I need sandbox ???

I use Sandboxie on chrome or not ???

  • yes

    Votes: 12 42.9%

  • NO

    Votes: 16 57.1%
  • Total voters
    28
Status
Not open for further replies.
Davidov

Davidov

Level 10
Thread author
Verified
Well-known
Sep 9, 2012
470
It needs to put chrome in the sandbox or not ?? Chrome has its own sandbox.Chrome sandbox is the most secure as Sandboxie, etc.

AVAST support told me he does not use the sandbox to Chrome because Chrome sandbox contains (I do not believe chrome sandbox)?
 
Last edited:
L

LabZero

Chrome sandbox contributes to security by restricting access only permitted to some plug-ins but It doesn't virtualize the entire browser.
Sandboxie instead run the browser in full virtual mode.
So Sandboxie is necessary.
 
Last edited by a moderator:
  • Like
Reactions: Deleted member 178, XhenEd, Davidov and 2 others
Amiga500

Amiga500

Level 12
Verified
Jan 27, 2013
661
Strange thread.
Just to clear a few misconceptions.:
Chrome utilises the mandatory access controls on a specific operating system.For example on windows it will use SEHOP,ASLR.DEP.
However on a linux system which i use and have chrome installed it is far more impressive,using :
  • Seccomp BPF,
  • Namespace sandboxing.
  • Network sandboxing.
  • YAMA enforcing.
  • Seccomp BPF with TSYNC.
On linux chrome is stronger than windows.
Explaining Chrome's Linux Sandbox - InsanityBit

More detailed explanation in link.:)
 
  • Like
Reactions: Ink, Online_Sword, Davidov and 1 other person
Davidov

Davidov

Level 10
Thread author
Verified
Well-known
Sep 9, 2012
470
Yes, I already saw this post, I think, I am a windows thank you.
 
I

Ink

Administrator
Verified
Jan 8, 2011
22,490
Chrome does have light-sandboxing, but in my opinion, from a users' perspective, it's non-comparable. So Sandboxie can provide that extra layer of protection, and with any web browser.

Also, if you're logged into Chrome with Google, any changes made to your browser will be synced.

What edition of Avast are you running, Free or Paid?
 
FleischmannTV

FleischmannTV

Level 7
Verified
Honorary Member
Well-known
Jun 12, 2014
314
If you are easily fooled into downloading and running executables on your own (social engineering), then yes, running Chrome in Sandboxie might be beneficial. Against exploits it's definitely unnecessary in my opinion. The chromium sandbox paired with MBAE or HMP.Alert will not only provide a more robust but also much more user friendly protection. Then again, most infections still occur by users downloading and executing the stuff on their own.

Umbra said:
From what i recall, Chrome sandboxes only some plugins (java, flash, etc...) run in it, not malwares. Chrome sandbox is not a real sandbox since you can access everything you download outside it.
Click to expand...

Not true. Please educate yourself on how the chromium sandbox works. Frankly I am quite surprised you don't know this stuff.
 
  • Like
Reactions: Davidov and Martin_C
D

Deleted member 178

FleischmannTV said:
Not true. Please educate yourself on how the chromium sandbox works. Frankly I am quite surprised you don't know this stuff.
Click to expand...

1- i think you didnt get what i meant. I wanted to explain briefly that exe you download via chrome arent sandboxed unlike Sbie. and if you run that exe and it is a malware, you are done.

2- i know how chrome works , using windows mechanisms, protected mode, etc...etc...etc... i just dont want go in details.

We are not at Wilders here, where experts argue about every small details that only them understand, while the majority of the audience is lost :D

I try to explain the difference between common use of Sbie and Chrome , that is what the OP asked.

You download an exe in Sbie , you run it, it is still sandboxed. That was my point , and why the OP dhould use Sbie with Chrome.

Thanks :D

Btw, i even ran MBAE in Chrome in Sbie without any issues, so the OP should not worry.
 
Last edited by a moderator:
  • Like
Reactions: Koroke San and trhd03twth
Amiga500

Amiga500

Level 12
Verified
Jan 27, 2013
661
Umbra said:
1- i think you didnt get what i meant. I wanted to explain briefly that exe you download via chrome arent sandboxed unlike Sbie. and if you run that exe and it is a malware, you are done.

2- i know how chrome works , using windows mechanisms, protected mode, etc...etc...etc... i just dont want go in details.

We are not at Wilders here, where experts argue about every small details that only them understand, while the majority of the audience is lost :D

I try to explain the difference between common use of Sbie and Chrome , that is what the OP asked.

You download an exe in Sbie , you run it, it is still sandboxed. That was my point , and why the OP dhould use Sbie with Chrome.

Thanks :D

Btw, i even ran MBAE in Chrome in Sbie without any issues, so the OP should not worry.
Click to expand...

Chrome has file download scanning protection so any malware will be detected upon download.However i think that people are mixing up the terms sandboxing and virtualisation.
Indeed chrome is not a virtualisation program although i believe the v8 javascript engine is virtual although not certain of this.
Basically its pure adjectives you are being confused by..;)
I think in an ideal world google should of used the term restrictive policies or something to that effect.
 
D

Deleted member 178

Yes chrome is restriction-based for me, while Sandboxie is virtualization for me, and when we talk about sandbox , Sbie is almost always the reference.

I always try to be simple because many members here have basic knowledge and just need orientation or simple explanations.

In fact people get deceived by the term "sandbox" used by every vendors because it is hype at the moment.

In fact there is so many terms like "isolation", "sandboxing", "virtualization", use in every way possible to fit the market that people, even me, can be confused by them.

Yes indeed chrome scan the file downloaded , but with a unknown encrypted packed malware (or any other FUD one) it provides little help.
 
Last edited by a moderator:
  • Like
Reactions: trhd03twth and Amiga500
Davidov

Davidov

Level 10
Thread author
Verified
Well-known
Sep 9, 2012
470
Huracan said:
Chrome does have light-sandboxing, but in my opinion, from a users' perspective, it's non-comparable. So Sandboxie can provide that extra layer of protection, and with any web browser.

Also, if you're logged into Chrome with Google, any changes made to your browser will be synced.

What edition of Avast are you running, Free or Paid?
Click to expand...
I have avast paid for 3 years
 
Davidov

Davidov

Level 10
Thread author
Verified
Well-known
Sep 9, 2012
470
Umbra said:
Yes chrome is restriction-based for me, while Sandboxie is virtualization for me, and when we talk about sandbox , Sbie is almost always the reference.

I always try to be simple because many members here have basic knowledge and just need orientation or simple explanations.

In fact people get deceived by the term "sandbox" used by every vendors because it is hype at the moment.

In fact there is so many terms like "isolation", "sandboxing", "virtualization", use in every way possible to fit the market that people, even me, can be confused by them.

Yes indeed chrome scan the file downloaded , but with a unknown encrypted packed malware (or any other FUD one) it provides little help.
Click to expand...

I'm concerned about the exploit that, when attacked Google Sandbox or Sandboxie is a well ??? It oto if you will break the sandbox chrome.
When surfing the Web.
 
Status
Not open for further replies.

Similar threads

cartaphilus
    • Like
Question Looking for non flammable version of an honest question: what makes sandboxie different from Comodo Sandbox?
Replies
14
Views
622
Comodo
rashmi
rashmi
Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
Google Delays Privacy Sandbox Rollout for Third Time
Replies
1
Views
457
Chrome & Chromium
Bot
Bot
cartaphilus
    • Like
Serious Discussion Can Comodo Sandbox container be installed just by itself without anyting else?
Replies
12
Views
858
Comodo
Jonny Quest
Jonny Quest

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top