Sandbox technology fundamentally flawed??

i came across this article that i want to show everyone and ask for your input. the article basically debunks the idea that sandboxing a browser is effective.
any thoughts?

Please post a link :slight_smile:

Thanks Deckie49

Jake

The only thing when sandboxing browser isn’t useful is when you give your personal information, credit cards number, etc. to the fake login sites. Other than that; it’s a key to keep the real system clean from malware.

The only thing when sandboxing browser isn't useful is when you give your personal information, credit cards number, etc. to the fake login sites. Other than that; it's a key to keep the real system clean from malware.
exactly, :-La :-TU multiable layers protecting each other to provide the best Armour possible :)

deckie49- I’m now wondering if you’re not just here trolling because when I checked the only significant results Scroogle listed were a link to your initial post and this hopelessly outdated June 2008 article about tests done with Zone Alarm’s ‘Force Field’ the last release of which was November, 20 2009.

~Maxx~

[attachment deleted by admin]

thanks to everyone’s comments.
sorry i forgot to include the link, but after looking at maxxwire’s post it is indeed that link.
didn’t bother to look at the date.
by the way, maxxwire, i’ve been called lots of names- mostly from my wife. never been called a troller. what exactly is that??

deckie49- You have my deepest apologies. A troll drops highly controversial link just to stir things up on a website. I’m so glad that you posted back and explained things. Obviously you are no troll at all!

~Maxx~

That person is correct. Sandboxing is hard to do correctly - always rely on OS security as the strongest protection, and don’t trust that the sandbox will protect you from system call/service exploits.

I’ve never heard one single user complaining he/she was infected while using Sandboxie.
The article mentioned is about only one particular product (ForceField).

Selection bias. The people who use Sandboxie tend to have above average computer knowledge, and are usually much more risk averse.

Sandboxes are fantastic for experienced users. The obvious flaw with Sadboxie is if a user needs to take a program out of the sandbox for it to function properly - then you are resorting to traditional scanning.

Still, they minimize a lot of risk. Whether day to day people are prepared to put up with the useability constraints, is an entirely different matter.

Most likely they will still be niche products for a while.

The obvious flaw with Sadboxie is if a user needs to take a program out of the sandbox for it to function properly
That's not a flaw; that's a silly mistake. After all, if you want to know if a program is safe you just have to do a Google search and check WOT's ratings.
Most likely they will still be niche products for a while.
If that's the case then it is a shame because a properly designed sandbox is the perfect product for a newbie to browse around (yes, I think it is essentially a browsing tool). My Mother, whom knows close to nothing about computers, uses Sandboxie. I just did a basic configuration and told her: "click here to open, and click here to close".

Mistake, flaw - call it whatever you want. Eliminating user interaction is crucial - you want a program to be able to take the right decision with minimal user input. The error comes on the user part.

With regards to your mother - you were the one who researched the product (that takes time), understood it (again this takes time) and configured it (again this takes time). Average users don’t do this - this is what I mean when I say niche product.

I first discovered Sandboxie here on the Comodo forums 2 years ago just after I began using Comodo Internet Security and ditched Norton which had let my computer get infected on 3 different occasions.

Right from the start the program made it quite easy to run my browser in the virtualized space of Sandboxie and none of my computer’s array of on-demand scanners have detected even so much as a tracking cookie ever since. It did take some time to learn how to set up browser feature access like bookmarks and passwords with Sandboxie, but I still had the full protection of running my browser in Sandboxie right from the start.

I’ve always found it quite natural that I discovered Sandboxie and a large contingent of Sandboxie users right here on the Comodo forum because both programs both attract the same kind of users who prefer to take personal control over their computer’s security and avoid the kind of computer security programs that are designed to be able to make the right decision with minimal user input because every gimmick that they come up with to make it easier for people to use ends up making it more vulnerable and unsafe as a result which is why I left Norton in the first place because by designing NIS around the ‘ease of use with minimal user input’ in mind they ultimately compromised their ability to deliver effective computer security and as a result left it open to the 3 infections which my computer got while using NIS which completely ceased when I started using Comodo along with Sandboxie.

So Simple, So Secure!

~Maxx~

Incorrect.

If a user forgets to empty the contents of a sandbox (which currently has a virus in it) then a clever pierce of code could still use the sandboxed browser as a means to fetching passwords and then uploading them through addons in the browser.

keyloggers also in the sandbox can record strokes of applications also currently running in the controlled enviroment. It is very important to run only one application in a single sandbox and then you will be safe!

You can set it so you never forget, which is what I have done. Sandboxie and NoScript are great for helping keep your PC clean.

[attachment deleted by admin]