Subscribe to our Best Free Browser Protection Utility
|
In a Hurry?
|
 Go straight to the Quick Selection Guide |
|
Introduction
|
|
There's a scumware plague at the moment. All it takes is a visit to one malware site or a "loaded" shareware install, and next minute your Internet Browser homepage has been changed, your default search setting altered, unwanted ads pop up on your screen, rogue software are nagging you to pay, your passwords have been stolen, and worse. Traditional antivirus and antispyware software are being overwhelmed by the rapidly increasing amount of virus, spyware and other malware. That's why a different approach to combatting these threats is necessary. Instead of technologies that are reacting to malware, we need proactive technology to protect our computers. These browser protection utilities can greatly increase your defences against drive-by downloads and vulnerabilities. I took a look at several applications that are vital in the fight against unwelcome and harmful intruders. |
|
Discussion
|
|
Usage is remarkably simple. To start a sandboxed browsing session, you just click the "Sandboxed Web Browser" icon on your desktop (or the Sandboxie icon from the Quick Launch tray) and this will launch your default browser in the sandbox. You can then use it in the normal way to browse to sites or download files. By default, files that are saved in the Desktop, My Documents or Favorites will have a prompt to ask you whether you want to save the file permanently. I suggest you add your default downloads folder to the Quick Recovery settings so files saved there will be automatically saved to your real hard disk, saving you the trouble of manually recovering files. The advantage is clear: any virus, trojan, worm, spyware, adware, keylogger or other malware that "infected" your PC while browsing will be eliminated. Sandboxie allows for in-depth configuration which increases security. For example, you can set it to block access to your personal files, or only allow certain programs to run or connect to the internet in a sandbox. A recent feature of Sandboxie also allows you to run sandboxed programs in a Limited User Account, similar to DropMyRights, for even greater security. This should also prevent most keyloggers from running. However, there are some downsides to this approach. Firstly, if you want to update your browser addons/widgets, you'll need to open an un-sandboxed browser and do it from there. This also applies to bookmarks but you can configure Sandboxie to automatically retain those. Secondly, Sandboxie is not designed to detect or disable keyloggers. You can get around this (mostly) by always empty your sandbox before you log in to important sites (such as sites involving financial transactions). Thirdly, some people find the nag screen inconvenient, which appears for five seconds before a sandboxed application opens. Sandboxie works fine with all browsers and most software applications, including e-mail clients (though this requires special configuration), instant messaging clients, Bittorrent clients and games. However, it won't work with system software (software which installs a system driver).
1. Can read but cannot modify trusted resources. Known applications also have preconfigured rules so those applications can run properly. In effect, files which you download will not be able to access critical areas on your computer, similar to a Limited User Account. So any malware which you inadverdently download cannot execute and damage your computer. GesWall also allows for detailed customization where you can configure the restrictions of untrusted applications. A user at Wilders Security Forum has some interesting configuration tips for Internet Explorer 8. Just like Sandboxie, updating applications is a problem and you need to open an un-isolated browser. The good news however is that updating addons/widgets and bookmarks are no problem in GesWall. GesWall also does not fully track files which are saved, which means if you move an untrusted file to another partition, GesWall will not be restricting the new file. This is not a problem with computer that have one partition. Also, when I browsed to some sites that require Javascript my browser would sometimes freeze, seemingly randomly. This was solved by opening GesWall and lowering the security level to low. My computer felt a bit more sluggish running GesWall compared to Sandboxie. Overall, GesWall provides excellent security, and is a worthy alternative to Sandboxie. A Limited User Account is an alternate method to protecting your computer. It provides very secure system-wide security, though it is admittedly not very usable if you regularly install new software. SuRun is a very useful application to allow you to run certain applications with Administrator privileges. There is a tutorial on how to use SuRun. A Limited User Account doesn't protect against user-mode malware, but you can implement Software Restriction Policies to block those attacks. DropMyRights and SetSafer allows you to set certain applications to run under a Limited User Account, though you need to manually create the shortcuts. Online Armor Personal Firewall's RunSafer is another option which I really like. It is very easy to use; you just select a program and click "Run Safer" and the program will now run with with restricted priviledges. Tall Emu has an explanation and video on how to use RunSafer.
Returnil provides a different type of protection compared to Sandboxie or GesWall. It is an excellent solution for those who have limited uses of their computer, for example for users who just browse the web. Also, if you have a separate partition for your data then Returnil is particularly useful because you don't have to worry about losing data which you just saved. Returnil can also be used in conjunction with Sandboxie or GesWall. Like all security software, you should have a backup of your hard drive and all your files before you install one of these applications. Please help us by rating this review |
|
Have Your Say
|
|
Please visit our freeware forum to share and discuss your views and get advice on free security software, including antivirus software. There's also a poll where you can vote and discuss your browser protection utility. To post in the forum you need to register first but that's quick and immediate. |
|
|||||||||||||||||||||
|
|||||||||||||||||||||
|
|||||||||||||||||||||
3.38 
Private Freeware (not free for commercial use) 
2000 - Vista
This category is maintained by volunteer editor JonathanT. Registered site visitors can contact JonathanT by clicking here.
|
Tags
|
|
sandbox, browser security, browser protection |
Delicious
Digg
StumbleUpon
Please rate this article
It should be mentioned, that Sandboxie is not provided for WIN x64 Systems.
please guys send configuration settings to my box for my PC and Nokia3230
does anyone know the command line for ccleaner to delete contents of sandboxie? looked at both website forums for the answer, none of the command lines they show work. thanks.
Assuming you the sandbox is your DefaultBox and it is located on your C drive, then the command line is: C:\Sandbox\(user name)\DefaultBox\*.*
Here are the steps I follow:
1. Be sure the applicable sandbox is not checked to have it’s contents automatically deleted
2. CCleaner settings
• Be sure CCleaner has secure deletion setting
• Options >> Include >> Add Folder (Specific paths to sandboxes I want to be deleted on command)
• Options >> Settings >> Add “Run CCleaner” option to Recycle Bin context menu
3. When I end a sandbox session
• Right click Recycle Bin
• Select “Run CCleaner”
• Note the folder name remains under C:\Sandbox, but it’s empty
is there a way to use ccleaner to secure delete automatically when closing browser the way sdelete and eraser can? thanks.
No. However, assuming you have CCleaner configured to secure delete the contents of your sandbox (see preceding posts), you can also set CCleaner to automatically perform its cleaning on computer startup (CCleaner > Options > Settings > Run CCleaner when the computer starts).
thanks for your help. i really appreciate it.
You're welcome :)
Hello !
What do you think about Artificial Dynamics's sandbox : "SafeSpace Personal Edition" (freeware for non corporate use)?
http://www.artificialdynamics.com/content/products/register-personal.asp...
@+
It looked great, like Sannboxie for the average user. Unfortunately it is no longer being actively developed by it's producers, and is thus difficult to recommend.
Sandboxie 3.38 is out!
http://www.sandboxie.com/index.php?DownloadSandboxie
http://www.sandboxie.com/index.php?VersionChanges#v_3_38
I have been using Reternil it's briliant. I am able to install and use programes, and should there be a problem I just shut down and restart, everything back to normal. I did use the paid version of Sanboxie however it did not protect my system, only programes that were Sanboxed and unfortunatly there are programes that will not run in a sandboxed enviroment, no such problem with Returnil. Returnil is a great programe and I now use the paid version, gliches,spyware, viruses all gone on shutdown.
Now that 64 bit OS is becoming the norm on desktops, I need an alternative to Sandboxie. I'm looking at Disk Write Copy but the version that lets you save any changes is $80. Sandboxie was great in that you could save your downloads outside the sandbox. If everything is reversed on reboot, you can surf safely but the reason to do so is mostly gone, iow finding software and trying it.
What are 64 bit OS users doing instead of Sandboxie these days?
I took another look at Disk Write Copy site. Last release was September 24, 2008. There's a forum on the web page, but they make it tough to register, and I think I saw 2 posts that weren't by the sysop. Looks dead, or at least sufficiently comatose that I don't want to send them $30 to see what happens.
Still wondering what 64 bit Windows users are supposed to do short of booting a 32 bit OS to surf the web?
Hi mr. Anonymous :)
We really are not in a coma.
Just from last September, we are preparing a new release Disk Write Copy 2.x. It will appear and will contain many new things.
Our English-speaking forum really low volume of users, but they more than a thousand Russian-speaking. What is the problem? Register and ask us questions. We always reply:) This is absolutely free. And by the way, any distribution is highly competitive, our free 30-day period. You can test everything that you want.
I wish you a nice time guys.
As BTW i want to say that any distributives you could download from our official site and use for free 30-day period full-functionally
thanks
Maybe you could consider running under a Limited User Account?
Check out this one here:
http://www.shadowdefender.com/index.html - it seems to work similarly to Disk Write Copy and it costs much less to license. I don't know whether it has a 64 bit version though.
It seems from their website it does not support 64 bit, and it's shareware.
Yes, it is shareware. Since Disk Write Copy is shareware also, I just pointed you out to it 'cause you looked prone to pay for a less costy similar product...
You must not be listening... This site is based on the best freeware and freeware is not shareware... If you have questions that aren't related to freeware you can contact the page editor by registering as a user on this page...
You could just use a Limited User Account. There's also a program called HauteSecure that works on 64 bit, but I don't really know how effective it is, and development for it seems to have stopped.
isn't geswall now 64bit? would that suit?
GesWall isn't compatible with 64 bit.
Ok. I thought it would be by now since they had said in their 2.6 beta release that their next release would be 64 bit compatible!
Saw now in Geswall forum re 64 bit support due 2009 'It is delayed until the fourth quarter. The supported systems include Windows Vista SP1 and further.
64-bit Windows XP and Windows 2003 would not be supported.'
I have a feeling the same thing stopping Sandboxie from supporting 64 bit is what's making it tough for these other virtualization, or redirection, or shadow, or whatever you want to call them, system protection schemes. Maybe one of those guys who hacked Vista so you could put themes on it will hack the kernel so you can use Sandboxie? (Yeah, like that would happen!) :)
#13 question. can you run earthlink mailbox in sandboxie? answer=yes. open sanboxie -default box- sandbox settings- resource access- file access- direct access. click add, find where your earthlink mailbox is located, click MAILCLNT then ok. click apply. then click file MAILSVR then ok click apply. if you are using unregistered version you will have to right click and select "run sandboxed" on mailbox shortcut. if you use CIS WITH DEFENSE+ a ton of pop-ups will occur.
i messed up. most of what i said was true but i left out somethings. click sandbox settings, resource access, file access, direct access, use "add pgm" button navigate to and select email program. then click "add" button and use browse for folder window to locate mailbox data files. should be MAILCLNT press ok. then go back and find MAILSVR click ok. i think that should do it.
Is Geswall not a HIPS (or an OS rather than browser specific sandbox)? This category is a bit confusing.. Surly programs like WOT and SpywareBlaster should get be here?
Personally I define this category as any software which prevents malware by restricting/virtualising the system, browser or other applications.
The HIPS category is more of software which analyses behaviours of processes, you can read the review here:
http://www.techsupportalert.com/best-free-hips.htm
WOT and SpywareBlaster are mentioned here:
http://www.techsupportalert.com/content/best-internet-safety-check.htm
What's lighter on resources, sandboxie or geswall?
Sandboxie for sure, but they do different things. Geswall is aimed at system wide protection, where as Sanboxie takes a "you choose what to run sandboxed approach".. which for the vast majority of people is there web browser.
You should try it on your own computer to find out. On my system Sandboxie seems fractionally lighter.
Thanks
I would like to see a review for ShadowDefender, available from http://www.shadowdefender.com
Thanks!
FYI, there's a lively debate over on Gizmo's freeware forum about whether paid sware like this should also be getting a look in on the site (http://www.techsupportalert.com/freeware-forum/showthread.php?t=631&high...). Feel free to have your say.
Oh OK. Well ShadowDefender is similar to Returnil but you can virtualise all drives and partitions not just the system partition. But it doesn't have tools such as anti-executable and driver protection that Returnil has.
There's a very informative thread on Wilders about "light virtulisation" software.
http://www.wilderssecurity.com/showthread.php?t=230459&
Hi,
I am looking for a way to make my browser (SRWare Iron) with sandboxie free the default browser. Iron is already set as the default browser, and I can run it sandboxed using the run web browser sandboxed shortcut. Can I make that sandboxed browser default for the whole OS? I have tried a few instructions to change the ini file, or add some entries, but it doesn't work all that well. Maybe I am doing it wrong, I am not sure. What happens now is that Iron will run sandboxed if I launch it within Sandboxie/shortcut but if another program launches the default browser, the windows that open are not sandboxed, and I would like them to open within the sandbox.
Thanks in advance.
Do you mean you want Iron to be sandboxed every time it is opened? That feature is only available in the shareware version.
http://www.sandboxie.com/index.php?RegisterSandboxie
"Enables the Forced Programs and Forced Folders features;"
http://www.sandboxie.com/index.php?ProgramStartSettings#program
Yes, that is what I meant :). There is an option to enable forced folders and files using the .ini file in the link you gave above. Is that too part of the paid version? Meaning changing settings in the ini file for the free version will not work? Thanks.
can you run earthlink mailbox in sandboxie?
no!
Under the Restrictions section of the Sandbox Settings, Sandboxie allows me to restrict which programs have internet access, restrict which programs have start/run access, and drop my administrator rights. Are any of these options worth having? What would be the positives and negatives to having any of these enabled?
They are provide greater security. But if you like to try many new applications in a sandbox for example, restricting start/run access or lowering rights probably isn't a good idea. If you just use Sandboxie for browsing or e-mail, then implementing at least the start/run access and/or lowering rights is a good choice.
Sandboxie is an interesting tool for any serious Internet user. Although it requires some time to understand the basic functionality of Sandboxie for average user, but the benefits are worth the efforts.
Silki
http://webtoolsandtips.com/pc-security/safe-internet-browsing-with-sandb...
Returnil Personal 2.0.1.9002 is out! It includes file protection, anti-execute and autorun tools, Disk Cache privacy wipe and more.
how about GesWall http://www.gentlesecurity.com/desktop.html;
is this up for mention/review?
I will probably add GesWall soon.
how does geswall compare with sandboxie?