Discussion in 'sandboxing & virtualization' started by ChrisP, Jun 8, 2008.
Hi, If I ein IE sandboxed, am I protected from web bugs?
As far as I'm aware, web bugs can still be used inside the sandbox as they perform kind of like cookies do. I'm still trying to read up on that as I type this. In IE, I guess the best way is to turn off cookies. In Firefox, NoScript has a function that disables web bugs. Hope that helps.
Thanks. I use SpyStopper Pro to block web bugs - just wanted to know if I could remove it if I used sandboxie
1. What exactly is a Web Bug?
Given that example of many examples that could be given, Sandboxie would not be your first line of protection for Web bugs....would it ?
You throw something in the trash and I see it, you can empty the trash many times and I still saw you throw it in the trash.
I don't bother with these innocent collectors,bit sneaky though,its the same like filling in web forms to get to something which is obviously very visible.
I agree that there is a whole lot worse to worry about than web bugs/cookies, but, eh, why should I let advertisers know how many times I click something? What they don't know won't hurt me
This stuff isn't a big deal. Delete the sandbox and they are gone.
It's an issue of privacy. We give them information about our surfing habits but we don't get anything in return. Compare this to loyalty programs such as flybuys. You give them information about your shopping habits, they give you redeemable points.
To remove yourself from the clutch of web bugs, you must first remove the ability of your browser to 1) know local information about your system, and 2) the ability to send that information back.
A sandbox will not stop that. A sandbox only stops the program from leaking data back into your computer.
You can solve this problem through compartmentalization, or through virtualization.
With compartmentalization, you would run the browser under a different user. You might also add on a plugin like TrackMeNot, which creates false information/searches for the web bug to relay.
With virtualization, you could run a variety of virtualized appliances like JanusVM, Incognito, xB Machine, or RockATE, for fully prebuilt environments. Another option is to visit VMWare and download an Ubuntu image and just do your browsing inside that image, and to destroy the virtual disk created when you are done. And if you have lots of time, you could do the same thing with another version of Windows. Lots of options.
Come on, you don't really think trackmenot works right? It doesn't take very much separate legitimate search requests and fake ones.
VMware has an option to have changes wiped out every reboot which could be very useful in your case.
Some solutions are better than others. It depends on what the guy wants to accomplish and what web bug threat he has in mind. If he has nothing in mind, or every threat in mind, he has only two specific options. If he just wants to stop the bugs, a different user is fine.
XB, what about NoScript?
Ad Muncher works here to block web bugs.
Works fine, I have Noscript set to block them.
No offense, but i have it ticked too, and figure "it works fine".
Only i hoped for XB to answer just how good, since he didn't mention it.
I highly recommend AdMuncher for dealing with web bugs etc.... That wasn't one of the reasons I bought it, but it is the best ad/webbug/crap blocker around