an issue with browsers, with both Firefox and Chrome requiring extra components to be allowed to run.
     
  9. Prole

    Prole Registered Member

    Joined:
    Feb 2, 2011
    Posts:
    47
    Location:
    New England, USA
    And ZEENA, when you get a popup saying that something won't run in the sandbox because of restrictions, you can go to...

    ->sandbox settings
    ->restrictions
    ->start/run
    ->add program
    you will see a list that will include the file that you need to add
    -> select the desired file
    -> click apply
    and then go back to what you were doing and it will run.

    Personally, after I add a file (especially something like "dllhost.exe") I go back and take it out of the 'start/run' list. But I'm paranoid.

    I vowed that I would never pay for security after being let down by paid security software; but after a month with Sandboxie, I had no problem breaking my vow. I am a Sandboxie devotee.

    ~ Removed Off Topic Comments ~
     

    Attached Files:

    Last edited by a moderator: Mar 13, 2011
  10. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I came up with that issue too, too many times. I actually mentioned it in some other thread, when suggesting to one user to add that process to the allowed list of processes.
     
  11. Prole

    Prole Registered Member

    Joined:
    Feb 2, 2011
    Posts:
    47
    Location:
    New England, USA
    ZEENA, I can't remember if this is possible in the free version of Sandboxie, but, if you click the Windows 'Start' button -> click 'all program' -> open Sandboxie -> you will see the option to 'run windows explorer sandboxed'

    That way you can go anywhere on your computer and still
    be inside a sandbox. You can open any file and it will open in the default sandbox.
    This way you won't 'accidentally' open a potentially malicious file (like a PDF) unsandboxed.
    Once you are sure it's safe to run, you can open it unsandboxed.

    Also, if you google - ssj100's Security Setup - you will learn some very helpful tips on how to configure Sandboxie.

    Have fun!
     
  12. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    100,469
    Location:
    U.S.A.
    Removed Off Topic Posts. Let's keep on topic which is Sandboxie. Thanks!
     
  13. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    I don't recommend start/run restrictions, especially for newbies. It can be quite annoying and confusing.

    I do recommend internet restrictions though, because it is useful for preventing malware from connecting to their authors, which Sandboxie doesn't contain by default.
     
  14. Zeena

    Zeena Registered Member

    Joined:
    Apr 25, 2008
    Posts:
    409
    Location:
    UK
    Hi Everyone :)


    Thanks for all the extra info and Tips!
    I've bookmarked this thread so that I can easily keep coming back to it :thumb:

    Last night I found the Chrome Settings page within Sandboxie.
    Was quite surprised to see it actually. As it isn't mentioned in the Sanboxie help pages.
    Only... IE - Firefox - Other ... See Here: http://www.sandboxie.com/index.php?ApplicationsSettings#web
    So if I was to say tick the Favourites/Bookmarks box.... Does that mean I'd be able to save Favourites/Bookmarks while sandboxed?
    Would I lose much of Sandboxies security by doing this? :doubt:

    Just keeping it simple at the moment!
    Browsing sandboxed most of the day :cool:
    Then emptying the Sandbox at the end of the day.
    Is This Wrong? :doubt:

    I'm not a dangerous surfer.
    If I was to get infected it would most likely be by pure bad luck ( Wrong Place at the Wrong Time ) than anything else.
    Don't want to be paranoid about security!
    Just want to be able to feel more relaxed while surfing the web and Open my emails without feeling like I'm playing Russian Roulette.


    Thanks!

    Zeena
     
  15. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    Zeena:

    yes for the first, no for the second. :)

    no, it's good.
    myself i like to have SBie automatically empty the sandbox whenever i close my browser.
    whatever suits you.

    i haven't read all the posts here but you should enable Drop Rights as well.
     
  16. Zeena

    Zeena Registered Member

    Joined:
    Apr 25, 2008
    Posts:
    409
    Location:
    UK
    Hi moontan :)


    I've now [+] the box to enable me to save Bookmarks :thumb:


    Thanks!

    Zeena
     
  17. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    @Zeena

    One needs to understand what those options do in order to determine both if you want to use them and if they "weaken" your security.

    First understand that the "sandbox" is kept physically separated from the real OS and file system. This is easy to understand I think.

    Then understand that the reason sandboxie offers to "recover" things is because it has been told to monitor areas like desktop and my documents. It presumes that if you save something there within the sandbox, that perhaps you would like to "recover" it to the real location.

    Much of the "weakness" that you find with sandboxie comes from the fact that if you don't delete the sandbox, and you were to get something like a keylogger installed, it can run within the sandbox environment. That means of course that if you enter in a password or cc number, the keylogger is working within the sandbox and can do its thing.

    You would not have to worry about this outside of the sandbox, but if you run your browsers within the same sandbox, then they all will be subject to the keylogger.

    Another area of possible "weakness" is by allowing direct access, which is what some of those options you speak of will do. Bookmarks is a good example. If you make a bookmark in the sandbox, it does not go to the real location. If you then delete the sandbox, the bookmarks are gone. Therefore, you are given the option to make an exception.

    Each aspect, like files or registry, allows you to state exceptions. You may give direct access to the real bookmarks file, so that when saving bookmarks, it is written directly to the real location, even though you are sandboxed. This is quite nice, and IMHO the #1 feature of Sandboxie that makes it so useful (that is, the exceptions, not just direct access). However, you can also make exceptions that might not be as secure.

    You can also make exceptions like Read Only if you worry about areas within the sandbox environment, or block them. One might apply read only access to the autostart registry areas of the sandbox, or one might give a deny reading/access to a directory or registry key that you never want anything within the sandbox to read/access. The combinations are quite flexible.

    Building on this, you can limit what is allowed to execute within the sandbox. You can tell a sandbox to only allow firefox.exe to run. All others will be denied. So in this instance, when you go to a website that downloads and attempts to run "keylogger.exe", it will be denied, as only firefox.exe may run - and you are by default given a prompt that tells you sandboxie blocked something.

    To build further, you may specify for the sandbox that you don't want any outbound network access, or limit outbound access to a list of approved programs. Here again, if something tries to go outbound, it will be denied unless on the list, and by default a prompt should show this.

    I like to have a sandbox for each browser, and then a few sandboxes for other "testing" purposes. Some sandboxes will allow no network access, some will, depending on what its intended use is.

    Investing a little time into sandboxie can really allow you to use it in ways you don't think of at first. It is a little different when you first start using it. If you continue to learn of how it works, you begin to easily grasp what all the options are. Sandboxie is not doing much that is magical, it is dutifully keeping what you do within the sandbox. Advanced useage is merely deciding what should be off limits even within the sandbox, and whether you want to "punch a hole" through sandboxie to allow access to the real OS.

    Sul.
     
  18. Zeena

    Zeena Registered Member

    Joined:
    Apr 25, 2008
    Posts:
    409
    Location:
    UK
    Hi Sully :)


    I've Now Ticked.... Automatically Delete Contents Of Sandbox :cool:



    I've only allowed... Bookmarks .. Nothing Else! ;)

    Oh! - Get It Now!
    Did wonder what that was all about :thumb:


    Thanks!

    Zeena
     
  19. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,951
    Location:
    USA
    I could be mistaken about this, but I believe that the SBIE default for deleting the sandbox is RMDIR, and I think that it does just that, a mere deletion, as opposed to secure erasure. If a user wants to erase upon deletion, then either of the two other selections (SDelete or Eraser-5) should be selected. Hope I have that part right about deletion as opposed to erasure.
    SBIE erase.jpg
     
  20. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    Page, you're gonna scare the OP with this stuff. ;)

    let's keep it simple! :)
     
  21. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,951
    Location:
    USA
    Nothing I posted is anymore complex than anything else posted here, moontan. I think Zeena can handle it. I just want to make sure that what I posted is accurate. :)
     
  22. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    That's not "scaring" the poster (it shouldn't, nothing to be afraid of). Sandboxie is just chock full of options..options that need time to go through, determine the plus and minuses, and testing to make sure nothing goes belly up (computers are weird like that, you start denying access and running to files/processes and they get mad). One thing I should mention about the keylogger issue Sully brought up. If you, let's say for example that you have a sandbox just for your media player. If you only allow, for example, "vlc.exe" (VideoLans media player) to run in that box, nothing else can, including that keylogger. Are you going to get a keylogger through a media file? Not likely, it was an example. But, if you follow the same procedure with your browser sandbox, you're still golden (be aware though that a few browsers now have additional components that need to run).
     
  23. Zeena

    Zeena Registered Member

    Joined:
    Apr 25, 2008
    Posts:
    409
    Location:
    UK
    Hi .. Page42 - & - dw426 :)

    Was talking about This...

    S.B_-_Auto_Delete.png


    Understand that it's means... When the last Sandbox ends.

    But...
    That's good enough for me!
    Close Chrome + Anything Else That's Sandboxed = Sandbox Contents Deleted :D



    Zeena
     
  24. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    that's what i use too Zeena.

    like Sully suggested, that is safer than waiting to empty the sandbox at the end of the day.
     
  25. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,951
    Location:
    USA
    Excerpted from the Sandboxie Help & FAQ...

    The third-party secure deletion utilities referenced above are SDelete and Eraser-5.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.