Sandboxie?

Guest

Oops!

Post by Guest » Sat Sep 20, 2008 12:20 pm

Oooops! I spelled the title of this post incorrectly. Instead of "Sanboxie" it should have been "Sandboxie" . . . I left out the "d".

And I'm sure Sandboxie is only one of many of these sandbox applications.

phantazm
Posts: 4906
Joined: Thu Jan 03, 2008 1:46 pm

Oops?

Post by phantazm » Sat Sep 20, 2008 1:07 pm

Hi BobJam, next time you forget a letter or some other mistake, you need not post a correction. You can still edit the first post starting a new thread; the edit link is however found in the second column, near Categories and Search.

I don't know why the first post is treated differently;
it also took me some time to notice I could still edit...

Guest

Oh yeah . . . I forgot it

Post by Guest » Sat Sep 20, 2008 1:40 pm

Oh yeah . . . I forgot it was there.

logicman
Posts: 378
Joined: Sat Jun 28, 2008 12:58 am

Sandboxie - some pointers.

Post by logicman » Sat Sep 20, 2008 3:19 pm

Some good questions there, BobJam.

First principles: If you only ever download from trusted sources, then the file recovery option is useful. If you set up a specific folder on your computer, you can then designate that in Sandboxie configuration as an 'auto-prompt to recover' folder.

I think auto-prompt is safer than auto-recover. It keeps the user in firm control.
As for bookmarks, if I'm confident a site is safe, I just paste the URL temporarily into notepad. After killing the sandbox, I re-launch the browser without the sandbox, paste in the URL, save and exit. That's fairly bullet-proof.

I have found only one instance where something found a way 'around' the sandbox, but that was a hack attack and not a virus or trojan. Even whilst under hack attack, killing the sandbox killed the web link, although I could equally well have locked my firewall or just pulled out the cable.

In passing, I have found, and others have reported, that some sites detect that the browser is in a sandbox and refuse to cooperate. That is, they seem to sulk, and won't throw any malware at me. I assume that if any site admin feels the need to detect my sandbox, then he or she is not playing the game according to my rules. That sort of thing tends to get them the red card treatment. Known white-hats excepted, naturally. ;-)

. . . . . . . . . . . . . . . .
Protect and Surf.

Guest

Thanks for the explanation

Post by Guest » Sat Sep 20, 2008 3:48 pm

Hey logicman,

Appreciate the lesson. I'm going to have to read this over a few times before I can digest the part about auto-prompt because I don't have my arms around it just yet. Probably is obvious, but I'm a little slow and dense.

In any case, thanks again.

logicman
Posts: 378
Joined: Sat Jun 28, 2008 12:58 am

Re: slow and dense

Post by logicman » Sat Sep 20, 2008 4:02 pm

Re: slow and dense. Are we related? :)

With Sandboxie running, open Sandboxie control.
Click sandbox > default box > settings.
Select recovery + quick recovery and then add your folder / s.

Whilst using Sandboxie, if you download anything into a 'quick recovery' folder it is available for instant recovery, or recovery on deleting the sandbox.
'Recover to same folder means: 'recover from virtual folder to the real one of the same name.'

hth
. . . . . . . . . . . . . . . .
Protect and Surf.

cotojo
Posts: 2568
Joined: Fri Jul 04, 2008 10:50 am

Sandbox

Post by cotojo » Sun Sep 21, 2008 12:52 pm

As I mentioned on another post in the forum, I wouldn't surf without it.
Total security, a few hacks will try to bypass the sandbox, but just closing it stops it dead.
Recovery is simple using auto-prompt with a designated folder on the Desktop to recover to and also to run the recovered items within a sandbox to ensure that they are safe.
Once users get used to the way it works, it becomes habit, second nature, although users should NOT think that they do not need antivirus and anti-malware protection, they are a useful addition although rarely ever find anything once the sandbox contents have been deleted, and there are no history traces left behind either.
It really is so simple to use, configure browser, email reader, programs to run within the sandbox.
Best protection available, it's that simple.
Colin
http://cotojo.wordpress.com - Free PC Security

Guest

Been playing around with

Post by Guest » Tue Sep 23, 2008 12:44 pm

Been playing around with Sandboxie, and so far I like it. Once I get it configured the way I want it (think I have it already), will use it to surf to those red donut sites and rate them.

I was attempting to do my email configuration per the instructions to confirm by composing a draft test message, and then seeing if it showed up in OE in a non-sandboxie environment.

In the first several attempts, IT DIDN'T show up in the non-sandboxie environment. I reread the instructions several times, but it kept failing.

And then I read the manual configuration instructions, and the light bulb came on. Apparently, sandboxie assumes that the .dbx files (the OE mailbox files) are stored in the default location on C:\.

When I originally installed OE, I changed the storage location of the .dbx files to my E:\ partition. So I went into the Sandboxie Control and manually configured direct file access for msmin.exe (OE) to my .dbx storage on E:\Outlook Express (where I have the OE .dbx files stored), and BOOM . . . as John Madden would say . . . the confirmation routine worked.

So, I posted a suggestion on the Sandboxie forum that they might consider adding a caveat to the instructions that if a user has the OE mailbox files stored anywhere other than the default location that pointing Sandboxie's direct file access to where the .dbx files are stored is necessary for correct configuration and confirmation.

On the bookmark thing, it doesn't seem necessary to cut and paste them into notepad in a Sandboxie session. I'm not sure how or why, but apparently I have the thing configured so that a bookmark is saved to a non-Sandboxie session anyway. When I open IE in a non-Sandboxie session, the bookmarks that I added in the Sandboxie session appear. When I make a bookmark in a Sandboxie session, I get the "Immediate Recovery" Default window asking me if I want to recover the favorite to a non-Sandboxie session.

I'm not sure if this is because in the Sandboxie settings, I have "Add IE Favorites to Quick Recovery folders" checked because I think this is the default and logicman said that he had to always copy and paste the favorites to notepad to save them to a non-Sandboxie session. Either he doesn't have that default checked, or I got real lucky . Or is it just that you do that INSTEAD of having them recovered, logicman??

phantazm
Posts: 4906
Joined: Thu Jan 03, 2008 1:46 pm

Oops...

Post by phantazm » Tue Sep 23, 2008 1:00 pm

Please delete this, someone...

Guest

Sandboxie?

Post by Guest » Tue Sep 23, 2008 1:16 pm

These questions are primarily directed to logicman who posted in another thread recommending the use of a sandbox when browsing . . . but I would certainly welcome answers from anyone else.

I've never used a sandbox, but am investigating it to see if it can fit my needs . . . a balance between security and user friendliness.

There are two things that I have a question about: Bookmarks and logicman's statement that "When you finish browsing and delete the sandbox, all cookies, browser exploits, viruses, trojans etc evaporate."

1. Bookmarks

I frequently Bookmark sites. If I do this in Sandboxie, is the Bookmark lost when I delete the Sandboxie browser session?? I read the Sandboxie tutorial, and it seems like you can use the recover function to save the bookmarks permanently, but it wasn't clear to me. Can I do this while I'm in Sandboxie, and if so, how?

2. Logicman's statement

"When you finish browsing and delete the sandbox, all cookies, browser exploits, viruses, trojans etc evaporate." That seems pretty secure, and very much like 100% security. I'm not so intrigued by tracking cookies being deleted (though that is certainly a plus), but the part about " . . . browser exploits, viruses, trojans . . . " is particularly enticing.

So, the malware writers (a scurrilous bunch) haven't figured out a way to deposit their infectious packages outside of the sanbox?? Is this malware essentially "quarantined" within the sanbox, and it cannot get out unless the user (which would be a fool) does that recover function on the infected file?? Wow, if that's the case then this sandbox thing is 100% secure (other than an idiot user who let the thing out).

I've always subscribed to the Steve Gibson notion that there's no such thing as 100% security, but if this sanbox thing is what it looks like to me, then perhaps I need to rethink that notion.

I also subscribe to the notion that "If it's too good to be true, it usually is . . . not true". So, what am I missing?




Post Reply

Who is online

Users browsing this forum: HoroscZeprek and 4 guests