Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Has Sandboxie any outbound protection ?

Started by John Bull , Oct 09 2011 05:23 AM

  • Please log in to reply

#1
John Bull
Posted 09 October 2011 - 05:23 AM

John Bull

    Member

  • Member
  • PipPipPip
  • 160 posts
Has Sandboxie any outbound protection ?
I apologise for raising this specific question, but I have searched the web, including the SBxie FAQ`s and found no answer.

I have used SBxie Free version for years, taken part in long Forum discussions and am very familiar with it, but I still do not know how secure if indeed at all SBxie is regarding outbound data. Inbound threats - no problem, I understand exactly what happens.

Is it possible for a member who is very conversant with SBxie to answer what is I suppose is a simple question, which I am still in the dark about after many years of experience?

Question ?

Does SBxie prevent the outbound theft of personal data ( ID theft, financial data, credit card data etc.) from within the virtual sandbox by malicious infections and other active threats ?

My system is Windows XP Home 2002 with SP3.
AVG 2011, ZoneAlarm FW, NoScript, ABP, KeyScrambler.
Sandboxie and browser = Firefox.

Many thanks
  • 0

Advertisements

#2
michaelg9
Posted 09 October 2011 - 06:33 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello John Bull

If I understand correctly, you're wondering if you run a sandboxed data theft that tries to connect to a server to send the data it has stolen, will sandboxie prevent that?
  • 0

#3
John Bull
Posted 09 October 2011 - 05:50 PM

John Bull

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 160 posts

Hello John Bull

If I understand correctly, you're wondering if you run a sandboxed data theft that tries to connect to a server to send the data it has stolen, will sandboxie prevent that?


Hello Trusted, I suppose the answer to your kind reply is YES, exactly.

I am happy with threats being locked inside the Sandbox and cannot get out to infect my system, being deleted on shutdown - fundamental Sandboxie procedure. But now I am asking if threats that enter the sandbox can actively steal data via the outbound and presumably unprotected route.

My understanding whilst it may be wrong, is that Sandboxie is an impenetrable barrier against internal infection, but has no control over outgoing activities operating within the virtual sandbox.

IF a threat needs to parasitically infect an internal PC program or file before it can become active, then obviously their presence in the sandbox becomes inert and does no harm. But if they can extract data from within the sandbox, then that is what I am asking for information about.

Thanks

Edited by John Bull, 09 October 2011 - 05:52 PM.

  • 0

#4
michaelg9
Posted 12 October 2011 - 06:10 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello

It depends. Let's say that you run an information stealing program and its method of infecting isn't blocked by sandboxie (installing drivers / services / hooks etc). Then this nasty can read sensitive information stored on your computer, unless you set what locations it can access. Then if it's ready to send them out, as far as I know, the default settings it's to allow programs to access the web, so it can send them out unless you restrict access to the web.

So the answer is that if you set the correct (for this case) settings, you're most probably safe from a sandboxed information stealing program. Note that the correct settings aren't the default ones, as the default ones allow any program to access directories you have sensitive information stored, and access the web

I hope this answers your question
  • 0

#5
John Bull
Posted 12 November 2011 - 05:45 PM

John Bull

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 160 posts

Hello

It depends. Let's say that you run an information stealing program and its method of infecting isn't blocked by sandboxie (installing drivers / services / hooks etc). Then this nasty can read sensitive information stored on your computer, unless you set what locations it can access. Then if it's ready to send them out, as far as I know, the default settings it's to allow programs to access the web, so it can send them out unless you restrict access to the web.

So the answer is that if you set the correct (for this case) settings, you're most probably safe from a sandboxed information stealing program. Note that the correct settings aren't the default ones, as the default ones allow any program to access directories you have sensitive information stored, and access the web

I hope this answers your question

Hello again Michael,

Your reply is perfect and thank you so much.
John
  • 0
Back to Applications · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Software
  3. Applications

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP