Advice Request Is sandboxie safe enough for malicious site video streaming

[Zorro]

Sorry for lacking knowledge.
What is Tails and how do you use it to track and see if any infections?

Tails, formerly known as Incognito Live CD / USB, only supports live boot from media and provides users with an ideal environment to surf the Internet anonymously. The system is based on the Debian GNU / Linux distribution and uses Tor technologies. When using Tails, all data transmitted during the session is encrypted and anonymized using the Tor network, no traces of activity remain on the host computer unless you configure Tails otherwise. The system uses modern open source cryptographic technologies to encrypt all session data, including e-mail messages, instant messaging client communications, and personal files. However, you wrote that you want to use Windows 10. Then you just have to use a virtual machine, as the users advised in the comments above.

 

[Kingdiamond]

@Kingdiamond

When you want to use a virtualized browser the easy way: buy Windows Pro license for a few bucks and enable Edge Application Guard

Microsoft Edge and Microsoft Defender Application Guard

Microsoft Edge support for Microsoft Defender Application Guard

docs.microsoft.com

Thanks for sharing
That will be more secured than browsing with sandboxie,?

 

[Kingdiamond]

I definitely suggest you to use a VM, e.g., VirtualBox, instead.
Sandboxie is better than nothing in regards to protection but unsafe to use for malware contact on a regular basis, which is what seems to be the case here.

The reasons are described in papers like these:

https://bromiumlabs.files.wordpress.com/2013/07/application_sandboxes_a_pen_tester_s_perspective2.pdf

https://paper.bobylive.com/Meeting_Papers/BlackHat/Europe-2013/bh-eu-13-thes-sandbox-wojtczuk-slides.pdf

I am not aware what new features were implemented since these papers were published, but the most interesting takeaway of that: The weaknesses it has are by design of that technology. They cannot just be eradicated.
--> see first paper: "Type A sandboxes by design, are vulnerable to a relatively large attack surface."
Sandboxie is a type A sandbox.

If we use a user password with restrictions, can the kernel malware still exploit the kernel?

 

[Itachi Sempai]

does anyone know good sandboxie guide?

 

[struppigel]

If we use a user password with restrictions, can the kernel malware still exploit the kernel?

That makes it less likely. Which operating system are we talking about?

 

[Hormoz]

Have there been any audits or tests?

 

[OTTO]

Dont trust sandboxie.
Before sandboxie was sold, i was testing sandboxie with malicious websites and malwares. One time, i visited a malicious website and sandboxie crashed immeditiately and virus got out to somewhere in system32. Bitdefender immediately took care of it and i was surprised. I opened a topic in sandboxie forum and moderators said the virus was running in sandboxie, it is normal bla bla. They didnt accept it. But they later knowledgable people and users in that forum also supported me and said to moderators the virus indeed broke out sandboxie. I sent the malicious link to moderator and after that, they didnt say a thing
You know what? I believe when they tested it themselves, irus broke out of sandboxie with their case too

Also detection place shown in bitdefender menu was out of sandboxie. It wasnt C:sandboxie/....
It was C:/windowssystem32

And this happened just by cgoing to that website.

When it comes to testing malware, dont ever trust sandboxie or shadow defender or deep freeze softwares.
With sandboxie and shadow defender, your passwords etc can still be stolen by malware. Besides malware can spread to network and other computers through network or shared folders.
Testing malware without virtualbox or vmware is plain stupid.