Advice Request Chrome/Firefox Sandboxing Feature and the Benefit of using Sandboxie

[SearchLight]

For a long time , I have read, and been confused by the comments that Chrome and Firefox contain Sandboxing features. From what I understand, each open tab is an independent process separate from the rest of the browser and my system. This is about as far in the technological aspects of the security that the browsers offered that I got which led me to create this post amd ask the following:

That said, if I were to use Sandboxie, would its protection be redundant or more beneficial to these two browsers and my Windows 10 system?

 

[shmu26]

1 The sandboxing of Chrome and Firefox works like you said: the many processes and tabs running simultaneously in your browser are isolated from one another. If you have your banking site open in one tab, and you browse to an infected site in another tab, the latter cannot read data on the former. This is a very good thing, and Sandboxie doesn't do it. This is not what SBIE is for.

2 If you run Chrome on Windows 10, then Chrome is already running in the native Windows sandbox called appcontainer. Like SBIE, it isolates the browser from the rest of your system, to protect your system from infection. Here, SBIE is doing essentially the same thing as Chrome and Windows. And if you use SBIE, you lose appcontainer., because they don't work together, so you are losing what you are gaining.

3 SBIE has additional advantages, though. If you click on a drive-by download, and you have SBIE, the process will be sandboxed, and that limits the amount of damage it can do.
However, be aware that SBIE makes it very easy to retrieve the downloaded file to your real system, and it is tempting to do that. If you do that, and you run the file, SBIE provides zero protection.
Furthermore, there are plenty of other softwares that can protect you as well or better from running malicious downloads.

4 Advanced users can configure SBIE to do a lot of very cool things. If you are into that, go for it.

 

[Ink]

If you click on a drive-by download.

A big "IF".
Modern browsers have malware protections against unsafe sites and downloads, or you can enable "Ask where to save each file before downloading", which should prevent automatic downloads. Most people have an Antivirus installed and a browser Adblocker, or other Site blocking extensions.

From my experience, these so called "drive-by downloads" are less common, on a modern, updated system.

 

[shmu26]

"Ask where to save each file before downloading", which should prevent automatic downloads.

That's a smart idea.

And Google Chrome has a new feature coming up to block drive-by downloads from ads, too.