Can a Sandbox Improve Security?

Category: Security

Any time you install and run software from an unknown source, you run the risk of damage to your computer system. Even if the software is not designed to make mischief, there's still a chance that it's vulnerable to exploits that could wreak havoc. Here's how to insulate your software from potential security threats…

Run Your Software in a Sandbox

Put it in a sandbox… a "walled-off" controlled environment where it cannot access most of your system resources. Software sandboxes have been used for decades by software developers to test unfinished programs safely. You are probably using sandbox technology without knowing it.

Java, Adobe Flash, and Microsoft Silverlight are common Web applet environments. An "applet" is a self-contained program that runs in a virtual machine or scripting-language interpreter that does the sandboxing function. These technologies enable Web surfers to run applets from unknown sources with some confidence that nothing the applet does will be able to harm the user's system. However, applet sandboxes don't sandbox all programs; the Java virtual machine, for instance, sandboxes only Java applets.

Sandboxie is a consumer-oriented sandbox environment designed for testing software that one may download from the Internet. It creates an isolated environment that prevents software running within it from making permanent changes to other programs or files on your system. Any instructions to change files issued by the suspect program are redirected to a specified area of the hard drive - the sandbox - where they can easily be deleted when the program is terminated.
Software Sandbox

Returnil Virtual System 2011 is another sandboxing application. But its paid version also includes antivirus scanning features to root out existing infections on your system.

How Does a Sandbox Protect Me?

You can run your Web browser, email client, or other Internet-enabled programs inside of Sandboxie, erecting a sandbox around these common sources of malware infections. If you happen to get infected with a virus while running in a sandbox, just delete the sandbox, and the problem is gone. Even the Windows registry is safe from rogue software, while operating inside a sandbox environment.

Changes that a sandboxed program wants to make to your system are, instead, stored in the sandbox cache. The user can allow all cached changes to be deleted when the sandbox session is ended, or you can review the changes in the cache and select those you would like to make permanent. Changes you might want to save include emails or documents you have received from trusted sources during a session.

Sandbox technology is not intended to replace traditional anti-malware protection. Loading and unloading a sandbox application like Sandboxie is inconvenient compared to the silent, real-time malware scanning of a typical antivirus program. Sandboxes are not entirely leak-proof, either. If there's a way for the user to save changes stored in the cache, then a bad guy may find a way to exploit this hole in the sandbox wall.

But if you have an occasional need to test-drive suspect software, or if you often surf where angels fear to tread, a sandbox can be an additional layer of protection.

 
Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Email:

Check out other articles in this category:



Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 1 Apr 2011


For Fun: Buy Bob a Snickers.

Prev Article:
Dump Norton and McAfee Anti-Virus?

The Top Twenty
Next Article:
Malicious PDF Files

Most recent comments on "Can a Sandbox Improve Security?"

Posted by:

Marvin Alper
01 Apr 2011

Acronis Tru Image Home has a similar utility include with it. It is Secure Zone. I have been using it for several months.


Posted by:

zeez
02 Apr 2011

That's right Marvin Alper. It also has a feature named Try and Decide (if I remember the name correctly). There is also another software named DeepFreeze which can be set to return your system to a previous state every time you boot up (be careful. may loose your work on files. you will also loose antivirus updates and everything else will also go back to where you were before restarting.)


Posted by:

Chernah Coblentz
02 Apr 2011

Sometimes I receive a message telling me to "Run a free scan" to identify threats to my computer. When I run the scan, it displays a long list of problems on my computer - which could only be repaired by purchasing a particular product to clean the registry. I had something like this about a year ago, and it continues to bug me. The company was called Pareto logic. There were no deinstallation instructions;I could not do so in Add-Remove in Control Panel. Finally I did a search for "Pareto" and deleted all occurrences of it. Since then when I try to open a program, the computer slows down for a minute, then displays the message: "RUNDLL Error loading C:\Program Files\Common Files\ParetoLogic\UUS2\UUS.dll The specified module could not be found". Even though I can close the window or click OK, I want to remove Pareto and all traces of it from my computer. How can I do that? Thanks

EDITOR'S NOTE: Go to Start / All Programs / Accessories / System Tools / Scheduled Tasks. Then delete the ParetoLogic entry from the task list and restart your computer.


Posted by:

Snert
03 Apr 2011

Attn: Chernah Coblentz. Not for the faint-hearted. This is for people confident with making registry changes themselves.
Click Start/Run, type Regedit hit Enter. Click on HKey_Current_User/Software. Scroll until you find >ParentoLogic>>>WARNING I'm an old computer user from before MS DOS.


Posted by:

Bob Rankin Fan !
08 Apr 2011

I tried Sandboxie. Nice freebie. THANK YOU BOB. Comodo Time Machine is also a good freebie which quickly takes a snapshot of the system and quickly returns your system to the snapshot you choose. Although, generally, I believe that Comodo software are not light and easy. Other Comodo software I tried, protected my system so tightly that it hanged. At best, the system is considerably heavier than before installing them.


Posted by:

Julia Dawn Mason
08 Feb 2013

Thanks for the link for the Sandboxie program. I love that little program since I have a grandson who will click on any link when he isn't supposed to .To keep from losing the website I will move the installer package of Sandboxie to a thumb drive.


Posted by:

Bruno
14 Mar 2017

I am using Sandboxie every now and then. However, how can you tell a site causes a problem or infection when running in sandbox environment, since it is shielded from your normal computer operation.

In other words, how to tell after running a site first in Sandboxie, whether that site is safe to visit in a regular browser environment?


Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! And please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are previewed, and may be edited before posting.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
RSS   Add to My Yahoo!   Feedburner Feed
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google.


Article information: AskBobRankin -- Can a Sandbox Improve Security? (Posted: 1 Apr 2011)
Source: https://askbobrankin.com/can_a_sandbox_improve_security.html
Copyright © 2005 - Bob Rankin - All Rights Reserved