Yes, you have probably noticed that the program “Sandboxie” is getting more and more popular. A sandbox is like a firewall, which will prevent data leakage in an completely isolated file system.
There is no browsers on the market today that have an built in Sandbox in the browser. And I think this is an great idea for the future. It would increase the security of browser a lot, and you would not need to use 3rd party programs like Sandboxie to make the browser safe.
I don’t know of any malware that could jump out of Dragon’s sandbox (or chromium sandbox)…if you see any, pls let us know so that we can fix asap…
thanks
Well I know for instance from my own experience with chrome, that I many times get a java trojans.
Which I had to delete many times with trend micro online scanner. I doubt this would happen if I did run sandboxie.
it goes under many names. TROJ_JAVA.AQ, TROJ_JAV.AX, TROJ_JAVA.AQ, TROJ_JAVA.AT
It does exist many more variants, but htese are all I can remember. I get these with dragon.
They can be found in an temp folder outside the dragon folder, so if Dragon was Sandboxed I doubt this would happen.
Anyway I will install Sandboxie in a couple days, I have my suspicions on which site that I get this java trojan from constantly.
In the link I posted earlier…“Therefore, it is impossible for us to prevent against a flaw in the OS security model itself.”
So if these “Trojans” are exploiting a flaw in the OS, then there is nothing Chromium-based browsers on Windows can do.
Many many programs make use of the Temp directory, so it isn’t unlikely that Dragon were to write there on a temporary basis. Even with Sandboxie, I am sure it would write there.
I question TROJ_JAVA because for the most part I only see it being declared by Trend Micro and even then is it a TRUE Trojan? Was browser security really compromised or was a plug-in to blame?
The difference between dragon and sandboxie is, if you would run Sandboxie, Sandboxie would first tell me that TROY_JAVA.xx wants to load into my system. I could then just tell Sandboxie to terminate the processes… and no harm would be done, cause it all run in an isolated filesystem.
Atleast Dragon should inform me as user that this file want’s to load. and you could click yes/no if you want to give it access, just like an firewall.
I think it is a bad answer to blame the OS, cause the trojan itself is downloaded “THROUGH” Dragon, because lacking security layer. This kind of trojans should not get into the system in first place. That is here where Sandboxie comes in, it acts like an “firewall” for the web browser.
How Dragon and web browsers use external software and cookies is something that can be improved.
It might be true that chroium have Sandbox elements, but it is not a true sandbox. Then Java trojans and other stuff would not be able to load into the system as it do.
And yes it seem to be mostly Trend Micro who report these trojans, some of them report as “High” risk" …I am actually not sure myself what they are capable of.
How it SHOULD would and how it operates are two different things. I would be very interested to see how Sandboxie operates with your Java Trojans though.
Yes, I do not claim myself to be any kind of security expert.
But If Understand correctely how Sandboxie works it will run all data in an isolated space in both hdd space and memory space. If for instance a java application would want to run outside the Sandbox, then the java application what not be able to detect anything outside the Sandbox. This mean it would be impossible to let java applications leak to temp folders like it does today.
If some one have any better idea how the Sandboxie works just let me know.
I think it has happened on my computer, I use CD to open malware sites so I could get the exe in there and some of them load java, I have found some dropped trojan files in my system32/drivers folder. Do I know what files they are, nope. But they were there, about 3 or 4 of them that I found with hitman pro.
Nope I wasn’t I will keep an eye on it more from now on, but I can tell you they were not there before I started searching for malware becasue I scan my computer with hitman pro everyday before and after I am done looking for malware.
os is windows 7 32bit , and the only plugins are java and flash just like I have on the other browsers I use.