SearchLight

Level 9
Verified
For a long time , I have read, and been confused by the comments that Chrome and Firefox contain Sandboxing features. From what I understand, each open tab is an independent process separate from the rest of the browser and my system. This is about as far in the technological aspects of the security that the browsers offered that I got which led me to create this post amd ask the following:

That said, if I were to use Sandboxie, would its protection be redundant or more beneficial to these two browsers and my Windows 10 system?
 

shmu26

Level 83
Verified
Trusted
Content Creator
1 The sandboxing of Chrome and Firefox works like you said: the many processes and tabs running simultaneously in your browser are isolated from one another. If you have your banking site open in one tab, and you browse to an infected site in another tab, the latter cannot read data on the former. This is a very good thing, and Sandboxie doesn't do it. This is not what SBIE is for.

2 If you run Chrome on Windows 10, then Chrome is already running in the native Windows sandbox called appcontainer. Like SBIE, it isolates the browser from the rest of your system, to protect your system from infection. Here, SBIE is doing essentially the same thing as Chrome and Windows. And if you use SBIE, you lose appcontainer., because they don't work together, so you are losing what you are gaining.

3 SBIE has additional advantages, though. If you click on a drive-by download, and you have SBIE, the process will be sandboxed, and that limits the amount of damage it can do.
However, be aware that SBIE makes it very easy to retrieve the downloaded file to your real system, and it is tempting to do that. If you do that, and you run the file, SBIE provides zero protection.
Furthermore, there are plenty of other softwares that can protect you as well or better from running malicious downloads.

4 Advanced users can configure SBIE to do a lot of very cool things. If you are into that, go for it.
 

Spawn

Administrator
Verified
Staff member
If you click on a drive-by download.
A big "IF".
Modern browsers have malware protections against unsafe sites and downloads, or you can enable "Ask where to save each file before downloading", which should prevent automatic downloads. Most people have an Antivirus installed and a browser Adblocker, or other Site blocking extensions.

From my experience, these so called "drive-by downloads" are less common, on a modern, updated system.