Sandbox Your PC For More Security
(Digital Money World) Have you ever wondered how some people run their computer for months to years (in windows XP or Vista surprisingly) and survived without needing to do a format C:\ /y and a recovery with all the worms, viruses, spywares and malwares around?
DMW is going to show you one of the possible solution that people use to protect your PC.
Here’s a Wiki of Sandbox,
sandbox is a security mechanism for safely running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers and untrusted users.
The sandbox typically provides a tightly-controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted. In this sense, sandboxes are a specific example of virtualization.
Some examples of sandboxes are:
- Applets are self-contained programs that run in a virtual machine or scripting language interpreter that does the sandboxing. In application streaming schemes, the applet is downloaded onto a remote client and may begin executing before it arrives in its entirety. Applets are common in web browsers, which use the mechanism to safely execute untrusted code embedded in web pages. Three common applet implementations—Adobe Flash, Java applets and Silverlight—provide (at minimum) a rectangular window with which to interact with the user and some persistent storage (at the user’s permission).
- A jail is a set of resource limits imposed on programs by the operating system kernel. It can include I/O bandwidth caps, disk quotas, network access restrictions and a restricted filesystem namespace. Jails are most commonly used in virtual hosting.
- Virtual machines emulate a complete host computer, on which a conventional operating system may boot and run as on actual hardware. The guest operating system is sandboxed in the sense that it does not run natively on the host and can only access host resources through the emulator.
- Capability systems can be thought of as a fine-grained sandboxing mechanism, in which programs are given opaque tokens when spawned and have the ability to do specific things based on what tokens they hold. Most capability systems are implemented as a kernel layer. The SELinux and Apparmor security frameworks are two such implementations for Linux.
In short, sandbox contains your program in a corner and protects your computer from malicious codes if you’re running something new or unfamiliar.
Sandboxie – A New Friend
Now here’s a new tool from the internet which is free to use (Thanks to Jose from Noponzi), Sandboxie (current version 3.24) is nifty, small (holy 350kb!), and idiot proof to use. Just install and you’re up and running with further protection to your PC.
What it does?
You could also try a new toolbar add-on, browser extension or just about any kind of software. If you don’t like it, you throw away the sandbox, and start again with a fresh sandbox. On the other hand, if you do like the new piece of software, you can re-install it outside the sandbox so it becomes a permanent part of your system.
Sandboxie intercepts changes to both your files and registry settings, making it virtually impossible for any software to reach outside the sandbox.
Sandboxie traps cached browser items into the sandbox as a by-product of normal operation, so when you throw away the sandbox, all the history records and other side-effects of your browsing disappear as well.
Ooh, that’s a hell lot of protection it does doesn’t it?
The Downside
Virtually none, or at least none that I know of. I’ve heard of instances that Sandboxie becomes very memory hogging, but with cheap and affordable ram nowadays (I run 4GB), it’s best that you can upgrade your ram and protect yourself with a sandbox for every program you open.
Great article Benson!
I hope it helps many Windows users.
Thanks Jose, since you’re the subject method expert, what other drawdowns does Sandboxie has apart from eating memory (which most AVs and Antispyware does)
Mr. Benson, is this sandbox is safe to use for login sensitive website like e-gold and other e-currency sites?
Yes it’s safe Rafael. Try it ;)
Thanks Benson.
I would like to share my experience using Sandboxie.
I am using anonimizer (anonimizer.com) when I surf the internet. But when I tried to go to liberty reserve website, I can’t. Then I switch on the Sandboxie, and with anonimizer still on, I could go to liberty reserve and make a login there.
Is this dangerous? Please share some comments.
Right.
Anonimizer and Sandboxie are both different kind of tools.
Anonimizer basically makes use of proxies, so your surfing goes anonymous to most of the sites, but it doesn’t actually protect you from virii, malware, worms and so on. What it basically and MAINLY does is to hide your surfing tracks.
Sandboxie is different. It protects you from malicious codes since it’s having control over portion of your memory just to run the particular program.
In this case, Try running sandboxie, your browser and THEN anonmizer to try if it still works.
This way it’s full protection with your random IP traces.
Hi Benson
I haven´t seen any other drawdown but we must check if there are a new update from time to time. Although sandboxie is great, any program is safe against possible bugs.
IT eats memory but maybe you don´t need antiviruses or antispyware using sandboxie.
Indeed, from the way how sandbox is running. we wouldn’t exactly need to run AV or ASW programs at all.
Cheers Jose ;)