Trust No Program


If you want to say something nice about Sandboxie


Postby Han » Mon Sep 04, 2006 4:02 am

Steve Gibson, the security expert, has recently spoken very highly of Sandboxie as the best "pseudo-virtual sandbox" he has examined.

See -- the August 31 podcast/transcript, episode #55, titled "Application Sandboxes."


Postby Unknown_User_405 » Mon Sep 04, 2006 11:45 pm

Han, you just beat me to mentioning in this forum the podcast wherein Steve Gibson thinks very highly of Sandboxie (I do too). I just finished listening to the podcast, and I recommend it to everyone using Sandboxie. Ronen, you better take a listen - but don't let your head swell too large.. :D ...Some of the features Steve likes are: it works - a no-hassle installation; it's not resource intensive; it's effective; and it's priced right - a free download. However, if you're happy with Sandboxie, please register it and show your support for a great program..SlimJim
Posts: 0
Joined: Thu Jan 01, 1970 1:00 am

Postby Irondell » Tue Sep 05, 2006 8:08 pm

Well, it was an endorsement but not an unqualified one. Steve Gibson's glowing compliments were primarily for the privacy protection that Sandboxie gives, not for it as a security application, which is what most of us use it for. He stated in the podcast that he doesn't believe this type of application can give completely trustworthy security and that this is because it isn't a true virtual environment
but merely software that intercepts and filters calls made on the OS by other software. As such it could be possible for 'sandboxed' software to escape containment using "nontraditional or undocumented operating system calls that may not be filtered". Such an exploit has not been POC'ed yet but as these 'light' sandbox programs gain popularity(particularly Sandboxie because it is free) I wonder how long it will be before it is...?
It was an excellent podcast, especially for a non-techie like me. I had imagined that Sandboxie, Greenborder, (censored) etc were just smaller versions of VRM but basically doing the same thing. Instead the intercepting and filtering actions seem to bear more of a resemblance to an application like ProcessGuard.


Postby Unknown_User_405 » Wed Sep 06, 2006 12:35 am

Irondell, you're absolutely right - Sandboxie is not a virtual machine, but a software program emulating one. It is great for privacy, and, right now, does great for security. It is a program, however, and any program can probably be circumvented by a malicious cracker. But, in the meantime, I'll use Sandboxie as another layer of protection, and appreciate what it does.... As a complete side note - I wonder if Mac users have these same type of discussions about malware, viruses, ad nauseum? :? ....SlimJim
Posts: 0
Joined: Thu Jan 01, 1970 1:00 am

Secure but not Iornclad

Postby FrozenKiwi » Wed Sep 06, 2006 1:03 am

I'm now using this because of steve's mention - and it looks good

Yeah - he wasn't completly endorsing it for security and I thought the reasons were valid. But I think he's pointing out an extremly small security potential security weakness - in the main.

It seems to do a good job of isolating a browser - and by the look of it, other apps too.

Now if I could only figure out how to start my browser in this from a desktop shortcut ... <goes off to play>

Re: Secure but not Iornclad

Postby Guest » Wed Sep 06, 2006 7:46 am

FrozenKiwi wrote:Now if I could only figure out how to start my browser in this from a desktop shortcut ... <goes off to play>

C:\Sandboxie\Start.exe C:\Program Files\firefox\firefox.exe

thank you for the great pizza slice.

Postby rubionis » Sat Nov 25, 2006 3:23 pm

Discovered Sandboxie thru Gibson`s podcast.Run it always with my IE; my firewall doesn't scream anymore.
Sandboxie is a great example of what a built-in feature a web browser should have.
Recommended it to my friends...

Great web site: a pleasure to browse and elegant. :P

Return to Positive Reviews

Who is online

Users browsing this forum: No registered users and 0 guests