Author Topic: Anyone out there who cares to help me understand Sandbox???  (Read 6074 times)

0 Members and 1 Guest are viewing this topic.

Offline Nikilet

  • Sr. Member
  • ****
  • Posts: 379
Anyone out there who cares to help me understand Sandbox???
« on: December 12, 2010, 09:13:52 PM »
I was just reading one of my newsletters which is recommending the program BufferZone Pro as their freeware pick of the week. In reading through the explanation, it sounds to me like this program does the same thing Sandbox in Avast does. But I just don't understand because as I understand things, why would anyone want to open their browser and not use the Sandbox feature? Is there some advantage to NOT using Sandbox when you open your browser? Or should it just automatically be on?

I've been puzzling over this ever since I installed Avast IS 5 and haven't really gotten any answers that are satisfying me yet. This sounds like a really good feature, but it doesn't do a lot of good if I don't understand how to use it. I'd really appreciate some help in understanding this feature. And could someone tell me, is it the same as BufferZone Pro?
Vista Home Premium SP2 - 32 Bit / 4GB RAM / IE9 / Firefox / Pale Moon / Google Chrome 26/ Avast Internet Security 8 / WinPatrol Plus / Malwarebytes Pro / SUPERAntispyware Pro / CCleaner / Zappit / Diskeeper 2009 / SpywareBlaster / LastPass / KeyScrambler Pro

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37105
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #1 on: December 12, 2010, 09:27:07 PM »
Quote
Is there some advantage to NOT using Sandbox when you open your browser?
all functions of your browser may not work when you run it in avast! sandbox.....i have not played so much with this feature yet so can say what...if any


almost a year old
http://www.youtube.com/watch?v=Sr8bIii1G7U
« Last Edit: December 12, 2010, 09:29:33 PM by Pondus »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85745
  • No support PMs thanks
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #2 on: December 12, 2010, 09:39:06 PM »
Whilst this is meant to isolate your browser from the rest of the system, most people then want to be able to allow it to download/save files/bookmarks, etc. to certain areas, this in effect removes some of that isolation and could well be opening the system up to potential attack.

For many running a browser in a sandbox is adding another level of complexity and uses more system resources as you have to be running another application to handle it.

Personally I have never felt that it is necessary, I have got by without it without any virus issues until now so I don't see it as a panacea to resolve all your problems. I thought about using something like sandboxie for a long time and that is as far as it ever got, I downloaded it and never bothered trying it.

I prefer opting for pro-active measures rather than introduce a sandbox, I always run all internet facing applications, browser, email clients, etc. using DropMyRights this restricts the browsers right to that of a limited user (only works up to XP). This limits the potential for damage should you ever did get hit.

I ensure my browser is fully up to date, I run firefox with some security add-ons, NoScript and ReguestPolicy, these block all scripts and cross site scripting unless permission is given.

Then I obviously have avast's Web/Network Shields and the File System Shield.

Then as the final fall back - I have a robust back-up and recovery strategy (hard disk imaging software), should I ever experience a system problem, no matter what the reason. So I feel relatively secure without introducing sandboxing.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.693) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Gargamel360

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2346
  • Memento Mori
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #3 on: December 12, 2010, 09:59:02 PM »
BufferZone Pro seems a little more robust than Avast! sandbox, from what is to be read on their site.  (not surprising for a stand-alone application)    

Some things seem interesting, like the snapshot feature.  Other seem to be unneeded redundancy.
(Lock your personal files [in a confidential folder] inside  a trusted environment? But I can lock/hide/zip/encrypt/pass-protect a folder if I choose, so.....why?)

why would anyone want to open their browser and not use the Sandbox feature? Is there some advantage to NOT using Sandbox when you open your browser? Or should it just automatically be on?
Well, there is the nagging problem of plugins sometimes not loading with the browser sandboxed on 64bit.  In my experience, updating anything should be done outside the sandbox (admittedly, I have not tried in some time, maybe it would go better now).  I only sandbox browser for questionable or unknown sites.  Do I give up some security to do this?  Yes, as any legitimate site can be hacked.  This is simply a matter of personal preference for me. I am only willing to shave so many tenths and hundredths off my odds of infection before I start to feel a little silly.

The more I use it and compare it to a full VM (virtual machine), I lean toward a full VM as both easier to use and safer (but you need a spare OS to load in the VM.)  That being said, the Avast! sandbox protected me well once against a rouge AV, so I can say for sure it worked well in one real life scenario, and I was grateful to have it.

And as DavidR said, few things (if any) beat a good backup strategy.



Signature?  But I gots no pen....

Offline Nikilet

  • Sr. Member
  • ****
  • Posts: 379
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #4 on: December 12, 2010, 10:18:30 PM »
Thank ALL of you for your answers. The subject has become somewhat clarified for me ... I think.

When logging into my banking or credit card account, would it then provide extra protection if I'd open my browser virtualized?
Vista Home Premium SP2 - 32 Bit / 4GB RAM / IE9 / Firefox / Pale Moon / Google Chrome 26/ Avast Internet Security 8 / WinPatrol Plus / Malwarebytes Pro / SUPERAntispyware Pro / CCleaner / Zappit / Diskeeper 2009 / SpywareBlaster / LastPass / KeyScrambler Pro

Offline Gargamel360

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2346
  • Memento Mori
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #5 on: December 12, 2010, 10:33:44 PM »
Any protection you can muster for online financial transactions is good protection.  I try to avoid banking online for anything but emergencies, but if a transaction was needed, I would certainly want the sandbox running if it is there to use.
Signature?  But I gots no pen....

Offline Nikilet

  • Sr. Member
  • ****
  • Posts: 379
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #6 on: December 12, 2010, 11:12:28 PM »
Thank you GarGamel360
Vista Home Premium SP2 - 32 Bit / 4GB RAM / IE9 / Firefox / Pale Moon / Google Chrome 26/ Avast Internet Security 8 / WinPatrol Plus / Malwarebytes Pro / SUPERAntispyware Pro / CCleaner / Zappit / Diskeeper 2009 / SpywareBlaster / LastPass / KeyScrambler Pro

Offline Gargamel360

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2346
  • Memento Mori
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #7 on: December 12, 2010, 11:25:15 PM »
Sure, I can't just leech info around here, good to give something back sometimes.  ;)

If you regularly online bank, consider these guys for added protection also>>http://www.trusteer.com/
Signature?  But I gots no pen....

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85745
  • No support PMs thanks
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #8 on: December 12, 2010, 11:35:48 PM »
Thank ALL of you for your answers. The subject has become somewhat clarified for me ... I think.

When logging into my banking or credit card account, would it then provide extra protection if I'd open my browser virtualized?

You're welcome.

For on-line banking/credit card accounts, one of the major things isn't to get caught by some phishing attempts with emails trying to tell you that they believe someone has attempted to use your account, etc. etc. and that for safety, etc. etc. they have locked it. To unlock it visit the link and log-on confirming your details to unlock the account.

Never visit your bank using links in emails, web pages, etc. only use your own saved bookmark or type the URL in yourself.

Many browsers have anti-phishing functions so they can prevent something saying it is your bank, yet is in fact a look alike site.

Other than the above I believe my pro-active measures are fine for me. I don't really know if sandboxing your browser would actually prevent any phishing attempts that I mention above, just that it may prevent your system getting infected, but entering your account details in a bogus site would have that data harvested and a sandbox as far as I'm aware won't change that.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.693) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37105
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #9 on: December 12, 2010, 11:40:13 PM »
and if you do lots of google search and then click a link that is malicious, it should protect you......

Offline Gargamel360

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2346
  • Memento Mori
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #10 on: December 12, 2010, 11:51:48 PM »
and if you do lots of google search and then click a link that is malicious, it should protect you......

Yeah, if I remember right, that is how I ran into the rouge AV the sandbox protected me from. 
Signature?  But I gots no pen....

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85745
  • No support PMs thanks
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #11 on: December 12, 2010, 11:56:05 PM »
Pro-active measure are also likely to have helped prevent the download, firefox with NoScript, etc.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.693) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Nikilet

  • Sr. Member
  • ****
  • Posts: 379
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #12 on: December 13, 2010, 12:04:02 AM »
DavidR - I do have Firefox with NoScript, but had never seen the RequestPolicy before. I have installed it. Now is this something that will just run in the background when I have my browser open or do I have to so something to enable?
Vista Home Premium SP2 - 32 Bit / 4GB RAM / IE9 / Firefox / Pale Moon / Google Chrome 26/ Avast Internet Security 8 / WinPatrol Plus / Malwarebytes Pro / SUPERAntispyware Pro / CCleaner / Zappit / Diskeeper 2009 / SpywareBlaster / LastPass / KeyScrambler Pro

Offline Gargamel360

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2346
  • Memento Mori
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #13 on: December 13, 2010, 12:20:33 AM »
Pro-active measure are also likely to have helped prevent the download, firefox with NoScript, etc.

Yeah, that incident was the impetus behind me trying NoScript......no incidents since.....although, due to its pro-active nature, I have no way of knowing if it has protected me or not......somehow that is just fine to me.  ;)


Signature?  But I gots no pen....

Offline Salty_Walty

  • Newbie
  • *
  • Posts: 14
Re: Anyone out there who cares to help me understand Sandbox???
« Reply #14 on: December 13, 2010, 12:38:41 AM »
This is a summary of the posts.

To repeat what DavidR said, the sandbox will not prevent you from being hacked due to a phishing attach, since you are connecting to the fake site and giving them your information, but you probably already know that.  I think this subject is just about finished.  To sum up what everyone else has already said in one neat package:

Sandboxing put yet another small layer of protection between your system and rogue web sites, not as powerful as a full VM (virtual Machine), but helpful in the event you happen upon an infected site. Thx Gargamel360

Some functions may not work well in the sandbox (trial and error will inform you of this). Thx Pondus & Gargamel360

There are other tools out there and settings in your browser that can help you in a proactive way to prevent infection: (browser is fully up to date, I run firefox with some security add-ons, NoScript and ReguestPolicy, DropMyRights, BufferZonePro, www.trusteer.com etc.) Thx DavidR & Gargamel360

Your security policy should include a faithful backup and recovery plan that you verify regularly. Thx DavidR