Running browser sandboxed

[Prayag]

What exact benefits will I get if i run my browser sandboxed?
Also,what effect does it has on security extensions like Avira browser safety which would already be installed in the browser?
Finally,what effect will it has on the web filtering engine of an av?

 

[Hector1]

What an av do that a sandbox don't in term of protection? XD

 

[ravi prakash saini]

sandbox is the separation between the browser and the system. it will not stop you visiting malicious or phishing site .it will stop the malware to interact with your system through browser.

 

[AtlBo]

What exact benefits will I get if i run my browser sandboxed?
Also,what effect does it has on security extensions like Avira browser safety which would already be installed in the browser?
Finally,what effect will it has on the web filtering engine of an av?

No affect on extensions or web filtering that I have noticed. One thing to note. You might want to consider adding your extensions, bookmarks, and settings changes to your browser outside the sandbox before creating the actual box. Then start over from a clean sandbox. The reason is that if you ever have to dump the sandbox, the browser will revert to the state it was in when the sandbox was created (all the extensions additions will be dumped too). Then again modern browsers can update your bookmarks and settings and even restore tabs (Chrome FF). Won't do it for extensions tho I don't think

The benefit is that any malware that bypasses the browser (via any vulnerability a hacker might discover for the browser) can at the most make changes in the sandbox. Any changes it attempts to make outside are blocked and contained. Sandboxes don't allow executables to run that aren't directly related to the actual boxed program (or at least there will be an alert), so it's a good form of protection. Extensions are considered part of the browser, so this is why they aren't affected. Even they can't change files outside a sandbox tho.

What an av do that a sandbox don't in term of protection? XD

Sandboxing is something you choose to do with a single app. These are mostly apps that allow or use internet connections. An av gives you system-wide security protection. Should always have an av running.

 

[ravi prakash saini]

@AtlBo thanks for explaining in one go

 

[212eta]

Well, my Firefox x64 has always loved Sandboxie.

 

[Deleted member 178]

1-What exact benefits will I get if i run my browser sandboxed?
2- Also,what effect does it has on security extensions like Avira browser safety which would already be installed in the browser?
3- Finally,what effect will it has on the web filtering engine of an av?

1- anything run inside a sandbox is restricted (restricted integrity level aka low-box token) and won't (normally) reach and affect the system.
however some won't protect you from data stealing if the keylogger is launched from inside the sandbox and ais not prevented to reach internet (this can be determined in the sandbox options)
2- nothing unless the extension interact with the system itself.
Note that if you use the sync feature of your browser, the addons will be updated inside the sandbox
3- Normally none. AVs scan files , the sandbox is like a folder locked from inside.

 

[Prayag]

1- anything run inside a sandbox is restricted (restricted integrity level aka low-box token) and won't (normally) reach and affect the system.
however some won't protect you from data stealing if the keylogger is launched from inside the sandbox and ais not prevented to reach internet (this can be determined in the sandbox options)
2- nothing unless the extension interact with the system itself.
Note that if you use the sync feature of your browser, the addons will be updated inside the sandbox
3- Normally none. AVs scan files , the sandbox is like a folder locked from inside.

thanks for such an explained reply.