Latest changes
Apr 1, 2020
Daily driver
My primary device
Operating system
Windows 10 Enterprise
OS version
1809
System type
64-bit operating system; x64-based processor
Security updates
Automatically allow security and feature updates
Windows UAC
Default - Notify me only when programs try to make changes to my computer
Firewall protection
Custom - Provided by a third-party security vendor
Account privileges
Administrator account
Account type
Sign in with local account
Account log-in
  1. Account Password
Exposure to malware
No malware samples are downloaded
Real-time Malware protection
Not sure, default Windows.
RTP configuration
Not sure what this is
Periodic scanners
Malwarebytes Antimalware
Browser and Add-ons
HTTPS Everywhere
uBlock Origin
New Tab Override
Search by Image
Tags for Youtube
Clear URLS
Privacy tools and VPN
HTTPS Everywhere
Clear URLS
uBlock Origin
Password manager
none
Search engine
google
Maintenance tools
None
Photos and Files backup
None
File Backup schedule
No data backups
Backup and Restore
None
Backup schedule
No system backups
Computer Activity
  1. Playing computer games
  2. Online banking
  3. Browsing the web and checking emails
  4. Streaming movies, TV shows and music from the Internet
  5. Downloading files from different websites
  6. Recording and editing video or photos
Computer Specifications
CPU: 3950x
GPU: 1660 Super
RAM: 32GB Tridentz Neo
Storage: 970 Evo Plus + 2TB Crucial MX500
PSU: Corsair RM750x
Your changelog
-Disabled WebRTC
-Installed Bitdefender TrafficLight for Firefox

Vitali Ortzi

Level 20
Verified
BTW for better CPU management look at processes lasso .
And you don't really need a dedicated sandbox for the browser
Since Firefox can be hardened pretty aggressively with flags and containers .
 
Last edited:

Vitali Ortzi

Level 20
Verified
Any ideas to improve this ? Is there something like Tinywall but for sandbox? I want to isolate Firefox so im protected from javascript and other exploits but without being too overkill (like resorting to an VM)

Do I need anything else? What I do is gaming, video and audio production, and I do my taxes and business stuff here too so that is why I wanted some extra security from whatever standard Windows anti virus stuff it comes.

I like Tinywall because it blocks everything by default and you manually allow things, that is why I added it, it gives me a peace of mind knowing everything is blocked unless I allow it. noScript has the same philosophy for the browser its just too annoying to go page by page doing it that is why I wanted some sandbox. Ideally free.

I also downloaded malwarebytes, but the free version, so I just run full scans monthly or so just in case. That's about it. Im not sure if Windows has realtime protection similar to malwarebytes does.

The SO is LTSC Windows 10 Enterprise so it only has the basic security updates, not the cluttered "new epic features" that I dont like.

I've uncluttered everything I could find in Window's settings in the privacy tab, disabled everything, telemetry related, allowing webcam, mic, allow remote desktop etc.. all I could find is disabled.

I don't have a set plan of backing up, I back up randomly when I remember to backup.

I also need to learn how to use a non Admin account by default. I can't change it so I assume i need to create a separate account.

Btw: Should I enable this?



It comes "off" by default, im not sure if I enabled or disabled it. Im just not sure with Windows 10. When I enable something, im not sure if this also means "send your files to Microsoft to develop a database of threats" or something.
If you want an AV good.
best for low false positives and good protection is Kaspersky cloud free .

Other good av is SEP unmanaged
Wich is very strong but has a lot of false positives.
Unlimited Giveaway - Symantec Endpoint Unmanaged without time limit

But best for security would be H_C with Configure Defender
But this option has most false positives ratio.
 
  • Like
Reactions: Protomartyr

inzane

New Member
Those specs are insane is this PC used for editing ?
LTSC was a really smart choice 👍.
Oh and I would recommend trying out Comodo firewall (cruel settings) since it's a really nice whitelisting based auto sandbox with a nice firewall built in .
hopefully what you were looking for :) .

Yeah. video and music editing and some gaming.

Im looking for some Comodo HIPS alternative. Is there such a thing? I would like that when I click on an exe, it tells me what it is trying to modify. But last time I installed Comodo it was a mess, it froze, it didn't work, I even had to go to a previous state to uninstall it because it refuse to fully uninstall.
 

inzane

New Member
Emsisoft Browser Security, Bitdefender Trafficlight or Malwarebytes Browser Guard

Emsisoft Browser Security hasn't been updated since 2018.. Malwarebytes one asked me for an email to enable it, so I ended up installing Bitdefender one, hope its good.

I also installed Sandboxie but im confused by it. When I download something, it only shows up in the Sandboxie window, so I assume this file is isolated, But I don't know how to completely delete this sandboxed file. Only options are:

"Run Sandboxed"
"Recover to Same Folder"
"Recover to Any Folder"
"Cut"
"Create Desktop Shortcut"

Also, the colors on Firefox are changed. The upper window is not black, its white so its too distracting. It also has the distracting yellow outline on the window, its too annoying to use.
 

oldschool

Level 56
Verified
Emsisoft Browser Security hasn't been updated since 2018

Use whatever extension you like but at least understand how this extension works. BTW, 2018 was the first introduction of their extension. Emsisoft approaches web filtering a bit differently than most others as you can see here:

Emsisoft Browser Security is a browser extension that blocks websites that distribute malware and phishing attacks.

Most browser extensions that are designed to block access to harmful websites work by sending the visited website to a cloud server, where it’s verified by matching the URL against a database of known malicious sites. The issue is that the creators of these extensions can potentially see and track all of your online web browsing activity.

We designed Emsisoft Browser Security with privacy in mind. Instead of sending full URLs to the cloud, our extension only sends hash checksums of the components of the domain name. If all hashes are found in the database, the cloud returns detailed matching patterns for known malicious URLs on that domain. At no point does the Emsisoft cloud know where any of these patterns will match or not, as the matching is only done by the extension on the user’s side. Therefore, it’s impossible for us (even if we wanted to) to create profiles of our users."

Stay safe, not paranoid, my friend! :)

Finally, Emsisoft is one of the most trusted names in the security industry. Again, use what you prefer but make your decision based on good info. You may read the entire article here @ "Your" data is your data.
 
Last edited:

plat1098

Level 22
Verified
When I download something, it only shows up in the Sandboxie window, so I assume this file is isolated, But I don't know how to completely delete this sandboxed file. Only options are:

Usually, a download in Sandboxie will give you a message saying the d/l is eligible for immediate recovery--meaning, you can pick it up in your unsandboxed Downloads folder. If you want that sandboxed file in your Downloads, tick "Recover to same folder." If you want to delete it, go to your System tray, right click on the yellow SBIE icon, hover mouse over "Default box" and delete the sandbox contents by choosing that in the context menu. If you want to examine the contents of your sandbox, look in C:\Sandbox\Your User Name.
 

inzane

New Member
Use whatever extension you like but at least understand how this extension works. BTW, 2018 was the first introduction of their extension. Emsisoft approaches web filtering a bit differently than most others as you can see here:

Emsisoft Browser Security is a browser extension that blocks websites that distribute malware and phishing attacks.

Most browser extensions that are designed to block access to harmful websites work by sending the visited website to a cloud server, where it’s verified by matching the URL against a database of known malicious sites. The issue is that the creators of these extensions can potentially see and track all of your online web browsing activity.

We designed Emsisoft Browser Security with privacy in mind. Instead of sending full URLs to the cloud, our extension only sends hash checksums of the components of the domain name. If all hashes are found in the database, the cloud returns detailed matching patterns for known malicious URLs on that domain. At no point does the Emsisoft cloud know where any of these patterns will match or not, as the matching is only done by the extension on the user’s side. Therefore, it’s impossible for us (even if we wanted to) to create profiles of our users."

Stay safe, not paranoid, my friend! :)

Finally, Emsisoft is one of the most trusted names in the security industry. Again, use what you prefer but make your decision. You may read the entire article here @ "Your" data is your data.


Thanks for input. Something weird I noticed is that Tinywall executable gets too big 1235MB... what's going on? Is there a memory leak? I've updated it a couple of times and it didn't get fixed with the new versions. I really like Tinywall but this is ridiculous, it's supposed to be lightweight. Should I give Simplewall a try? is this the most similar one? I just like the peace of mind that Tinywall gives me, knowing that everything is blocked by default.

Usually, a download in Sandboxie will give you a message saying the d/l is eligible for immediate recovery--meaning, you can pick it up in your unsandboxed Downloads folder. If you want that sandboxed file in your Downloads, tick "Recover to same folder." If you want to delete it, go to your System tray, right click on the yellow SBIE icon, hover mouse over "Default box" and delete the sandbox contents by choosing that in the context menu. If you want to examine the contents of your sandbox, look in C:\Sandbox\Your User Name.

How can I add a custom folder that automatically allows for downloads? For instance C:\Minecraft\mods, I download a lot of mods in that folder so I would like to put them there automatically and not download a mod in the Downloads folder then manually move it to the mods folder each time.
 
Last edited:

plat1098

Level 22
Verified
Not enough info, I'm afraid. You want to download a mod from your sandboxed browser to your unsandboxed mods folder, correct? How is your browser configured, do you have it set as the Default box? Open Sandboxie Control window (right-click yellow icon in your System tray and click Show Window). Click the Sandbox tab at the top. Find your browser Sandbox in the menu, make sure it's highlighted and click "Quick Recovery" in the menu. Then click "Add" to add your Minecraft mods folder. If this doesn't work or throws an error message, let one know. @bjm_ ?

Otherwise, you'll just have to continue adding to your mods folder outside the Box manually.
 

ultim

Level 2
Something weird I noticed is that Tinywall executable gets too big 1235MB... what's going on? Is there a memory leak?
As promised, TinyWall 3.0.5 is now released. If you're still interested, would you mind trying it again? It'd be nice to know if this really fixes your issue as I expect, or if maybe you were experiencing something else. [Official download]
 
Top