Sandbox

[sdalgl72]

Hi all,

As you can gather I am new to avast and currently trialling the Internet Security product to decide if I want and was wondering how many of you run your browser in the sandbox all the time or not?

[Gargamel360]

When I first got it, I did.  But that was just my chronic NTS (New Toy Syndrome) in action.
I'm down to about 50% of the time now. 
New features in the current beta/next regular release, and 5.1 when it comes, might put me back to browsing virtualized full-time.

[Rednose]

Hi sdalgl72

Yes, I sandbox my browser(s) all the time, except bookmarks, history and cookies. The ( current ) sandbox is very basic, but in Avast 5.1 there will be support for multiple sandboxes, a secure desktop and more

Greetz, Red.

[sdalgl72]

Thats cool as I haven't got anything to download at the moment can you tell me what happens when you download something from the net while running in sandbox.  Also if I decide I don't need AIS am I right in thinking the Pro Version has the sandbox feature.

[Rednose]

The sandbox has a setting "Automatically detect default locations for saved/downloaded files and save files to these locations outside the sandbox".

About Avast Pro, yes it has the sandbox, but I don't think it is an interesting option because the licence is just for one pc. But AIS is a licence for 3 pc's, and if you don't want the firewall and/or the anti-spam simply don't install them

Greetz, Red.

[YoKenny]

Thats cool as I haven't got anything to download at the moment can you tell me what happens when you download something from the net while running in sandbox.  Also if I decide I don't need AIS am I right in thinking the Pro Version has the sandbox feature.

The Pro version does have the sandbox:
http://www.avast.com/comparison-chart#tab3

[DavidR]

I have never felt the need to sandbox any of my browsers, Firefox (default) or IE8 (only used once in a blue moon) and the same for other browsers which I have tried periodically.

I run all internet facing applications, Browsers and email clients, etc. under restricted rights, using DropMyRights. This however is only available under winXP. By running using a limited user account would achieve the same thing (but not as flexible).

If you encounter malware whilst logged on as a user with administrator privileges the malware inherits those same privileges, which allows it virtually free reign to do as it wishes. Running using a limited user account or running your browser, etc. under DropMyRights greatly limits the potential damage by any malware that gets through your defences.

I also believe in having a robust backup and recovery strategy, so should you experience a problem (doesn't have to be virus related) you can employ that strategy to recovery from the problem. I use drive imaging software that exactly copies a partition/drive, etc. and run it weekly.

If I have a problem that is likely to take longer than 30 minutes to resolve, I restore my last backup image, which takes less than that time. I then restore any backed up volatile data files (downloaded files, .doc, .xls, emails, etc.) which I backup at least once a day. So no real loss at all and it means not having to employ another application to sandbox my browsers.

[jadinolf]

I am running AIS in Sandbox all the time.

Not aware of any problems.

[sdalgl72]

Cool I might consider upgrading then permanently.  However I have just had a thought if you download a virus or a fake av by mistake and the signatures don't catch it if its outside the sandbox won't it install fine?  I know its a silly example but its the best I could think of.

[DavidR]

Which is where my advice about running your browser in a limiter user account or dropping its rights and finally having a plan, a robust backup and recovery strategy comes in. Nothing is ever going to give 100% protection.

This strategy will stand you in good stead for any sort of problem not just virus infection.