yabbadoo wrote:
Google Chrome has no sandbox. The term is used liberally to cover a programmable restriction which forces risk elements to inhabit a programmed "loop" where they are said to be confined. It is not remotely comparable with Sandboxie where the entire browser in engulfed in a virtual environment.
If the Chrome "sandbox" innovation does improve the browser security, fine, but I pay no credible attention to it. Every little helps.
Whatever the merits of Chrome`s "sandbox", there is no conflict with Sandboxie since the operational concept is "a box within a box".
A kind of poor man`s alternative which is based significantly on Windows security system !
To rely on MS Windows security is a joke. It is about as safe as driving on the wrong side of the road or going the wrong way down a one-way street.
In my case, using the brilliant and perfectly operating Windows XP,
I have no Windows security after 1 April 2014. So how can this fictitious Chrome "sandbox" help me and millions of other XP users ? Sandboxie takes over from MS Windows with exceptional and indomitable efficiency. I have no use for Windows security and their incessant bombardment of patches.
Incidently, Chrome is my primary and well loved default browser and has been for about 6 years.
Google Chrome is a sandbox, and also look for the info I found about Google Chrome:
Exploit a Chrome tab and you have extremely restricted file-system and registry access (not even read and write for both in all cases), you can't create new processes, can't read the clipboard and and you cannot do many other things that are not mentioned (I wonder what things that might be). Exploit an Anti-Virus and you have admin rights.
Google Chrome:
"It totally isolates the code you are running in your browser using the OS internal mechanism: simply brilliant.
Only coding errors (exploits) in the underlying WIndows OS or inside the components Chrome itself uses could cause intrusions, it is that strong.
It is a theoretical near 100% (practical 100% is impossible, because every man made software or product could have errors)."
"Charle Miller quote on Chrome security: There are bugs in Chrome, but they’re very hard to exploit. I have a Chrome vulnerability right now but I don’t know how to exploit it. It’s really hard. They’ve got that sandbox model that’s hard to get out of. With Chrome, it’s a combination of things — you can’t execute on the heap, the OS protections in Windows and the Sandbox."
Chrome's sandbox is indeed a strong security solution (especially with --safe-plugins), but not against all types of threats. You can't compare it to Sandboxie for example.
Chrome's sandboxing is very strong against exploits and drive-by downloads, but not against ordinary malware (trojans etc.) and phishing threats. Microsoft's SmartScreen filter is unmatched in that area.
That is why I have always hoped that Internet Explorer 9 would feature the same sandboxing techniques as Chrome does, however IE9 only partially sandboxes. Since the combination of Chrome's sandboxing and Microsoft's SmartScreen filter would be unbeatable. Combine that perfect browser with built-in security measures (Windows Firewall, operating system hardening with assistance from EMET), backup and a system image and an on-demand scanner (Hitman Pro is the perfect candidate) and you have have bulletproof protection."
"Yes, it (Google Chrome) even has become better with LOW instead of UNTRUSTED as lowest integrity rights level and its own flash and PDF versions."
So yes Google Chrome is that tough sandbox, why have sandbox inside the sandbox?
I use SBIE on my old Windows XP with AppGuard, but on Windows 8.1 I use only Google Chrome with UAC, SUA and Windows 8.1 firewall inbound/outbound protection plus router protection, much more than enough protection.
The real question what is the difference between SBiE4 and Google Chrome 37, since they work the same-by using built-in Windows security mechanisms/integrity levels, I still fail to see the difference-if we ignore running and blocking malwares inside SBiE4.
