Sandboxie

polonyc2

Fully [H]
Joined
Oct 25, 2004
Messages
25,779
I just recently started using this program and I really like it...got me wondering if I can use this as a standalone antivirus/anti-mailware program as well instead of a separate program...meaning if I browse the web exclusively using the sandboxed version of IE/Firefox, is it just as or more secure then using a separate 3rd party antivirus software?

since Sandboxie isolates everything into a virtual sandbox and I have it delete everything when closed it would seem to be the perfect security software for any system...don't see any point in using antivirus anymore...plus Sandboxie does not seem to consume much resources at all compared to some AV software
 
Sandboxie supports 64-bit, but does so in a slightly less secure way than 32-bit (it's still secure).

The reason you'll still want a resident AV is because a web browser is just one vector — run an iffy executable and give it administrative priviledges and your sandboxed browser won't do you any good whatsoever against whatever virus or malware it might contain.
 
From the site:
Full disclosure: The 64-bit edition of Sandboxie provides a reduced level of protection compared to the 32-bit edition of Sandboxie.

This shortcoming is the result of a new security feature introduced in 64-bit editions of Windows, called Kernel Patch Protection. This feature aims to protect the core of Windows (the kernel) by regularly performing self-checks to detect changes.

The problem is that a stock Windows kernel does not provide all the facilities necessary to implement a security solution such as Sandboxie. On 32-bit Windows, Sandboxie can dynamically enhance the Windows kernel to provide the missing functionality. This is not possible on 64-bit Windows, due to the Kernel Patch Protection feature.

It should be noted, however, that even with this disadvantage, the 64-bit edition of Sandboxie is still an adequate front line of defense against most types of malicious software.

Additionally, in order to compensate for this disadvantage, the 64-bit edition of Sandboxie enables the Drop Rights setting by default. This setting may need to be disabled before software can be installed into a sandbox.
 
thanks...didn't see that before...still seems fine to me though (I'm using the 64-bit version)...havn't tried to purposely download any viruses to test it out but reading a lot of reviews it seems pretty secure...the low system resource usage is what impresses me as I don't notice any slowdows when using the sandboxed browser...after using Kaspersky and NOD32 this seems much lighter and just as secure

and the fact that it's shareware (with a nag screen after 1 month) makes it even better
 
There shouldn't be any performance decrease, right. A sandbox just 'traps' a heap of memory and disallows an application from making writes out of it, so the performance hit is basically negligible (just the cost of some of the overhead).
 
Sandboxie supports 64-bit, but does so in a slightly less secure way than 32-bit (it's still secure).

The reason you'll still want a resident AV is because a web browser is just one vector — run an iffy executable and give it administrative priviledges and your sandboxed browser won't do you any good whatsoever against whatever virus or malware it might contain.

I think to compensate for this you just need to enable the 'Drop Rights' feature...

 
I use sandboxie and find it to be a great extra layer of protection without any real drawbacks (except the nag screen after 30 days of use). I have purposely launched a virus executable inside a sandbox and was able to watch the virus literally disappear by terminating all processes in the sandboxie menu. I would not ditch a regular antivirus however. But sandboxie is an awesome thing if you are exploring the extreme depths of the internet.
 
I've use this software for months to check out unknown links instead of just going through an unknown website that I've never heard off. This software is a keeper for those who wants to browse the web for pleasure if you know what I mean. ;)
 
Back
Top