Virtual Browsers: Anonymous Web Proxies: Safest?

I recently had an incident with a trojan and am getting more aware of
safe hex. Safe Surfing.
I run WinXP with Defender as well as PC Tools Antivirus and Spyware
Doctor. My server offers McAffee and i will probably move over there.
What remains is safe hex.
This question concerns safe hex. I have seen a couple of Virtual
Browsers such as Green Borders and Sandboxie. I have also recently
renewed an old interest in Anonymous Web Proxies like Jaxxax.com.
QUESTION (1): Is there a strong perception that either Virtual
Browsers (Green Borders etc.), or Anonymous Web Proxies are safer,
less penetrable, better in general?;
QUESTION (2): I see that Jaxxax will get me to Google, or Yahoo, etc,
and that such search engines function after being invoked by Jaxxax.
So, if, say, i go to Jaxxax and then to Google, and from Google, I use
Google's search to get me to, say, Fox News, am i still free from
cookies and scripts and so on, when i read on through Fox? I did not
call up Fox from Jaxxax, i went to Fox from the Google browswer--so am
I protected, or out in the wild? Is that Fox viewing totally subject
to every problem that i would have without any AWP?
i hope this can be answered and if I am unclear, i would like to
present more so it can be.
Thanks and Best!

 

It is a common misconception that sandboxed browsers give you sufficient protection. They don't. Any browser attack, such as a malicious script, can escalate right out of sandboxie or any other pseudo-sandbox. Why? Because they are able to execute code on your box. If it can execute code on your box, it can read/write/execute outside of the sandbox.

For the level of protection you are talking about, you need to use JanusVM, xB Machine, or Incognito. GreenBorder might work, I can't see that it is publicly available anymore.

edit: NoScript and other plugins are not sufficient protection either. They can be beaten, easily.

 

If you use firefox, you can use noscript to stop scripts by default. Sandboxie can also be configured so that firefox is the only exe that is allowed to run in the sandbox.

 

Hi

Obviously, while sandboxes, NoScript, etc do not provide 100% protection, it is a very good layer which does not take up much resources and does signficantly decrease the likelihood of malware infecting your computer.

I could be wrong, but you sometimes seem to be subtly spreading FUD about a new breed of super-malware and that everyone should switch to XB Machine to be protected. When there are many other solutions (behavioral blockers, sandboxes, etc) that provide a sufficient amount of protection for most users, are much easier to use and are more stable.

 

Proof?

 

Interested readers may wish to consider the use of the free Browser Appliance by VMware, which runs inside a virtual machine.

 

No script is white listing so if a trusted site is compromised, then it wont help. There may also be ways to fool no script. However in terms of real exploits, most just target the 99% of users who dont use no script.