I use Sandboxie on chrome or not ???

  • yes

    Votes: 12 42.9%
  • NO

    Votes: 16 57.1%
  • Total voters
    28
Status
Not open for further replies.

Davidov

Level 10
It needs to put chrome in the sandbox or not ?? Chrome has its own sandbox.Chrome sandbox is the most secure as Sandboxie, etc.

AVAST support told me he does not use the sandbox to Chrome because Chrome sandbox contains (I do not believe chrome sandbox)?
 
Last edited:
L

LabZero

Chrome sandbox contributes to security by restricting access only permitted to some plug-ins but It doesn't virtualize the entire browser.
Sandboxie instead run the browser in full virtual mode.
So Sandboxie is necessary.
 
Last edited by a moderator:

Amiga500

Level 12
Verified
Strange thread.
Just to clear a few misconceptions.:
Chrome utilises the mandatory access controls on a specific operating system.For example on windows it will use SEHOP,ASLR.DEP.
However on a linux system which i use and have chrome installed it is far more impressive,using :
  • Seccomp BPF,
  • Namespace sandboxing.
  • Network sandboxing.
  • YAMA enforcing.
  • Seccomp BPF with TSYNC.
On linux chrome is stronger than windows.
Explaining Chrome's Linux Sandbox - InsanityBit

More detailed explanation in link.:)
 

Spawn

Administrator
Verified
Staff member
Chrome does have light-sandboxing, but in my opinion, from a users' perspective, it's non-comparable. So Sandboxie can provide that extra layer of protection, and with any web browser.

Also, if you're logged into Chrome with Google, any changes made to your browser will be synced.

What edition of Avast are you running, Free or Paid?
 

FleischmannTV

Level 7
Verified
Trusted
If you are easily fooled into downloading and running executables on your own (social engineering), then yes, running Chrome in Sandboxie might be beneficial. Against exploits it's definitely unnecessary in my opinion. The chromium sandbox paired with MBAE or HMP.Alert will not only provide a more robust but also much more user friendly protection. Then again, most infections still occur by users downloading and executing the stuff on their own.

From what i recall, Chrome sandboxes only some plugins (java, flash, etc...) run in it, not malwares. Chrome sandbox is not a real sandbox since you can access everything you download outside it.
Not true. Please educate yourself on how the chromium sandbox works. Frankly I am quite surprised you don't know this stuff.
 
D

Deleted member 178

Not true. Please educate yourself on how the chromium sandbox works. Frankly I am quite surprised you don't know this stuff.
1- i think you didnt get what i meant. I wanted to explain briefly that exe you download via chrome arent sandboxed unlike Sbie. and if you run that exe and it is a malware, you are done.

2- i know how chrome works , using windows mechanisms, protected mode, etc...etc...etc... i just dont want go in details.

We are not at Wilders here, where experts argue about every small details that only them understand, while the majority of the audience is lost :D

I try to explain the difference between common use of Sbie and Chrome , that is what the OP asked.

You download an exe in Sbie , you run it, it is still sandboxed. That was my point , and why the OP dhould use Sbie with Chrome.

Thanks :D

Btw, i even ran MBAE in Chrome in Sbie without any issues, so the OP should not worry.
 
Last edited by a moderator:

Amiga500

Level 12
Verified
1- i think you didnt get what i meant. I wanted to explain briefly that exe you download via chrome arent sandboxed unlike Sbie. and if you run that exe and it is a malware, you are done.

2- i know how chrome works , using windows mechanisms, protected mode, etc...etc...etc... i just dont want go in details.

We are not at Wilders here, where experts argue about every small details that only them understand, while the majority of the audience is lost :D

I try to explain the difference between common use of Sbie and Chrome , that is what the OP asked.

You download an exe in Sbie , you run it, it is still sandboxed. That was my point , and why the OP dhould use Sbie with Chrome.

Thanks :D

Btw, i even ran MBAE in Chrome in Sbie without any issues, so the OP should not worry.
Chrome has file download scanning protection so any malware will be detected upon download.However i think that people are mixing up the terms sandboxing and virtualisation.
Indeed chrome is not a virtualisation program although i believe the v8 javascript engine is virtual although not certain of this.
Basically its pure adjectives you are being confused by..;)
I think in an ideal world google should of used the term restrictive policies or something to that effect.
 
D

Deleted member 178

Yes chrome is restriction-based for me, while Sandboxie is virtualization for me, and when we talk about sandbox , Sbie is almost always the reference.

I always try to be simple because many members here have basic knowledge and just need orientation or simple explanations.

In fact people get deceived by the term "sandbox" used by every vendors because it is hype at the moment.

In fact there is so many terms like "isolation", "sandboxing", "virtualization", use in every way possible to fit the market that people, even me, can be confused by them.

Yes indeed chrome scan the file downloaded , but with a unknown encrypted packed malware (or any other FUD one) it provides little help.
 
Last edited by a moderator:

Davidov

Level 10
Chrome does have light-sandboxing, but in my opinion, from a users' perspective, it's non-comparable. So Sandboxie can provide that extra layer of protection, and with any web browser.

Also, if you're logged into Chrome with Google, any changes made to your browser will be synced.

What edition of Avast are you running, Free or Paid?
I have avast paid for 3 years
 

Davidov

Level 10
Yes chrome is restriction-based for me, while Sandboxie is virtualization for me, and when we talk about sandbox , Sbie is almost always the reference.

I always try to be simple because many members here have basic knowledge and just need orientation or simple explanations.

In fact people get deceived by the term "sandbox" used by every vendors because it is hype at the moment.

In fact there is so many terms like "isolation", "sandboxing", "virtualization", use in every way possible to fit the market that people, even me, can be confused by them.

Yes indeed chrome scan the file downloaded , but with a unknown encrypted packed malware (or any other FUD one) it provides little help.
I'm concerned about the exploit that, when attacked Google Sandbox or Sandboxie is a well ??? It oto if you will break the sandbox chrome.
When surfing the Web.
 
Status
Not open for further replies.
Top