Lode, I run Outlook Express on a restricted sandbox and never had a problem with a virus or a keylogger. Restricting Start/Run to OE, Firefox and Foxit and limiting Internet to OE and Firefox has proven to be very strong protection in my case.
In addition to using the restrictions, I always open attachments sandboxed and always delete my sandboxes.
Sandboxies protection is so good that one year ago when my favorite antivirus was kind of messy after an upgrade, I just dropped it and did not look for a replacement. My confidence in SBIE is so strong that dropping the real timer was the natural thing to do and now, I would not go back to using one.
Using or not using an antivirus, in my opinion, should be based on what makes you, the user, feel better. The perfect scenario is to have one along SBIE but it is not needed.
Bo
Why AV in Combination With Sandboxie is Needed
Thank you.
So far I have had Sandboxie set to always delete all content after closing the browser. Only allowing downloads I trust to be saved outside the sandbox when asked.
But not to lose my email, I don't let Sandboxie delete that (if that could even been done, something I would not be interested in anyway). So for me it basically comes down to:
Make sure I don't open attachments of unknown sources, and delete those suspicious emails.
If I could configure things in such a way that I could still go to websites by clicking on links in emails I trust, while at the same time preventing eventual malware attachments to do their thing when by mistake I would open one, I would not mind setting it up.
But the chances of me opening and activating malware attachments are luckily very slim. So far it has never happened yet. (Knock on wood.)
I know that the space on my hard disk outside the sandbox is safe. But my concern is other people who would get infected if malware in my sandbox would pass itself on to them. Especially because they may not have Sandboxie, and thus not run their email client sandboxed. That was the reason I got AV that checks all emails coming in and going out.
So far I have had Sandboxie set to always delete all content after closing the browser. Only allowing downloads I trust to be saved outside the sandbox when asked.
But not to lose my email, I don't let Sandboxie delete that (if that could even been done, something I would not be interested in anyway). So for me it basically comes down to:
Make sure I don't open attachments of unknown sources, and delete those suspicious emails.
If I could configure things in such a way that I could still go to websites by clicking on links in emails I trust, while at the same time preventing eventual malware attachments to do their thing when by mistake I would open one, I would not mind setting it up.
But the chances of me opening and activating malware attachments are luckily very slim. So far it has never happened yet. (Knock on wood.)
I know that the space on my hard disk outside the sandbox is safe. But my concern is other people who would get infected if malware in my sandbox would pass itself on to them. Especially because they may not have Sandboxie, and thus not run their email client sandboxed. That was the reason I got AV that checks all emails coming in and going out.
-
Lumberjack
- Posts: 91
- Joined: Fri Nov 25, 2011 12:37 am
bo.elam wrote:Lode, I run Outlook Express on a restricted sandbox and never had a problem with a virus or a keylogger. Restricting Start/Run to OE, Firefox and Foxit and limiting Internet to OE and Firefox has proven to be very strong protection in my case.
In addition to using the restrictions, I always open attachments sandboxed and always delete my sandboxes.
Sandboxies protection is so good that one year ago when my favorite antivirus was kind of messy after an upgrade, I just dropped it and did not look for a replacement. My confidence in SBIE is so strong that dropping the real timer was the natural thing to do and now, I would not go back to using one.
Using or not using an antivirus, in my opinion, should be based on what makes you, the user, feel better. The perfect scenario is to have one along SBIE but it is not needed.
Bo
The main problem is how do you restrict start/run of Firefox or example and antivirus, and shouldn't that restrict antivirus to update?
I still have problems with the configuration, for example is it possible to sandbox my jpg. (pictures). I'm still trying to find how to use Sandboxie, is it true I have to create as many as sandboxies as possible?
But what exactly inside Sandboxie I should configure, should I in every sandbox for example force Firefox and Internet Explorer to run sandboxed, or this is just needed in the first sandbox?
What about USB options-should I force my F: partition (USB) in every sandbox?
And I don't what processes/programs I should block start/run, as well what processes/programs I should block to access the Internet (especially if you have malware running inside the sandbox).
Lumberjack, you should follow Tzuks advice (on the other thread) and use default configurations for a while, that way when you start making changes, you ll know the difference in how things work in a restricted and a default sandbox.
Read the restrictions webpage. SBIE will not interfere with your AV updating. Using separate sandboxes is a good idea as it separates programs from each other. Each sandbox should be restricted accordingly to the program or purpose.
Bo
Read the restrictions webpage. SBIE will not interfere with your AV updating. Using separate sandboxes is a good idea as it separates programs from each other. Each sandbox should be restricted accordingly to the program or purpose.
Bo
Who is online
Users browsing this forum: No registered users and 1 guest
