Unauthorized Download Blocking

[D1G1T@L]

This is just some food for thought, since Sandboxie's main purpose is to stop drivebys, I was thinking that it would be a good idea to add a component similar to the blade defender tool that is being developed, where user-to-browser interaction is monitored to capture information pertaining to a user authorizing a download. ONly authorized ones are allowed to go through while any code downloads that don't display a permission dialogue would be hosed. This would prevent the malicious code from even being downloaded in the first place hence taking the war on malware to a newer level.

The good thing is that with Sandboxie's concept of selecting which programs this applies to, guarantees way less problems than those anticipated for Blade; where it would have issues with automatic updates as they are background processes. -- With sandboxie this is not an issue as no one sandboxes their AV or installs windows updates in a sandbox. This would only apply to selected vulnerable apps such as webbrowsers etc.

http://www.techrepublic.com/blog/securi ... lware/4558

This link provides some more details on how such a tool works.

[D1G1T@L]

Once again I have ignorantly posted without fully reading what I have suggested As it turns out this blade thingy doesn't actually (can't) stop illicit code from reaching one's machine. If there is a browser exploit it will used and the resulting executable is sent, all that the tool does is stop the execution of the code into memory on a protected storage area of the PC --- Sandboxie does this and much much more therefore is nothing to add.

Sorry

[tzuk]

On a more principle note, I don't have the goal of adding every possible security feature into Sandboxie. If another solution covers a specific niche and does it well and can work alongside Sandboxie then I see no reason to compete with that.