Logic’s Last Stand

November 22, 2008

Safe Web Browsing with Sandboxie

Filed under: Computers — Tags: , , , , , , , — Zurahn @ 6:05 pm

The web browser is your interface with the Internet, and consequentially all the bad code that is transmitted with it. Your security is primarily compromised by through the browser, as in most Windows machines you’re running programs as a root/Administrator user with far too much access.

One method of protecting yourself is to run a Virtual Machine. This is an emulated Operating System, but that’s a bit overkill. You need to give it all the resources to run the operating system itself when all you want to run is one program.

At the same time, while I still recommend using anything but Internet Explorer as an improvement in security, it’s not as if Firefox, Opera and others are perfect. Ideally the programs you use that are connected to the web can only affect that connection to the web and itself, and nothing on your own system, such as files/folders, the registry or anything else that could potentially do harm, regardless of any exploit found in the browser itself.

This ideal is fully realised in the program Sandboxie.

I wrote a program in college for a report on web security that allowed me to replace Internet Explorer with Notepad via ActiveX code embedded in a web-page. Sandboxie completely thwarts this kind of exploit.

You can set specific directories as accessible for a browser, such that you can still download files to your computer yet not expose anything at all important.

Sandboxie also adds the ability to right-click any program and have it run in Sandboxie quickly and easily. Additionally, for heavily used programs such as a web-browser, you can set program shortcuts to run directly in Sandboxie by right-clicking the shortcut, then adding the Sandboxie shortcut before your program shortcut in the shortcut text field, so that it looks something like this:

“C:\Program Files\Sandboxie\Start.exe” “C:\Program Files\Internet Explorer\iexplore.exe”

This, finally makes Internet Explorer secure.

If you’re thinking, “What about Trojans?” well, good question for one. When installing programs, you can create give the .exe only access to the installation directory and nothing else, allowing an installation while sandboxed and protected. Consequently, it can be used as a method of avoiding registry bloat.

The only downside here is that the program is essentially a 30-day trial before it starts begging for money. But given the amount of time spent with malware issues, the amount of resources wasted on antivirus, 20 Euros is a pretty good investment for near web invulnerability.

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: