Best Free Browser Protection Utility
There's a scumware plague at the moment. All it takes is a visit to a pushy web site or a "loaded" shareware install, and next minute your Internet Browser homepage has been changed, your default search setting altered, unwanted ads pop up on your screen, and worse.
I took a look at several applications that have proven to be vital in the fight against these unwelcome and possibly harmful intruders.
If you use Windows 2000 or later, my first recommendation for safe browsing is a free program called Sandboxie. It creates a special contained "sandbox" environment on your PC. While browsing within the virtual sandbox provided by Sandboxie, you are totally isolated from the vital portions of your PC, namely your operating system environment on your Harddrive and memory locations for you current OS session. So any files you download are isolated to the sandbox. Similarly, any programs that are executed only do so within the sandbox, and have no access to your normal files, the Windows operating system or any other part of your PC.
Usage is remarkably simple. To start a sandboxed browsing session, you just click the Sandboxie icon from the Quick Launch tray and this will launch your default browser in the sandbox. You can then use it in the normal way to browse to sites or download files, but be aware that the sound may be muted in that video file you're about to view.
If you download a file, it will install normally but, again, will be isolated from your real PC, because any new processes running in your computer memory or entries in the Windows startup areas will be sandboxed.
After you have finished browsing, you can right click the Sandboxie icon and delete all sandboxed files and processes, and your PC will be returned to much the same state it was in before the browsing session. You can also change configuration settings to automatically delete all contents when you close a sandbox. If you want to retain particular downloaded files, you can save them permanently before clearing the contents of the Sandbox.
The advantage is clear: any spyware, trojans, keyloggers or other malware products that "infected" your PC while browsing will be eliminated.
Sandboxie works fine with all browsers and most software applications but requires Windows 2000 and later. It can cause problems on some PC's so backup before installing. Some very useful configuration guidance can be found at HURST's Security Blog for Sandboxie!
SafeSpace is a similar program with a more visually appealing environment and extra configuration options. It does take up more system resources than Sandboxie but may be favored by more novice users. The nice graphical interface makes working with the application simple and straightforward. Overall SafeSpace is another great application tailored to beginning and intermediate users. SafeSpace does require .Net Framework 2.0 to be installed prior to installation. Unfortunatly, version 2.0.41 will be the last official version available. Artificial Dynamics, the developers of SafeSpace, has apparently been aquired by AppSense Ltd and has disbanded the development team. Limited support will still be available via the Artificial Dynamics support forums, and SafeSpace will continue to be hosted on Download.com – free for personal use.
If you would like to take your system protection even further, look no further than Returnil Virtual System. With Returnil you get a cloned version of your system partition to boot from and work in. If anything does happen to go wrong during your session, it's as easy as rebooting your system, and your whole operating system environment is back to where it was. Returnil provides a slightly different type of protection compared to the former applications reviewed. I don't know if I would need the level of protection of working in a cloned enviroment, but if the fear of losing or damaging your current system partition is a priority, Returnil should provide an excellent solution.
Website: http://www.sandboxie.com
Download link: http://www.sandboxie.com/index.php?DownloadSandboxie
Author: tzuk@sandboxie.com
Current version: 3.26
Version date: April 27, 2008
License: Free
Download File size: 373 KB
Operating Systems Supported: Windows 2000, XP, 2003, Vista, 64bit XP is supported)
Additional Software Required: None
64 Bit Capable: Yes-Only Windows XP 64bit version
Portable Version Available: No
Non-English languages supported: Polish, Chinese (Simplified), Japanese and Korean
Other relevant information: On 64-bit Windows XP, you must remove Windows Update KB932596 before installing Sandboxie.
Website: http://www.artificialdynamics.com
Download link: http://www.download.com/SafeSpace-Free-Edition/
Author: Various
Current version: 2.0.41
Version date:
License: Free
Download File size: 10.91 MB
Operating Systems Supported: Windows XP, Vista
Additional Software Required: .NET Framwork 2.0
64 Bit Capable: No
Portable Version Available: No
Non-English languages supported: No
Website: http://www.returnilvirtualsystem.com/
Download link: http://www.majorgeeks.com/Returnil_Virtual_System_Personal_Edition_d5702.html
Author: Unknown
Current version: 2.0.0.511
Version date: March 19,2008
License: Freeware
Download File size: 2.12 MB
Operating Systems Supported: 03/XP/Vista32
Additional Software Required: No
64 Bit Capable: No
Portable Version Available: No
Non-English languages supported: No
Delicious
Digg
Technorati
Hi
With Sandboxie, you can also configure it to block Internet Access (under Settings, Resource Access, Internet Access) to all programs except the ones you specify. This can help block keyloggers from sending out information before they are wiped out. However, I don't think it blocks keyoggers from manipulating the browser to send out it info. But if you add:
under GlobalSettings
ProcessGroup=,firefox.exe,Start.exe,SandboxieDcomLaunch.exe,SandboxieRpcSs.exe
in your sandbox
ClosedFilePath=!,*
ClosedIpcPath=!,*
I believe it provides very good protection against keyloggers in the sandbox.
But you should also add your data folders to be blocked, so Firefox itself also cannot access them. (Settings, Resource Access, File Access, Blocked Access)
Very nice addition! Thanks Again!
Hi
This is a privacy thing, but with Sandboxie you can configure it to shred the contents of the sandbox using something like Eraser.
http://www.sandboxie.com/index.php?SecureDeleteSandbox
Good Information JamesSmith, thanks for the lead!
Hi
Thanks!
Another option for privacy is using a Truecrypt container and setting the sandbox to save everything in there. Then after you're done just delete it and unmount the drive. Though this takes longer than shredding it.
Hi
I don't think HauteSecure has been mentioned. I think it's it's classified as a sandbox.
It seems to restrict which certain apps can do to your computer and has site ratings (like SiteAdvisor).
Thanks
Thanks for the information James, I was not aware of this one.
Thanks,
I always used Returnil. No worrys about scanning virus in disk all the time, can create a virtual partition to protect your private files... Sytem virtualization it's the protection of future
Hi
But it does not prevent data theft before reboots. And it still can be bypassed (I think the free version) by some malware.
Returnil, Sandboxie and all the others can be bypassed by malware which attack virtualization apps.
(Returnil free and premium have the same protection and developers say that version 2.1 will have protection against mentioned malware)
Hi
Yes, that's what I was saying.
I think Returnil Premium beta has an anti-executable function which should stop these malware. I don't think the free version has it though.
Hi
I saw this post by Wraithdu over at the Sandboxie forums: http://www.sandboxie.com/phpbb/viewtopic.php?p=20121#20121
It talks about configuration for anti-executable settings to block keyloggers, the main shortcoming of Sandboxie.
Here's what was said:
under GlobalSettings
ProcessGroup=,firefox.exe,Start.exe,SandboxieDcomLaunch.exe,SandboxieRpcSs.exe
in your sandbox
ClosedFilePath=!,*
ClosedIpcPath=!,*
How complicated! All you have to do is to open the sandboxie control> right-click firefox> program settings> select "this is the only program in this sandbox that can acess the internet".
Hi
I think it's slightly different? This is for internet connection and the other is for restricting file access. I'm not sure though.
"Another protection measure against a key-logger is to configure Sandboxie to deny access to the Internet for anything other than your Web browser, in an attempt to prevent the key-logger from sending out the recorded information. See the setting for "the only program that can access the Internet" in Program Settings.
Note two caveats:
* The Internet access feature is neither a replacement for a proper firewall, nor was it designed as a mechanism to counter or hinder key-loggers.
* Some key-loggers could possibly circumvent the Internet access restriction by hijacking the Web browser to be used as a vehicle through which to send out the recorded information. "
http://www.sandboxie.com/index.php?DetectingKeyLoggers#defend
For maximum protection, delete the sandbox after using. I'm not sure about those parameters of yours.
Hi
I know the internet blocking feature, but I thought those rules added extra protection?
Thanks
I'm not a sandboxie expert, maybe asking in their forum helps. And yes, they do say it adds extra protection.
Hi
I think that you can also add some recommended settings and configuration options for Sandboxie. For example, resource protection of your data and option to Always Delete Sandbox. Also, I saw a new blog which talks about security and Sandboxie's configuration: http://hurst-security-blog.blogspot.com/ .
Great idea! Thank for the information on configuration of Sandboxie, it has yet to fail me!
Hi
Maybe you can mention the option in Sandboxie's setting - "Automatically delete contents of Sandbox". Because then people don't have to click delete every time.
Someone,
I think it sort of mentions this in the article:
After you have finished browsing, you can right click the Sandboxie icon and delete all sandboxed files and processes
Maybe a rewrite would be more descriptive.
Thanks,
Some freeware i known:
paragon
easeus partition manager
http://www.brothersoft.com/easeus-partition-manager-51814.html
I appreciate the information. I think those applications would be better under a separate category. I would rather focus on Visualization type Sandboxes for individual programs such as browsers, for this category.
Thanks,
how about RETURNIL. I think this is a very good virtual protection program.
Hi
Sad news. The SafeSpace team has been disbanded and I'm guessing SafeSpace is discontinued.
See here: http://www.wilderssecurity.com/showthread.php?t=213792
Thanks for the information, Someone. Indeed it looks as if Version 2.0.41.0 will be the last version released. I think I will still keep SafeSpace posted for awhile as an option for the near future. I still use Sandboxie, which was been the most effective for me so far.
Thanks Again!
Hi
But maybe you should add it's discontinued so users will be aware of it.
It's really quite a shame, it had the potential to be the best.
Will do Someone, Thanks!
Hi Everybody!
I have to say how much I appreciate this site, Gizmo, & everybodys comments! Not only is site very informative but also a very interesting read, & I have to admit I always check here first for tech info & whats new & cool in software! Thankyou Gizmo & Everybody! Now then I have some questions: I am in the process of Optimizing my TCP/IP settings & what I am finding is the SG TCP Optimizer software I'm using recomends turning off my firewall & all security & any other programs using any bandwith prior to performing a speed test. This test is done late at night for a more accurate test result, & I understand this, but I am greatly concerned with getting any malware during this test, being there is scumware plague of over 200000 sites infected right now. As stated before prevention is more important than security. I am curious if I can safely perform this test using SANDBOXIE & not effect my bandwidth? Also I thought I saw somewhere on this site a link to "how to stop sandboxies nagware, but can't seem to find it ? And, is there any other speedtest sites recommended over SG Speedtest found in the help page from SG TCP Optimizer? Finally, last but not least, is this test better performed using the closest server or the furthest server? Any help would be greatly appreciated & Thankyou in advance to everybody!
Darrin
I guess we need to do a full article on this. It's a big subject.
http://www.dslreports.com/tools
is one reputable site that may be of use to you.
Post new comment