Get our latest top picks
Subscribe to our Top Picks RSS Feed or enter your email address below to get the feed delivered to you by email:
|
Follow Gizmo |
 |
 |
 |
Register/Login
Top Rated
Gizmo's Freeware is Recruiting
We are looking for people with skills or interest in the following:
- Mobile Platform Reviews
- Rootkit Scanner and Remover
- Streaming Media Recorder
- Email Client
- Archive Manager Interested? Click here
Best Free Browser Protection Utility
|
In a Hurry?
|
 Go straight to the Quick Selection Guide |
|
Introduction
|
|
There's a scumware plague at the moment. All it takes is a visit to one malware site or a "loaded" shareware install, and next minute your Internet Browser homepage has been changed, your default search setting altered, unwanted ads pop up on your screen, rogue software are nagging you to pay, your passwords have been stolen, and worse. Traditional antivirus software and antispyware software are being overwhelmed by the rapidly increasing amount of virus, spyware and other malware. That's why a different approach to combating these threats is necessary. Instead of technologies that are reacting to malware, we need proactive technology to protect our computers. These browser protection utilities can greatly increase your defenses against drive-by downloads and vulnerabilities. I took a look at several applications that are vital in the fight against unwelcome and harmful intruders. |
|
Discussion
|
|
Usage is remarkably simple. To start a sandboxed browsing session, you just click the "Sandboxed Web Browser" icon on your desktop (or the Sandboxie icon from the Quick Launch tray) and this will launch your default browser in the sandbox. You can then use it in the normal way to browse to sites or download files. By default, files that are saved in the Desktop, My Documents or Favorites will have a prompt to ask you whether you want to save the file permanently. I suggest you add your default downloads folder to the Quick Recovery settings so files saved there will be automatically saved to your real hard disk, saving you the trouble of manually recovering files. The advantage is clear: any virus, trojan, worm, spyware or adware threats that "infected" your PC while browsing will be eliminated. Sandboxie allows for in-depth configuration which increases security. For example, you can set it to block access to your personal files, or only allow certain programs to run or connect to the internet in a sandbox. A recent feature of Sandboxie also allows you to run sandboxed programs in a Limited User Account, similar to DropMyRights, for even greater security. This should also prevent most keyloggers from running. However, there are some downsides to this approach. Firstly, if you want to update your browser addons/widgets, you'll need to open an un-sandboxed browser and do it from there. This also applies to bookmarks but you can configure Sandboxie to automatically retain those. Secondly, Sandboxie is not designed to detect or disable keyloggers. You can get around this (mostly) by always empty your sandbox before you log in to important sites (such as sites involving financial transactions). Thirdly, some people find the nag screen inconvenient, which appears for five seconds before a sandboxed application opens. Sandboxie works fine with all browsers and most software applications, including e-mail clients (though this requires special configuration), instant messaging clients, Bittorrent clients and games. However, it won't work with system software (software which installs a system driver).
Returnil provides a different type of protection compared to Sandboxie or GesWall. It is an excellent solution for those who have limited uses of their computer, for example for users who just browse the web. Also, if you have a separate partition for your data then Returnil is particularly useful because you don't have to worry about losing data which you just saved. Returnil can also be used in conjunction with Sandboxie or GesWall. Like all security software, you should have a backup of your hard drive and all your files before you install one of these applications. Please help us by rating this review |
|
Have Your Say
|
|
Please visit our freeware forum to share and discuss your views and get advice on free security software, including antivirus software. There's also a poll where you can vote and discuss your browser protection utility. To post in the forum you need to register first but that's quick and immediate. |
To learn more visit its forum and its online help.
To learn more visit its forum.
|
Editor
|
|
This category is maintained by volunteer editor JonathanT. Registered site visitors can contact JonathanT by clicking here. |
|
Tags
|
|
sandbox, browser security, browser protection |
Back to the top of the article
- Article type:
- Login or register to post comments
Printer-friendly version
Comments
Two programs suggest to 'JonathanT' to include/analyze in this 'Browser Protection Utility':
1. "SecuBrowser" [http://sandbox.secubrowser.com/sandbox/securewebbrowsing.php]- An application that sandbox Browsers when browsing with 'Internet Explorer' and 'Firefox'. It is freeware, not so rich in sandbox features like 'Sandboxie', but useful for general users when browsing. Tips: a-] In their shorcut change the path "...load.exe" to "...run.exe", to avoid the "Security Info" when starts. b-] Create a RAMDisk to move the "sbox" folder in root disk to the RAMDisk, and then doing a junction in C:\ root; save the RAMDisk with the changes; thus all files will be reset and deleted from sandbox container when rebooting.
2. "Toolwiz Time Freeze" - Freeware, easy-to-use, an excellent alternative to 'Returnil'.
Is there a reason why Geswall was removed?
My guess is that it is because GesWall has not been updated in a few years. If you are still in XP or W7, I ll say you can still use it.
Bo
This new report over at MRG including Sandboxie is interesting. It apparently failed one aspect of the test.
http://www.mrg-effitas.com/current-tests/
Any comments from those familiar with Sboxie? Thanks
Sandboxie is not an anti keylogger. In my opinion, it does not belong in that kind of testing and should have not been tested. Sandboxie is not a detection tool. It is not supposed to detect nothing and we should not expect the program to do so.
http://www.sandboxie.com/index.php?DetectingKeyLoggers#defend
Anyway, to anyone that knows what Sandboxie is, the results mean nothing.
Bo
Hi BO,
My regards to you and all the experts for their valuable opinions from pg 14 to 1 (regarding SANDBOXIE).
I must brief about the problems I faced :
Had to change my Internet Service Provider.
Thru the new ISP several malwares etc. started coming.
Had to reload WIN XP Home SP3 several times, keeping data intact in another partition.
Tried MBAM, SAS and many others.
DISCOVERED "SANDBOXIE", installed and using for a few months, HAVING NO PROBLEM SINCE THEN, using IE8 nicely.
I agree with you, AntiVirus is NOT necessary, still use MSE because the ScreenBottom shows a red alert icon stating "your antivirus ...", and use SAS and it finds out potential threat in C/Sandbox, after reading these opinions I shall regularly delete sandbox contents.
Now, my question is (anyone can reply), is online banking safe thru sandboxed browser?? (I mean the "PWD I TYPE", "FINANCIAL DATA" etc. can these be stolen in the browsing session.)
Please reply and help, Regards - B Ray.
Hi Ray, I think your main question has been adequately answered by those posts preceding mine, so I'm not going to add to that.
What I'm going to focus on is your saying... "after reading these opinions I shall regularly delete sandbox contents". Maybe you are unaware of it, but Sandboxie can be configured to delete the contents of a sandbox whenever it's closed. To do this:
- Open Sandboxie Control
- Click on the Sandbox tab
- Point at the sandbox you want to configure
- On the sub-menu that opens on the right, scroll down to Sandbox Settings and click on it
- On the left pane of the next window, click on Delete
- Click on Delete Invocation
- On the right pane, click the box next to "Automatically delete contents of sandbox"
- Click OK, OK, and close Sandboxie Control.
I hope this helps.
My regards to all of you.
MC - I visited every link, LIVE-CD option seems to be better, but, I'm a novice in tech-s & this shall take time, may be after some time (also may some loss !!!)
Alexx - I shall definitely try to find out "onscreen keyboard".
Joe - Thanks, I have done "Automatically delete contents of sandbox" after you suggested it.
Bo - After all these problems faced, now, I deliberately avoid add-ons and regularly keep watching, & the PC seems to be clean. I shall definitely use "a fresh browsing session for sensitive cases and close it, delete SB contents" (though it's now automatic).
Now, what I understood from you, just repeating those, only because of I don't know whether it's correct or not, (if not, please suggest / correct me) :-
1. In SETTINGS - DEFAULT BOX - RESTRICTIONS - Internet Access - (there is "All programs can access the Internet") - I must remove this and ADD IE8 (Internet Explorer) & SAS (SuperAntiSpyware) ((I shall update other softwares manually when needed)) - Check the Bottom BOX "Apply Changes ...".
2. In SETTINGS - DEFAULT BOX - RESTRICTIONS - Start/Run Access - (there is "All programs can start and run") - should I remove this and ADD IE8 - Check the Bottom BOX "Apply Changes ...".
3. In SETTINGS - DEFAULT BOX - RESOURCE ACCESS - File Access - Blocked Access - I shall ADD or EDIT/ADD d: (where I keep all my datas) (I keep all programs in c:)
To set Internet Explorer as the only program allowed to connect and to run, just add IE8 to the Start/Run Access and Internet access list. No need to add SAS as it works outside the sandbox.
For File Access, use the ADD button. Don't block C drive or Windows, use the restriction to block personal files and folders.
Bo
Many Thanks BO
I'm doing this as you told
Regards
Pleased to help. If and when you get round to looking at the Linux options, if you need assistance please register and post here in our forum. MC - Site Manager.
http://www.techsupportalert.com/freeware-forum/linux/
MC
Many thanks for your support, it shall definitely help me in near future in a new system
Regards
Using onscreen keyboard (passwords etc.) is also a good option against keyloggers.
Hi B Ray, Sandboxie is not an anti keylogger but there are certain things that can be done to make sensitive browsing, banking, safer when you are using SBIE.
For one, when banking, do it in a fresh browsing session and delete it immediately after you finish. Afterward you can open another browsing session to go back to your regular browsing. Also, use a browser with no addons and be careful about the addons you install. An infected addon can read what you type even when you are using a restricted sandbox.
Using Sandboxie settings, restrict the sandbox, to allow only the browser to run and connect.
Sandboxie can not do nothing if you are already infected with a keylogger but what I mentioned does help if your computer is clean before doing banking.
In case you like to protect files and folders in your computer from being accessed by programs running in the sandbox, use File access>Blocked access setting.
Bo
It is widely recognized that a live session (that is not installed) of Linux is the safest environment for online banking. Some "distros" (version of Linux) have even been designed for this task.
http://www.spi.dod.mil/lipose.htm
There is a lot of good and bad advice about this around the net, but here's a couple of typical examples.
http://krebsonsecurity.com/2012/07/banking-on-a-live-cd/
http://www.tomshardware.com/forum/236735-50-internet-banking-safer-linux
If you do a lot of banking and shopping online, you could also consider dual booting your computer with Windows and an installed version of Linux. This is the setup I use. MC - Site Manager.
Are there any known conflicts between Sandboxie and Avast AV? Or for that matter any antiviruses at all?
Most antiviruses should work with Sandboxie without a conflict but when there is one, if reported in the Sandboxie forum, a fix gets worked up quickly if possible.
Avast should work fine with SBIE. Just make sure you OK to enable software compatibility when Sandboxie prompts you to do so when installing Avast. In my opinion, if you are going to use Sandboxie, it is better to disable the Avast sandbox.
By the way, MSE works great along Sandboxie.
Bo
Bo, when using Sandboxie is the antivirus one is using also sandboxed? If not then having an AV does not provide any additional protection when on the Internet and using SB, correct?
Your real time antivirus should be installed in your real system. When you run your browser or any other application under Sandboxie, changes and files that are created are contained in C/Sandbox. To your antivirus, this folder is just like any other folder and will be scanned by the antivirus when you run a scan or in real time when you are browsing if the AV is set to run in real time.
Read this link, in it you ll see some of the questions (and answers)that most people have about how Sandboxie and antiviruses interact with each other.
http://www.sandboxie.com/index.php?FAQ_Virus
If your antivirus detects something in a sandbox, you can either ignore it and delete the sandbox afterward or you can let the AV delete or quarantine the file. It doesn't really matter what you choose to do as long as you are running sandboxed.
Bo
Thanks Bo. Good answers-you're the Sandboxie man!
I love Sandboxie simply for the reason it captures everything attempting to enter my computer including http addresses when it's running. There are many more aspects of the program, but that's my favorite. I can delete all contents after using it leaving my computer as it was prior to my surfing no matter where I've been. My visit to web sites don't even show up in my history. Great program.
I would like to get some feedback on whether Sandboxie users who frequent this web forum still use a real time antivirus? I realize many will say you should but I also believe many actually do not. Also what do readers here use along with Sandboxie for privacy and security?
Hi Tonka, for most people its probably safer and better to use one but in my case, I actually feel safer not using one. If you are like me and don't install to many programs in your real system, download from shady places and you are disciplined enough to open "every" file that you download from the internet in a sandbox, then maybe you are on your way to dropping using an AV.
If you install all kind of programs, get files from anywhere, use other peoples USBs, share the computer with other users and will not use Sandboxie 100% of the time, then you are better off using an antivirus along SBIE.
With regards what I am using along SBIE, I am using nothing but the sandbox. For my browser (Firefox), I use NoScript. Thats what I use for security and dont get infected.
Bo
I only use Sandboxie if I'm doing some possibly infectious browsing, so of course, I run my anti-everything. [Commercial reference removed]
Theres nothing wrong with running a real time antivirus but, in my personal opinion, it would behoove you to start using Sandboxie more often.
Whenever you get in the internet, wherever you are browsing, there's always a chance of getting infected. You cant pick what sites are infected and which ones are not like cherry picking. I trust and mistrust every site the same. I treat every site the same, so I use Sandboxie no matter the site that I am visiting.
Since I started using Sandboxie almost four years ago, malware don't come near anymore despite myself doing pretty much the same when using the internet than when I use to get infected all the time.
If you start using SBIE all the time, its likely that you wont get infected again.
Bo
Any specific add-ons or extensions with your browser of choice? Any settings in SB such as drop my rights or other restrictions?
Tonka, for Addons, I like using NoScript and Adblock for Firefox.
About restrictions. The more restricted the sandbox, the safer that it is but the default sandbox is very strong and balanced to make it easy to use.
If you are going to make changes, I think it is advisable to do some reading.
http://www.sandboxie.com/index.php?RestrictionsSettings
Whenever you have time, start reading the Help files from page one. You don't need to start today but whenever you have the time, read some of this, it will help you understand Sandboxie a little better. A good thing about SBIE is that you don't need to learn everything in one day or one month. Myself, I learn something new every day.
http://www.sandboxie.com/index.php?GettingStarted
To block personal files and folders, read File Access > Blocked Access.
http://www.sandboxie.com/index.php?ResourceAccessSettings#file
Bo
Bo, thanks for all this insight! AND, I want to thank Tonka too for starting this discussion.
Not long ago, I had come across a discussion in the forums that included yourself, MidnightCowboy, Anupam and others. I remember you saying then that you use Sandboxie only. I tried to join the forum to ask why but for some reason I couldn't fathom I wasn't able to (But that's another matter). Nevertheless, just about all I wanted to ask you has been answered above.
Personally, as a late developer in the cyber and tech world, I started out using MSE, and then added MBAM and SAS for on demand scans. Later, I started using SBIE and all my surfing has been almost exclusively in a sandbox since.
Mind you, I've had absolutely no infections in the 2 years or so that I've been using the 'Net, even before SBIE. However, I do try to be very careful about which sites I visit, and I don't go "click, click, click".
Although I've gained a lot from other sites, much of what I've learned came from the articles, reviews, etc. here on TSA.
Once again, thank you for this insight Bo. And to all the dedicated persons here: Thank You! Thank You! Thank You!
Regards,
Joe
You are welcome Joe.
Bo
Yes, thanks to all who replied for much pertinent info.