Sign in to follow this  
Followers 0
warwagon

Sandboxie - Browse the internet with ease.

55 posts in this topic

Sandboxie 3.62

Trust No Program!

http://www.sandboxie.com

I just thought I?d write a little review to spread the word about a free, small (250kb) and very useful sandbox utility called ?Sandboxie?.

Depending on the person I explain it to, I usually get two completely different responses. When I explain what this program does, (which I?ll get to in a second) I?ve found that people who are tech oriented think the idea of this program is fantastic, while the average user responds with ?cool? which pretty much means ?whatever?.

How it works

The program lets you sandbox applications or the install of applications, so it does not have contract with the rest of your system. It does this by getting between the application and your computer and making it think its installing to c:\program files when in fact its installing to C:\Documents and Settings\(your username)\Application Data\Sandbox\DefaultBox\drive\C\Program Files, this goes for any directory on your hard drive. It also fakes the registry and it stores the registry entries for the application in a file called RegHive located in C:\Documents and Settings\(your user name)\Application Data\Sandbox\DefaultBox instead of the actual windows registry. An example of this would be to download an application that you are not quite sure about or just want to install without worrying about it damaging your system. You can right click the EXE and then choose ?Run Sandboxed? It then proceeds to install the application to the sandboxed location. Because it installs everything in the sanbox its very easy to remove every trace of the application from the hard drive. You simply have to tell Sandboxie to delete the sandbox (function menu / contents of sandbox / delete contents) and the application you just installed is now gone from your computer.

While using sandboxie to install and test applications is nice, where Sandboxie really shines is while browsing the internet. When you sandbox your web browser (Internet Explorer, Firefox, Opera, ect?) it makes a shadow copy of your web browser and all the files it requires and copies them to the sandbox as it does with any sandboxed application, this happens faster than you might expect, you really don?t notice it much at all. The benefits of this are many but I?ll mention a few. One is privacy, you could install this on someone?s computer or use it on your own,and at the end of your browsing session, delete the sandbox and all traces of your activates are gone and I mean ALL traces. The other benefit is virus and spyware protection / prevention. Any file that you download and open from within the sandboxed web browser willalso be contained in the sandbox. If you download a virus it will affect the sandbox and not your computer, so to remove it just delete the sandbox. Same goes for spyware. Now I?m not saying this is fool proof, there has been mention of some spyware which are sandbox aware and can escape the sandbox. Nothing is perfect but this is the closest thing to it.

Tests

I thought I would test it to see just how well this program really works. I started by installing Sandboxie inside a virtual XP install inside virtualbox (just in case it didn?t work), then I proceeded to install Kazaa while sandboxed. During the install it threw a few errors at me but after it installed it ran just fine. After exploring the program files folder located in the sandbox directory, you could see all the crap it installed. You could also see the famous p2p networking running under processes in the task manager. Sense the p2p networking.exe got installed along side kazaa it was also sandboxed. Getting rid of kazaa was so easy it was almost fun. First I Told sandbox to kill all sandboxed processes, this included all the exe?s which were running after the kazaa install. This was done very easily by clicking the function menu and choosing terminates sandboxed processes. Once all the kazaa processes vanished I told it to delete the sandbox and *Poof* no more kazaa.

That was too easy, I mean had a normal computer gotten infected with the wrath of kazaa, it could have been uninstalled and spyware removers could have taken care of the rest, it was nothing that would have required a reformat. So I thought I needed a better test. I needed to find what I call ?Pandora?s Box? I?m referring to one of those crack.exe files that are included in warez or program cracks, the kind of file that when you run it, it appears to have done nothing, but if you look at your process list, the CPU is spiked and you see so many random.exe files being loaded onto your system you just want to put your head between your legs and cry. I got a hold of one such file and downloaded it within a sandboxed Firefox and launched it. The only words to describe the activity that file produced is OMG. Because the file was opened with a sandboxed Firefox all the activity I saw on screen was also sandboxed. It took my running processes from 20 to 30. I then told it to Terminate all sandboxed processes, the processes list then dropped from 30 down to 20 instantly, I then told it to delete the sandbox and presto!, an event which had it occurred outside a sandbox would have required without a doubt a clean install of windows and a bleach bath. I preformed a boot time system scan with avast and current definition files. It found 27 infected files and all were located in the system restore directory, I?m not sure if that was from this test or a previous test I did before new about Sandboxie, in either case after an event like that its best to turn off system restore and turn it back on to delete all restore points. I was more than pleased with the results.

Conclusion

As you can tell I really love Sandboxie, I just wanted an opportunity to let otherwise know about this wonderful free little program. They do sell a version that does a few more things for $40/90 which is a life time of free upgrades (which I bought) but the free one does plenty. Included at the bottom is some screenshots of the interface, enjoy!

*Update 11/25/2011

I've been using sandboxie for the past 5 years (even before i wrote this review). Since writing the review Sandboxie now has a 64bit Version which runs great on Vista and Windows 7 64bit operating systems. Every machine in my home that is used to browse the internet has sandboxie installed.

Question - what happens if you get a malware infection?

Answer - If you get a malware infection from the internet, while your browser was being sandboxied, it's easy to remove. You simply tell Sandboxie to terminate all sandboxed processes. Then you tell sandboxie to delete the sandbox. That's it! The infection has been removed from your computer. It's not removed as it would be with a removal tools. With removal tools, while it might be removed you can never be sure you got it all.

Because the infection was sandboxed and contained you can be sure the entire infection was contained in the sandboxie and that you don't have anything left behind. It's as if the infection never happened.

post-4927-1180143449_thumb.jpg

post-4927-1180143455_thumb.jpg

post-4927-1180143461.jpg

Edited by warwagon

Share this post


Link to post
Share on other sites

Yeah, Sandboxie is cool.

It was fun trying to explain to one of the security heads at MS what it was.

Share this post


Link to post
Share on other sites

I never heard of it before, but it sounds damn useful.

I've been doing my testing (for my own programs, not spyware infested crap) in a Virtual Machine (VMware 6 FTW!), but this looks like it could eliminate tons of overhead!

Share this post


Link to post
Share on other sites

How does this work with Windows Vista? It looks pretty neat.

Share this post


Link to post
Share on other sites
How does this work with Windows Vista? It looks pretty neat.

it says its compatible

its kind of funny, last night I opened winamp and it said there was a important update I had to do, so I went and downloaded it with firefox. When I got done installing it I had this icon next to my clock that said "get 50 free mp3s"

I was like @(()#()# , but then I realized that because I installed it from firefox it was a sandboxed install. I was like yay! So I told sandboxie to kill all sandboxied processes, and just deleted the sandbox, then reinstalled winamp, and then this time unchecked that box, problem solved!

Edited by warwagon

Share this post


Link to post
Share on other sites

there are similar apps like bufferzone and defensewall but sandboxie sounds alot better.

Share this post


Link to post
Share on other sites

question: Lets say i run most of my installed programs through sandboxie (games, photoshop, etc) and i were to reinstall windows, could i save that sandboxie "program files" folder with its registry and just install sandboxie on the new windows install and have all my old programs back with my previous settings?

Share this post


Link to post
Share on other sites

I have heard of this before and thought about trying it a few times, but until now I hadn't seen it explained in a way that made me want to try it so bad. Good explaining! I do however have a question. You said you installed it "inside a virtual XP install inside virtualbox"... I'm wondering would a virtualbox be better and maybe could you point to something or explain what that is a little bit? The differences mostly.

Share this post


Link to post
Share on other sites

I've heard of people using this to bypass internet filters and run programs such as msn in places like school/work to avoid detection but alas it doesnt support Win 98 so it's no good to me

Share this post


Link to post
Share on other sites

Looks cool. Would it be safe for me to test dodgy programs inside it? Don't wanna screw my pc up lol.

Also, how do I set it up to work from the context menu, I keep getting an error: "Could not invoke program".

Share this post


Link to post
Share on other sites
question: Lets say i run most of my installed programs through sandboxie (games, photoshop, etc) and i were to reinstall windows, could i save that sandboxie "program files" folder with its registry and just install sandboxie on the new windows install and have all my old programs back with my previous settings?

That is a very good question, and i'm not sure, but I will test that out. Sandboxie does have the option to restore files from the sandbox. What that means is that when you are done or if you just feel like restoring a file it will move it from the sandbox location to the original location on the hard drive. It always gives you that option before you delete the sandox.

Share this post


Link to post
Share on other sites
That is a very good question, and i'm not sure, but I will test that out. Sandboxie does have the option to restore files from the sandbox. What that means is that when you are done or if you just feel like restoring a file it will move it from the sandbox location to the original location on the hard drive. It always gives you that option before you delete the sandox.

Yea if its possible, im in. Im a pretty safe guy about what programs i install on my pc but if what i asked is possible on sandboxie, hell that would open a world of possibilites xD

Share this post


Link to post
Share on other sites
I have heard of this before and thought about trying it a few times, but until now I hadn't seen it explained in a way that made me want to try it so bad. Good explaining! I do however have a question. You said you installed it "inside a virtual XP install inside virtualbox"... I'm wondering would a virtualbox be better and maybe could you point to something or explain what that is a little bit? The differences mostly.

Never mind, I got it on my own.. thanks tho. Sandboxie is nice.

Share this post


Link to post
Share on other sites

hasn't happened yet, but if in some point in time he gets sandboxie working off a USB stick, then any app installed sandboxed on the stick automatically gets turned into a portable app.

There is a guy working a script to make this happen, its on the sandboxie forum.

Share this post


Link to post
Share on other sites

I'm running my iBook just now but I can't wait to try this on the home pc when im back from vacation!

Couple of questions though...

Does Sandboxie run programs at full speed? Meaning they load/run as quickly as they would without it? I wouldn't see why not but its worth asking.

Whats memory usage like and do you have to have a Sanboxie "process" running with windows at all times?

Thanks, can't think of anymore questions just now!

Share this post


Link to post
Share on other sites

Me like :D

I think they're trying this for Windows Vienna. Of course, MS make it sound much more impressive.

Share this post


Link to post
Share on other sites

Whoo been using sandboxie for firefox since this thread started, sandboxie on usb would be awesome, i could use all my programs at school!

Share this post


Link to post
Share on other sites
I'm running my iBook just now but I can't wait to try this on the home pc when im back from vacation!

Couple of questions though...

Does Sandboxie run programs at full speed? Meaning they load/run as quickly as they would without it? I wouldn't see why not but its worth asking.

Whats memory usage like and do you have to have a Sanboxie "process" running with windows at all times?

Thanks, can't think of anymore questions just now!

The first time you start an application in sandboxie it does take a few extra seconds for sandboxie to transfer files the application requires over to the sandbox. Once thats done the startup time from there on is about the same, however if you tell sandboxie to delete the sandbox every time you exit the applications, then you are going to get the same few extra seconds every time. Sandboxie does have an option for multiple sandboxes (not sure if this is only in the paid version) you could then have sandboxie delete the contents of 1 application on exit and not others.

The memory usage with sandboxie is the following

sandboxiedcomlaunch.exe = 2,184k

sandboxieRpcSs.exe = 3,176k

SbieSvc.exe 2,120k

control = 2,732k

The sandboxiedcomlaunch.exe and sandboxieRpcSs.exe are running only when you have an application opened and sandboxe. SbieSvc.exe and control.exe remain even when not sandboxed

If you only have 256 megs of ram you might see a slight slow down with the amount of ram its using, if you have anything over 1 gig, I don't think it will matter

Share this post


Link to post
Share on other sites

Great review!! I am now going to install and try this out! Thanks!

Share this post


Link to post
Share on other sites

I use this program out at the local (little) airport for inside the break room, where they have a computer setup for pilots to come in and browse the net. Besides the computer being setup as a limited user, they are sandboxed in this.

Share this post


Link to post
Share on other sites

this looks great. it'll save me booting up a VM to test out any dodgy looking programs. its x64 compatible too :D

Share this post


Link to post
Share on other sites

where is post 1 through 15? There are no links to go to the other pages.

EDIT: showed up after a bunch of refreshes

Edited by supernova_00

Share this post


Link to post
Share on other sites

Very interesting! Cant wait to get home from work and try this out! :)

Share this post


Link to post
Share on other sites

SO I take it your system admins aren't on top of things like this if the possibility exists that you could run it at school? Maybe via USB?

I'd have this blacklisted immediately. But then again I kill all access to USB drives for students but allow it for staffers. But yeah, I'd imagine most admins would blacklist the exe file - and if it has to install a service you can't just do it under any account.

So let's hope it doesn't allow you guys to run wild on school networks! :p

Share this post


Link to post
Share on other sites

but can you sandbox norton?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.