Sandboxie Observation

Most of you probably already know this, however, I found it interesting. I've only performed the benign test of creating a Firefox bookmark while sandboxed and then seeing if it is in non sanboxed Firefox and indeed it isn't. So I thought I'd delete a bookmark while sandboxed to see what happens, assuming in non sandboxed it would still be there, which it was. Here is the interesting thing though. I just randomly select a news article and mark it. I re-sandbox and it isn't even there. I came to realize that until you delete the contents of a session, when you sandbox, you return to a previous session. After I deleted the Sandboxie contents and added the bookmark un-sandboxed it was in the new sandboxed session. Point being, until Sandboxie contents are deleted you sort of return to the previous sandboxed session.

 

which is why most of us check the box to empty contents of sandbox on closing, or exiting.

 

Here I usually open up my trusted sites with login details outside the sandbox.

When starting my browser in a newly created sandbox my details are retained along with the cookies and cached items which help speed up browsing.

You can open file paths to retain favourites but I prefer to do it manually.
Sandboxie ini settings

 

That is not any secured way! Your "trusted" site could be hacked and infected with malicious iframe or Flash object.

 

How would FF with Noscript and adblockplus handle those exploits?

Only sandboxed trusted sites are noscript whitelisted when needing to post.

 

The simple way is, I have my email and web browser sandboxed, After that my AV is in place. And it works.

 

Wise! Very Wise.

I was researching over the weekend and got bit for the first time in a very long time with a clever file infector. I always like to run On-Demand AV scans and good thing, every .exe got popped. At least they were cleanable.

Just when you think you have everything in place and let just one of your guards down, whammo comes some engenious invader to spoil the party. After that, i went out and got Anti-Exe. ErikAlbert (member) is talked up this program quite a lot recently and now i see the WISDOM in those, his apprehensions we sometimes find exhibited in his posts.

 

Thanks Pete for that notice. If that be the case then it's but a simple matter that i'll just keep AE onto the drive w/o FD-ISR.

Don't need conflicts, thats for sure. $M has enough of their own, built-in. LoL

 

Hello,
Why should you have a trusted list?
Allow on demand, when needed.
Mrk