ToolKit Item: Sandboxie by Guest Author Bo Elam
As far as I understand, SBIE will not stop the service worker exploits. The attacker will still get your IP, and he will still get your file path, albeit to the sandboxed location. But he will know your real user name, so the true path will be very easy to figure out.Yes, I mean flash player is phased out coming up in 2020. There goes a huge reason to use Sbie right there. OK so these "newfangled" Service Worker exploits are one thing, but wouldn't you consider Sbie a boon in case anything tries to slither out of the sandbox? Also, if you're severely limiting access to cookies, etc, isn't that inherently more secure? I want to justify its continued use, beyond the placebo effect.
I'm curious where Bo stated:Like I said, the old-style browser exploits he is talking about are gone. Unless you are using Internet Explorer and you are a high-value target.
@shmu26, you consider Chrome appcontainer better than SandboxieAs for things slithering out of my browser into the system, here's the rub: I use Chrome on Windows 10. That means Chrome runs in appcontainer. If I add SBIE, Chrome will no longer run in appcontainer. So all I did was give up one sandbox for another sandbox.
Bo's words: "I thought, “If I am going to use the internet, I am going to get infected and there’s nothing I can do about it.” The effect of using Sandboxie has been huge on the quality of my computing experience. After I became a Sandboxie user, infections went away completely. I haven’t had an infection since the day I became a Sandboxie user.I'm curious where Bo stated:
This question was debated to death on the other forum. The conclusion I came away with is that appcontainer isolates the browser at least as well as SBIE at default settings. But if you tweak the SBIE settings, you can get protections that appcontainer doesn't have.
Reads to my ear like the AV user writing "I have not been infected since running my favored AV".If I am going to use the internet, I am going to get infected and there’s nothing I can do about it. The effect of using Sandboxie has been huge on the quality of my computing experience. After I became a Sandboxie user, infections went away completely. I haven’t had an infection since the day I became a Sandboxie user.
I hear you and feel your comments re browsing are interesting n' enlightening,You can't get hit by malware during a browsing session unless your browser is exploited. And this just doesn't happen anymore. The worst thing that could happen is a drive-by download. But you need to manually run the downloaded file, it doesn't run by itself. And there are plenty of default/deny solutions these days that can protect you from the mistake of running a drive-by download. You don't need SBIE for that.
I can run Chrome in ReHIPS isolation, if I want --- then Chrome is still in appcontainer. That way, I gain security.
SBIE improves the security of Firefox, though. Not that you really need it.
I do like SBIE, but for apps that are commonly exploited, such as MS Office. It's good for that. Unfortunately, some people are still paranoid about browser exploits, even though attack by dinosaur is more likely.Bo wrote:
Reads to my ear like the AV user writing "I have not been infected since running my favored AV".
Reads to my ear like a loyal n' enthusiastic user expressing their personal experience.
Okay by my thinking.
I'll head scratch re:
Respectfully, don't like, don't need, don't trust, don't want ....don't run.
Regards w Repect
I've run browser sandbox's for so long that I feel naked sans Sandboxie.I do like SBIE, but for apps that are commonly exploited, such as MS Office. It's good for that. Unfortunately, some people are still paranoid about browser exploits, even though attack by dinosaur is more likely.
Okay, now I'm gathering understanding. ThanksThe article has a catchy title, but if you read a little bit, you come to the line: "The flaw allows attackers to hide exploits in weaponized Word documents "
This is where SBIE is really good. If you sandbox your Office apps, you will be protected from this kind of exploit. I very much admire SBIE for this. But I don't feel the need to protect my browser with it, because I feel like I am setting out traps for dinosaurs.
If you run a file downloaded in unsandboxed Chrome, and it is ransomware, your files will get encrypted. But that is not because of Chrome. It is because you ran the file.I had ransomware lock my pc while in chrome not long ago usual message machine locked files encrypted , luckily I was in Sandboxie , came out , rebooted ransomware gone . Im sure browser alone wouldnt have protected. Cruel Sister asserted that Sandboxie protects against ransomware and several internet tests show that to be true . Ill stick with sandboxie enough said.