How-To Geek

I haven't used a sandbox . . . yet . . . but I've been thinking about it.

On another forum someone was touting the security advantages of using a sandbox to surf, and that renewed my interest in it.

They said, "When you finish browsing and delete the sandbox, all cookies, browser exploits, viruses, trojans etc evaporate." That seems pretty secure, and very much like 100% security. I'm not so intrigued by tracking cookies being deleted (though that is certainly a plus), but the part about " . . . browser exploits, viruses, trojans . . . " is particularly enticing.

So, the malware writers (a scurrilous bunch) haven't figured out a way to deposit their infectious packages outside of the sandbox?? Is this malware essentially "quarantined" within the sandbox, and it cannot get out unless the user (which would be a fool) does that recover function on the infected file?? Wow, if that's the case then this sandbox thing is 100% secure (other than an idiot user who let the thing out).

I've always subscribed to the Steve Gibson notion that there's no such thing as 100% security, but if this sandbox thing is what it looks like to me (I've looked at "Sandboxie"), then perhaps I need to rethink that notion.

I also subscribe to the notion that "If it's too good to be true, it usually is . . . not true". So, what am I missing? And I'd be interested to hear recommendations, pro and con, on it.

I had a question about Bookmarks. Specifically, I frequently Bookmark sites. If I do this in Sandboxie, is the Bookmark lost when I delete the Sandboxie browser session?? I read the Sandboxie tutorial, and it seems like you can use the recover function to save the bookmarks permanently, but it wasn't clear to me. Can I do this while I'm in Sandboxie, and if so, how?

The response I got back was "As for bookmarks, if I'm confident a site is safe, I just paste the URL temporarily into notepad. After killing the sandbox, I re-launch the browser without the sandbox, paste in the URL, save and exit. That's fairly bullet-proof."

I did try a LUA for a while, but as ScottW pointed out, it is very tedious. I found the same to be true, so I stopped using it. I'd like to hit a happy medium between security and user friendliness. Will this sandbox thing do it (if I configure it that way), or is that a hassle no matter what too??

@whs do you keep all of your backups? or do you delete older ones? just wondering becuase what if you get a virus but don't know that you have it then you do backups and keep saving the virus so when you do have to restore you are restoring a virus.

@whs,

Do you have an ABSOLUTE Clean Install Ghost Image backed up on a 2nd or 3rd HD that you can get going in about 10 minutes or so ??

Kindest Regards,
Rick P. ♥ :)

Wait a minute . . . wait a minute . . . I think I got hijacked here <grin>. This is getting into the virtues of an image, and I certainly agree with that.

But, seriously, I'm looking for more input (thanks for yours, whs) on using a sandbox for surfing.

Sorry BobJam. I was just trying to answer questions that came up. On the sandbox question, I think it is best if you just try it. It is no rocket science and you will quickly be able to draw your own conclusions. My link above would be a good starting point.

@ScottW,
Appreciate your last sentence in your post.
I think of a computer and network as just a bunch of parts to include the O/S.
If a part breaks including the O/S, it is just much faster to replace and "Move On" than to "fiddle around" and further tear-up the registry. (LOL) (LOL)
=============
Admit: if one only has a laptop, my philosophy won't hold water.
=============
Kindest Regards,
Rick P. ♥ :)

Echo on whs's question for Rick. (Now I'm hijacking my own thread!)

ScottW,

I'll have to read over your post again and listen to Gibson's podcasts and digest it all before I respond to it.

Hey Rick,

But you can swap out HDD's on a laptop just like you can on a desktop, so if you have a cloned HDD (clean, of course) available to swap, you're OK on a laptop. And you can restore an image from a USB external HDD also. With Acronis TI or Ghost (I think, I haven't used Ghost), you can easily make a clone or an image to restore (from that external USB HDD) for a laptop. Other than the fact that laptops generally don't have multiple internal HDD's, which you pointed out and I agree with, there really is no difference in image restoration or cloning capabilities.

And if you're saying it's more tedious on a laptop . . . well, maybe if you consider the extra few seconds it takes to plug in a USB external HDD, or swap out an internal HDD (though in that case, I think the time taken is a wash . . . don't know for sure because I've never owned a desktop except for that first IBM 8086 clone in the early 80's. . . am a laptop kinda' guy).

So I really don't see how you're hosed with a laptop . . . whs, help me out here.

(BTW, my laptop - an HPze4700 - DOES have a floppy drive)

Geeezzz, here I go again hijacking my own thread. I got hooked with that laptop thing you mentioned, Rick.

Thanks, whs, you helped me out there as I requested.

@whs,

There is really NO difference in the way we have Back-ups stored.
I have DISCONNECTED internal HDs and you have DISCONNECTED external HDs for safe back-up storage.
I just have to take a case side panel off to plug-in a HD and you just plug-in using a USB port.
My case sides have large (quarter turn screws) so it just takes a moment to remove a side panel, hook-up and go.
I'm sure you have seen similar screws on aircraft inspection point panels.

Kindest Regards,
Rick P. ♥ :)