Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Nikilet on December 12, 2010, 09:13:52 PM
-
I was just reading one of my newsletters which is recommending the program BufferZone Pro as their freeware pick of the week. In reading through the explanation, it sounds to me like this program does the same thing Sandbox in Avast does. But I just don't understand because as I understand things, why would anyone want to open their browser and not use the Sandbox feature? Is there some advantage to NOT using Sandbox when you open your browser? Or should it just automatically be on?
I've been puzzling over this ever since I installed Avast IS 5 and haven't really gotten any answers that are satisfying me yet. This sounds like a really good feature, but it doesn't do a lot of good if I don't understand how to use it. I'd really appreciate some help in understanding this feature. And could someone tell me, is it the same as BufferZone Pro?
-
Is there some advantage to NOT using Sandbox when you open your browser?
all functions of your browser may not work when you run it in avast! sandbox.....i have not played so much with this feature yet so can say what...if any
almost a year old
http://www.youtube.com/watch?v=Sr8bIii1G7U
-
Whilst this is meant to isolate your browser from the rest of the system, most people then want to be able to allow it to download/save files/bookmarks, etc. to certain areas, this in effect removes some of that isolation and could well be opening the system up to potential attack.
For many running a browser in a sandbox is adding another level of complexity and uses more system resources as you have to be running another application to handle it.
Personally I have never felt that it is necessary, I have got by without it without any virus issues until now so I don't see it as a panacea to resolve all your problems. I thought about using something like sandboxie for a long time and that is as far as it ever got, I downloaded it and never bothered trying it.
I prefer opting for pro-active measures rather than introduce a sandbox, I always run all internet facing applications, browser, email clients, etc. using DropMyRights this restricts the browsers right to that of a limited user (only works up to XP). This limits the potential for damage should you ever did get hit.
I ensure my browser is fully up to date, I run firefox with some security add-ons, NoScript and ReguestPolicy, these block all scripts and cross site scripting unless permission is given.
Then I obviously have avast's Web/Network Shields and the File System Shield.
Then as the final fall back - I have a robust back-up and recovery strategy (hard disk imaging software), should I ever experience a system problem, no matter what the reason. So I feel relatively secure without introducing sandboxing.
-
BufferZone Pro seems a little more robust than Avast! sandbox, from what is to be read on their site. (not surprising for a stand-alone application)
Some things seem interesting, like the snapshot feature. Other seem to be unneeded redundancy.
(Lock your personal files [in a confidential folder] inside a trusted environment? But I can lock/hide/zip/encrypt/pass-protect a folder if I choose, so.....why?)
why would anyone want to open their browser and not use the Sandbox feature? Is there some advantage to NOT using Sandbox when you open your browser? Or should it just automatically be on?
Well, there is the nagging problem of plugins sometimes not loading with the browser sandboxed on 64bit. In my experience, updating anything should be done outside the sandbox (admittedly, I have not tried in some time, maybe it would go better now). I only sandbox browser for questionable or unknown sites. Do I give up some security to do this? Yes, as any legitimate site can be hacked. This is simply a matter of personal preference for me. I am only willing to shave so many tenths and hundredths off my odds of infection before I start to feel a little silly.
The more I use it and compare it to a full VM (virtual machine), I lean toward a full VM as both easier to use and safer (but you need a spare OS to load in the VM.) That being said, the Avast! sandbox protected me well once against a rouge AV, so I can say for sure it worked well in one real life scenario, and I was grateful to have it.
And as DavidR said, few things (if any) beat a good backup strategy.
-
Thank ALL of you for your answers. The subject has become somewhat clarified for me ... I think.
When logging into my banking or credit card account, would it then provide extra protection if I'd open my browser virtualized?
-
Any protection you can muster for online financial transactions is good protection. I try to avoid banking online for anything but emergencies, but if a transaction was needed, I would certainly want the sandbox running if it is there to use.
-
Thank you GarGamel360
-
Sure, I can't just leech info around here, good to give something back sometimes. ;)
If you regularly online bank, consider these guys for added protection also>>http://www.trusteer.com/ (http://www.trusteer.com/)
-
Thank ALL of you for your answers. The subject has become somewhat clarified for me ... I think.
When logging into my banking or credit card account, would it then provide extra protection if I'd open my browser virtualized?
You're welcome.
For on-line banking/credit card accounts, one of the major things isn't to get caught by some phishing attempts with emails trying to tell you that they believe someone has attempted to use your account, etc. etc. and that for safety, etc. etc. they have locked it. To unlock it visit the link and log-on confirming your details to unlock the account.
Never visit your bank using links in emails, web pages, etc. only use your own saved bookmark or type the URL in yourself.
Many browsers have anti-phishing functions so they can prevent something saying it is your bank, yet is in fact a look alike site.
Other than the above I believe my pro-active measures are fine for me. I don't really know if sandboxing your browser would actually prevent any phishing attempts that I mention above, just that it may prevent your system getting infected, but entering your account details in a bogus site would have that data harvested and a sandbox as far as I'm aware won't change that.
-
and if you do lots of google search and then click a link that is malicious, it should protect you......
-
and if you do lots of google search and then click a link that is malicious, it should protect you......
Yeah, if I remember right, that is how I ran into the rouge AV the sandbox protected me from.
-
Pro-active measure are also likely to have helped prevent the download, firefox with NoScript, etc.
-
DavidR - I do have Firefox with NoScript, but had never seen the RequestPolicy before. I have installed it. Now is this something that will just run in the background when I have my browser open or do I have to so something to enable?
-
Pro-active measure are also likely to have helped prevent the download, firefox with NoScript, etc.
Yeah, that incident was the impetus behind me trying NoScript......no incidents since.....although, due to its pro-active nature, I have no way of knowing if it has protected me or not......somehow that is just fine to me. ;)
-
This is a summary of the posts.
To repeat what DavidR said, the sandbox will not prevent you from being hacked due to a phishing attach, since you are connecting to the fake site and giving them your information, but you probably already know that. I think this subject is just about finished. To sum up what everyone else has already said in one neat package:
Sandboxing put yet another small layer of protection between your system and rogue web sites, not as powerful as a full VM (virtual Machine), but helpful in the event you happen upon an infected site. Thx Gargamel360
Some functions may not work well in the sandbox (trial and error will inform you of this). Thx Pondus & Gargamel360
There are other tools out there and settings in your browser that can help you in a proactive way to prevent infection: (browser is fully up to date, I run firefox with some security add-ons, NoScript and ReguestPolicy, DropMyRights, BufferZonePro, www.trusteer.com etc.) Thx DavidR & Gargamel360
Your security policy should include a faithful backup and recovery plan that you verify regularly. Thx DavidR
-
Ah, you are of course welcome....I just noticed your email is showing public, you may want to hide it to avoid spam harvesting.
Up above click on Profile>>ForumProfileInfo>>Check "hide email from public"
-
Under Account Related Settings, I have it checked to NOT show my email address so what's going on?
-
DavidR - I do have Firefox with NoScript, but had never seen the RequestPolicy before. I have installed it. Now is this something that will just run in the background when I have my browser open or do I have to so something to enable?
The RequestPolicy is very like NoScript (the add-on is running), in that it doesn't allow any cross site contact (the site you are on connecting to another site via a script). So you have to allow sites to do this in the same way you have to allow them with NoScript. However, this for many is a step too far as it is more intrusive as sites often have multiple scripting connections to other sites.
For me I don't find that much hassle, but at times it can take time to select what sites you want to allow as this requires an amount of knowledge about what sites to allow and want to leave blocked.
-
Thanks DavidR. I don't mind an extra step or two for safety's sake so I'll try it for a while.
What I'm concerned about right now is my email showing public, and wondering if it's always been that way. I sure didn't mean for it to be and as I said, I do have the box checked to not make my email public. Please help me get this reversed altho it's probably a bit late now. >:(
-
Under Account Related Settings, I have it checked to NOT show my email address so what's going on?
I think Gargamel360 was responding to the post directly before his (on the previous page), not yours, e.g. Salty_Walty but he has now taken care of that aspect.
-
I think Gargamel360 was responding to the post directly before his (on the previous page), not yours, e.g. Salty_Walty but he has now taken care of that aspect.
Correct, sorry for any confusion.
-
Thanks DavidR. I don't mind an extra step or two for safety's sake so I'll try it for a while.
What I'm concerned about right now is my email showing public, and wondering if it's always been that way. I sure didn't mean for it to be and as I said, I do have the box checked to not make my email public. Please help me get this reversed altho it's probably a bit late now. >:(
You're welcome.
Your email isn't showing, only you and moderators can see it. See my last post as I don't believe the comment was directed at you.
Edit: now confirmed Gargamel360, always a problem when the topic take a new page and you aren't aware that it is about to do that, 15 posts (OP +14) per page).
-
That clears things up so thanks all. Signing out now.