Any thoughts on Sandboxie?

  • 3 Replies
  • 8101 Views
*

Offline williamkidd

  • Bronze Member
  • 364
Any thoughts on Sandboxie?
« on: November 13, 2008, 08:44:28 PM »
I saw the program Sandboxie mentioned by someone in a post on the BleepingComputer forums and was wondering if anyone is using it and finds it beneficial to have. The first time that I heard about sandboxes (when it comes to computing at least) was during the introduction of Google Chrome and it sounded like a good idea but wonder how effective something like this would be when it's applied to a greater portion of the computer than just the browser.
Penny, everything is better with Bluetooth. - The Big Bang Theory

*

Offline John B.

  • Visiting Staff
  • Bronze Member
  • 56
Re: Any thoughts on Sandboxie?
« Reply #1 on: November 15, 2008, 04:31:25 AM »
Sandboxie is a very good program if you do not want to use Virtual Machines. When running the program on the background it will easily help you remove all traces of any program you just installed or any changes a program made. Take a look at their website:
http://www.sandboxie.com/

*

Offline PCBruiser

  • Malware Removal Mentors
  • Ambassador
  • Diamond Member
  • 8146
Re: Any thoughts on Sandboxie?
« Reply #2 on: November 15, 2008, 09:08:28 AM »
My own experience with Sandboxie is mixed.  I found it to be tempermental.  It worked fine on some systems, and simply refused to work on others.  If it works on your system, well and good, but try it carefully.  I also found that occasionally it would stop working when either Windows updated, or one of my security programs, even on systems where it did work.  I finally stopped using it as a result, and started using Returnil (which also has a stripped down free version) which does work on every system I have tried it on.

The advantage of Sandboxie over Returnil is that you can turn it on or off at will.  The comparable disadvantage of Returnil is that once turned on, you MUST reboot to turn it back off.  On the other hand, Returnil protects your entire system.  Once you turn it on, no changes from any programs survive the next boot, unless you save them to a partition other than the boot partition.  With Sandboxie, it is not that clear.  It will protect your browser, but not necessarily anything else unless you remember to run whatever within a sandbox.

I'll give you an example of how Returnil works.  I have a new iPod.  I dislike iTunes because it is bloatware and installs all kinds of things I really don't want or need.  However, for my iPod to work, I MUST install iTunes in order to transfer a small file from iTunes to the iPod to activate it.  That's the one and only way to activate the iPod AFAIK.  Once it is activated, there are some other free third party utilities that can be used to transfer files back and forth to the iPod, and manage your music.  So, what I did was to turn Returnil on, install Tunes and all the other junk it installs, activated the iPod, and then rebooted.  Result?  iPod active, no trace of iTunes or any of the other things it installs.  That would have been more difficult to do with Sandboxie.
Don't Read?  Can't learn!

*

Offline williamkidd

  • Bronze Member
  • 364
Re: Any thoughts on Sandboxie?
« Reply #3 on: November 15, 2008, 05:41:59 PM »
John B. and PCBruiser, thank you for replying to my query.  :) I've got a picture in my mind now, which may or may not be accurate, about the uses of Sandboxie and Returnil.

It seems as though Sandboxie is a good option when it comes to doing anything Internet related (browsing, e-mail, P2P, etc.) and could possibly make malware removal an easier process if changes are limited to a specific area (i.e. the sandbox). However, I think I may have been overly hopeful when I first checked out the Sandboxie site the other day. I was thinking that you could install anything into the sandbox, a game for example, and have anything related to that program limited to the sandbox area but after reading a little bit more it doesn't sound like that is the case. I think the problem there is that every program likes to make changes, specifically to the registry, and the sandbox would keep the program from functioning at all because of this. John B., you mentioned that Sandboxie is a "very good program if you do not want to use Virtual Machines" and when I read that I was wondering if it causes issues with using Java (via the Java Virtual Machine) which would be something commonly found when using the Internet, right?

PCBruiser, it sounds like Returnil is best used when you want to run an application once and then remove it based on your usage of it with iTunes. I'm trying to think of a case where I would want to do that with a program but so far can not think of one. However, I can see where it was useful in the case that you mentioned. I'm one of those strange people that likes iTunes but even in this case I've stayed away from upgrading to version 8 because of the issues that I have seen mentioned about that version. It seems like Returnil would be useful to test something like that if the program installed would stay installed after rebooting the system.

I looked at the Sandboxie program to find a way where I could keep games (the DRM aspect of it) and beta testing software from affecting my system but it seems like my best bet would be to install a new hard drive with an OEM or retail version of Windows in order to accomplish this. Doing that I think would keep my main drive free from any problems that could be caused by installing the software mentioned. At least I think it would because I would have a separate registry that wouldn't affect the registry on my main hard drive. I don't use any CD cracks or P2P programs so that isn't a problem but I have seen enough cases where DRM protection affects people's systems and I would rather have it limited to a drive that I wouldn't mind doing a quick restore on if something goes wrong. Any thoughts on this are appreciated and thanks again for the replies.
Penny, everything is better with Bluetooth. - The Big Bang Theory