SG Broadband Community

I've been a loyal follower of Steve Gibson of GRC for many years and enjoy listening to him and Leo Laporte discuss security issues on Twitter/Security Now Podcasts.

Sandboxing has become all the rage because it's super light on resources. So instead of running VMWare or some other virtualization app to contain malware to that session, you can do it all with Sandboxie. I don't want to sound like I'm selling the software but after having used it for some time now....I have to say that it's just incredible.

http://www.sandboxie.com/


Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.








The red arrows indicate changes flowing from a running program into your computer. The box labeled Hard disk (no sandbox) shows changes by a program running normally. The box labeled Hard disk (with sandbox) shows changes by a program running under Sandboxie. The animation illustrates that Sandboxie is able to intercept the changes and isolate them within a sandbox, depicted as a yellow rectangle. It also illustrates that grouping the changes together makes it easy to delete all of them at once.

Benefits of the Isolated Sandbox

* Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.

* Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don't leak into Windows.

* Secure E-mail: Viruses and other malicious software that might be hiding in your email can't break out of the sandbox and can't infect your real system.

* Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox.


Memory usage for the sandboxie control panel is 1.2 MB...that's it.

Its a great program, I keep waiting to see a headline saying MS has bought Sandboxie. I don't really want them to, but it would make business sense I think.

UOD wrote:Sandboxing has become all the rage because it's super light on resources. So instead of running VMWare or some other virtualization app to contain malware to that session, you can do it all with Sandboxie.

Looks very interesting. However I would offer a bit of a clarification.

Comparing Sandboxie to VMware is somewhat misleading. VMware is a full on virtualtization, IE you can run a Linux system within your Windows install and vice versa, vs Sandboxie which is much more comparable to what's known as a chroot jail.

It's nice to see that this concept has been moved to Win32 thou. More security options are always good.

YoshiMon wrote:Looks very interesting. However I would offer a bit of a clarification.

Comparing Sandboxie to VMware is somewhat misleading. VMware is a full on virtualtization, IE you can run a Linux system within your Windows install and vice versa, vs Sandboxie which is much more comparable to what's known as a chroot jail.

It's nice to see that this concept has been moved to Win32 thou. More security options are always good.

I agree. My goal is to show the resource benefits to sandboxing over virtualization. With any of the virtualization apps, you usually have to own a copy of the OS and you have to have the available RAM/hardware to run it.

Of course, virtualization offers a plethora of benefits over sandboxing.

I wonder how long it will take to get more portability with both.

YoshiMon wrote:
Comparing Sandboxie to VMware is somewhat misleading. VMware is a full on virtualtization, IE you can run a Linux system within your Windows install and vice versa, vs Sandboxie which is much more comparable to what's known as a chroot jail..

I think what he was talking about..was "resources". VMWare virtualizes the entire OS, so you can run multiple OS's on the same physical hardware...either within another host OS such as VMWare for Windows, or....multiple OSs directly and equally sharing the hardware as such with their full product...ESXi. Lots of running OS's need honking hardware..thus resource is a concern.

Sandboxie sort of virtualizes the apps that you box up. Could almost say it's like the quarantine of an antivirus...stuff put in there cannot touch and damage the OS. Because you're just running the applications..there isn't really a performance hit with resources.....you're just running the apps in a "padded room"...sort of speak. Some people have mixed results with the performance of some apps though, depends on a lot of different factors and what's on their machine. I've heard people say their Firefox..with lots of add-ons/extensions...took quite a bit longer to run in SB. I didn't notice it when I tried it a while ago, but I only run about 2-3 extentions in FF.

Def a good setup for a hardcore "adult website" surfer.

Er, YeOldeStonecat you might want to look up what a chroot jail is. I personally know exactly what everything here is doing.

YoshiMon wrote:Er, YeOldeStonecat you might want to look up what a chroot jail is. I personally know exactly what everything here is doing.

I'm quite familiar with it,

Matter of fact...if you lookup the definition of it, you'll find as part of the description... "A chroot environment can be used to create and host a separate virtualized copy"
http://en.wikipedia.org/wiki/Chroot

Hence, your ability to virtualize programs with Sandboxie, versus virtualize an OS such as with VMWare.

When you step back and look at it....basically the same concept. One does it on the entire OS scale, the other on the program level.

So, back to UODs original point of system resources of VMWare versus Sandboxie....it's good, no misleading.