[Review] Sandboxie

D

Deleted member 178

Thread author
Sandboxie

Homepage

What is Sandboxie?

Sandboxie (aka Sbie) is an application sandbox software.

Sandbox softwares' purposes is to run your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer (as shown on the image below), that gives to your system an increased security since everything that happen in the sandbox are not redirected to your real system.

wpVYa.gif


Code:
The red arrows indicate changes flowing from a running program into your computer. The box labeled Hard disk (no sandbox) shows changes by a program running normally. The box labeled Hard disk (with sandbox) shows changes by a program running under Sandboxie. The animation illustrates that Sandboxie is able to intercept the changes and isolate them within a sandbox, depicted as a yellow rectangle. It also illustrates that grouping the changes together makes it easy to delete all of them at once.

Benefits of the Isolated Sandbox:

- Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially. 

- Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don't leak into Windows. 

-Secure E-mail: Viruses and other malicious software that might be hiding in your email can't break out of the sandbox and can't infect your real system. 

- Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox.

Now that you have understand its function, let's go for a tour:

1- Sandboxie Control

The main interface of Sandboxie, where all the options and features are available; you can access it via the yellow tray icon.

Fubk5.jpg


by clicking show window

IqL33.jpg

As you can see, i have 2 sandboxes, one active the other inactive (the free version allows only one active sandbox at a time where the paid version allows many active sandboxes simultaneously)

- BankingBox: i create this one with some options for banking purposes
- Default Box: the default one (active).

2- Running an Application Sandboxed

As explained earlier the purpose of Sandboxie is to run any of your applications sandboxed so they can't modify your system and files.
I will use Firefox (aka FF) to describe its functionality.

For ease of use, Sbie create automatically an icon called "Run Web Browser Sandboxed " that will sandbox automatically your default browser.
Let's do it:

OYkzm.jpg

You can see in the picture above , my Firefox is Sandboxed, it is indicated by a green border around Firefox. (you can choose another color)

At same time, if you open the "Sandboxie Control" window, you will see the various active processes ran sandboxed, Firefox is present (with the page i opened in it. The picture below is the "Program View"
The screenshot shows that more programs are running, SandboxieRpcss.exe and SandboxieDcomLaunch.exe. These support programs are part of Sandboxie. If they are needed, they will be automatically started, without any explicit action on your part.

CTjkA.jpg

Alternately by clicking "View" > "Files and Folders", you will see the changes made in your system; this view allows you to track every modified files, very practical to see the behavior of the sandboxed program, for example if you open an audio player and it start to change your Hosts file , you can guess that something is wrong...

S3R2J.jpg

Also, when Sandboxie is actively running programs in any of the sandboxes, the Sandboxie yellow tray icon (at the corner of the screen) displays red dots.

3- Recovering items

You know that every changes are isolated (so non-present in your real system), this also includes downloaded items, so you will ask me : "so how i do if i want keep the downloaded file?"

Luckily for you, Sbie has a features that allows you to recover the files changed/downloaded.

Quick/Immediate Recovery

By default, Sbie had set some locations as eligible for "Immediate and Quick Recovery", it means that any modified files located in those locations will be automatically recovered.

to show you the feature, i downloaded Comodo Dragon, and at the end of the Download , this windows automatically opens.

GpX2N.jpg

You can see in the upper window , the virtual location of the file, i have then the option to recover it in that folder or to another one.
By choosing "recover" , the files will appears in my real system, if not it will remains sandboxed.

Manual Recovery

Sometimes some files are modified/created outside the locations eligible for "Immediate Recovery", it is now the job of the "Quick/Immediate Recovery" function.

i will show you how it is by downloading Comodo Dragon again but this time outside my eligible folders.

nJlPD.jpg

As you can see, Dragon is located on my "D:" drive.


4- Terminate the application & Deleting the sandbox

When you are done with the sandboxed software and you have recovered all the needed files, you can terminate the application and delete the sandbox contents via the tray icon.

bYqAc.jpg


in the case some files are still present inside the sandbox, this windows appears:

ZNe2D.jpg

You can then recover or delete the contents as you wish.



Final Notes

Now you surely realized the huge security potential of Sandboxie, this program is a must have if you are a bit concerned by securing your system.

I rate it 5/5.

Sandboxie has many tweaking options that may fit your particular needs, they are too numerous to be explained here, but you can for example set Sbie to protect you from keyloggers.
The paid version allows you to force your browser to be runned sandboxed, so your kids will not infect/bloat your system by downloading dozen of toolbars and games ;)

i hope this review helped you to understand what is Sandboxie.

Thank you for reading.

Umbra Corp.
 

Moose

Level 22
Jun 14, 2011
2,271
Will SandBoxie work on Windows 8 X64 O.S.?
Or is SandBoxie limited in it functions?

Like Below:
Sandboxie version 3.74 fully supports Windows 8.

Windows 8 might warn that Sandboxie v3 is not compatible with Windows 8. This warning applies to versions of Sandboxie before 3.72. When using Sandboxie version 3.74 or later, you can safely disregard this warning message from Windows 8.

Note that Sandboxie offers limited protection in 64-bit Windows 8 compared to earlier 64-bit versions of Windows. In particular, the Experimental Protection feature cannot be enabled and is not available as part of Sandboxie on Windows 8.

Hopefully, a future version of Sandboxie might be able to rectify this shortcoming in protection measures on 64-bit Windows 8.
 
  • Like
Reactions: Behold Eck

Ramblin

Level 3
May 14, 2011
1,014
Moose said:
Will SandBoxie work on Windows 8 X64 O.S.?
Or is SandBoxie limited in it functions?

Sandboxie does work now as it is in W8 64bits is just that Experimental protection is not available in version 3.76. Next stable version wont need EP on 64 bit W8 computers for SBIE to be as strong as it is in 32bit machines. So, be happy.

http://www.sandboxie.com/index.php?ExperimentalProtection

Read the first post of this thread.

http://www.sandboxie.com/phpbb/viewtopic.php?t=14454

Bo
 

Ramblin

Level 3
May 14, 2011
1,014
Umbra, wrote.

"The Bad :


- Free version is limited in features."

Well, there has to be a difference between the paid and the free versions. Otherwise, most people wouldn't pay for it and development would come to an end. That is something that we don't want, right?

Anyway, the features that people get when they purchase a license are not features that are taken out of the free version. Those are features that are added to make SBIE more automatic as less thinking is required to get programs and files to run sandboxed. The good thing is that the protection that people get in the free and paid version is exactly the same. None that has to do with protecting the system is taken out of the free version. In my opinion, Tzuk is a very generous man offering a free version with the quality of protection that it gives.

Bo
 

Moose

Level 22
Jun 14, 2011
2,271
I have 4 laptops and will 2 SandBoxie lic's key cover all 4 laptops? My reason for getting the 2 lic's keys is that
that my browser with be protected. Adding another layer of security.
 

softwareFREEk

Level 1
Verified
Dec 27, 2012
621
wow now this is what I call a well thought out and written software review..
WELL DONE Umbra Corp.!! :goodpost:
you have set a new benchmark for software reviews :)
 
  • Like
Reactions: Behold Eck

Ramblin

Level 3
May 14, 2011
1,014
Moose said:
I have 4 laptops and will 2 SandBoxie lic's key cover all 4 laptops? My reason for getting the 2 lic's keys is that
that my browser with be protected. Adding another layer of security.

Moose, one license covers all four laptops. You can use your license in all computers that you own.

To sandbox your browser, you don't need the paid version but it is good to get one because the registered version allows you to create and use multiple sandboxes at the same time. That way you can use separate sandboxes for different programs at the same time, doing so sandboxing/isolation works better.

Sandboxing the browser is just a small portion of how SBIE can be used.

Bo
 
  • Like
Reactions: Behold Eck

Ramblin

Level 3
May 14, 2011
1,014
Diurpaneus said:
How good is compared to sandbox from CIS v6?

Diurpaneus, Sandboxie was released for the first time in June 2004. It is a mature program unlike Comodos sandbox which at this time is still a baby.

I have never tried the Comodo sandbox but I recommend you use it if you are using Comodo and if you are not using Comodo, then install Sandboxie and try it. I recommend you use one or the other but not both.

My experience using SBIE has been delightful. I use it every time I get in the internet and every time I open a program or file. By doing so, I am making sure that infections are gone when I delete the sandbox and my system remains intact. People that use SBIE properly, don't get infected.

If I was you, I would read and learn about Sandboxie. You are lucky to have discover the program but is up to you to make the wise decision of using it.

Bo
 
  • Like
Reactions: Behold Eck

Diurpaneus

New Member
Verified
Jan 30, 2013
57
bo.elam said:
Diurpaneus said:
How good is compared to sandbox from CIS v6?

Diurpaneus, Sandboxie was released for the first time in June 2004. It is a mature program unlike Comodos sandbox which at this time is still a baby.

I have never tried the Comodo sandbox but I recommend you use it if you are using Comodo and if you are not using Comodo, then install Sandboxie and try it. I recommend you use one or the other but not both.

My experience using SBIE has been delightful. I use it every time I get in the internet and every time I open a program or file. By doing so, I am making sure that infections are gone when I delete the sandbox and my system remains intact. People that use SBIE properly, don't get infected.

If I was you, I would read and learn about Sandboxie. You are lucky to have discover the program but is up to you to make the wise decision of using it.

Bo

Thanks for suggestion.
 

Ramblin

Level 3
May 14, 2011
1,014
Diurpaneus said:
Thanks for suggestion.

You are welcome.

Watch this video, Part 1 and Part 2. I post the video all the time because the guy that made it explains real well how it is when you use Sandboxie even though he was a little clumsy using the program, he was not familiar with it. What you hear is more important than what you see and is right on the money.

Great video

http://www.youtube.com/watch?v=GueXMq-Vyi8

Bo
 

Diurpaneus

New Member
Verified
Jan 30, 2013
57
bo.elam said:
Diurpaneus said:
Thanks for suggestion.

You are welcome.

Watch this video, Part 1 and Part 2. I post the video all the time because the guy that made it explains real well how it is when you use Sandboxie even though he was a little clumsy using the program, he was not familiar with it. What you hear is more important than what you see and is right on the money.

Great video

http://www.youtube.com/watch?v=GueXMq-Vyi8

Bo
Great video, new stuff learned,but i wonder if i set the CIS to fully virtualized it have a chance to compete with sandboxie?
 

Ramblin

Level 3
May 14, 2011
1,014
Diurpaneus said:
Great video, new stuff learned,but i wonder if i set the CIS to fully virtualized it have a chance to compete with sandboxie?

In all honesty, in my mind, based on my personal experience, nothing competes with Sandboxie. Let me put it to you this way: I would not trade my SBIE for any combination of paid programs. None.

In addition to maturity, Sandboxie also has an edge over Comodos sandbox because of configurability. There are so many things that you can do with Sandboxie that it would take me hours to write a post describing what they are in full detail.

It is probabe that in a few years Comodos sandbox will be to par with SBIE but for now, no (IMO). But if you are using Comodo and it sounds to me like you are, start using their sandbox. Eventually it will develop into something really nice.

Sandboxing in general works better than antiviruses or other technologies, it is smart to use it.

Bo
 
  • Like
Reactions: Moose

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top