Sandboxie: Blocking Web-Based Malware From Your PC
Malware can hop on to your PC from even trusted sites, but the free Sandboxie application effectively blocks it.
Now that Windows does a reasonably good job of self-updating, the bad guys have taken to attacking other software, such as the Adobe Acrobat Reader and the Flash player plug-in, which don't automatically install patches as well as Windows does. And, up to date antivirus software only provides limited protection.
The bottom line: just viewing a web page can infect a Windows computer.
Enter Sandboxie, an excellent program that builds a virtual sandbox around your web browser, making it impossible for your computer to accidentally get infected.
Programs running a sandbox can, by default, see everything on the computer. What they can't do is make any permanent changes.
When sandboxed programs try to read files, Sandboxie does not interfere. However, when they try to create new files, Sandboxie intercepts the requests and creates the files in another location. The running program is oblivious to this re-direction. It thinks it's talking to Windows, but it really is talking to Sandoxie. The movie The Truman Show offers a pretty good analogy.
If anything malicious gets accidentally installed on your computer while browsing with a sandboxed browser, it lives only in the sandbox. Specifically, the malware may think it got installed into C:\Program Files, but it actually lives in
Empty the sandbox and the malicious software is gone.
This is shown visually on the home page of sandboxie.com. The initial state of a computer is shown below:
The top checkerboard pattern illustrates a hard disk with no sandbox. In the bottom one, the virtual sandbox is shown as a yellow box.
When a program runs, the changes it makes to the file system and the hard disk are shown as red boxes. In the image below we see that normally the red boxes/changes are scattered all over.
However, Sandboxie forces all changes made by a sandboxed program to live inside the sandbox. If any of the changes are not wanted, just empty the sandbox.
If this sounds like virtualizaiton, it is. But it's small, lightweight virtualization, whereas full blown virtualization products are large and cumbersome. Also, the changes Sandboxie makes to your computer are minimal compared to full-fledged desktop virtualization software like that offered by VMware.
Has a problem occurred to you? Most likely, there is a simple solution. Sanboxie is nothing if not a well thought out program.
If you don't want malware on your computer, even if it's sandboxed, you can configure a sandbox so that all changes made by any program are discarded as soon as the last program in the sandbox shuts down. You can see this below:
There are two sandboxes on this computer, the default one and another called ThrowMeAway (I chose the name). As the name implies, all changes made in this sandbox are always discarded. If you really want a private browsing mode, this beats them all.