Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Has Sandboxie any outbound protection ?


  • Please log in to reply

#1
John Bull

John Bull

    Member

  • Member
  • PipPipPip
  • 146 posts
Has Sandboxie any outbound protection ?
I apologise for raising this specific question, but I have searched the web, including the SBxie FAQ`s and found no answer.

I have used SBxie Free version for years, taken part in long Forum discussions and am very familiar with it, but I still do not know how secure if indeed at all SBxie is regarding outbound data. Inbound threats - no problem, I understand exactly what happens.

Is it possible for a member who is very conversant with SBxie to answer what is I suppose is a simple question, which I am still in the dark about after many years of experience?

Question ?

Does SBxie prevent the outbound theft of personal data ( ID theft, financial data, credit card data etc.) from within the virtual sandbox by malicious infections and other active threats ?

My system is Windows XP Home 2002 with SP3.
AVG 2011, ZoneAlarm FW, NoScript, ABP, KeyScrambler.
Sandboxie and browser = Firefox.

Many thanks
  • 0

Advertisements


#2
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello John Bull

If I understand correctly, you're wondering if you run a sandboxed data theft that tries to connect to a server to send the data it has stolen, will sandboxie prevent that?
  • 0

#3
John Bull

John Bull

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

Hello John Bull

If I understand correctly, you're wondering if you run a sandboxed data theft that tries to connect to a server to send the data it has stolen, will sandboxie prevent that?


Hello Trusted, I suppose the answer to your kind reply is YES, exactly.

I am happy with threats being locked inside the Sandbox and cannot get out to infect my system, being deleted on shutdown - fundamental Sandboxie procedure. But now I am asking if threats that enter the sandbox can actively steal data via the outbound and presumably unprotected route.

My understanding whilst it may be wrong, is that Sandboxie is an impenetrable barrier against internal infection, but has no control over outgoing activities operating within the virtual sandbox.

IF a threat needs to parasitically infect an internal PC program or file before it can become active, then obviously their presence in the sandbox becomes inert and does no harm. But if they can extract data from within the sandbox, then that is what I am asking for information about.

Thanks

Edited by John Bull, 09 October 2011 - 05:52 PM.

  • 0

#4
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello

It depends. Let's say that you run an information stealing program and its method of infecting isn't blocked by sandboxie (installing drivers / services / hooks etc). Then this nasty can read sensitive information stored on your computer, unless you set what locations it can access. Then if it's ready to send them out, as far as I know, the default settings it's to allow programs to access the web, so it can send them out unless you restrict access to the web.

So the answer is that if you set the correct (for this case) settings, you're most probably safe from a sandboxed information stealing program. Note that the correct settings aren't the default ones, as the default ones allow any program to access directories you have sensitive information stored, and access the web

I hope this answers your question
  • 0

#5
John Bull

John Bull

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

Hello

It depends. Let's say that you run an information stealing program and its method of infecting isn't blocked by sandboxie (installing drivers / services / hooks etc). Then this nasty can read sensitive information stored on your computer, unless you set what locations it can access. Then if it's ready to send them out, as far as I know, the default settings it's to allow programs to access the web, so it can send them out unless you restrict access to the web.

So the answer is that if you set the correct (for this case) settings, you're most probably safe from a sandboxed information stealing program. Note that the correct settings aren't the default ones, as the default ones allow any program to access directories you have sensitive information stored, and access the web

I hope this answers your question

Hello again Michael,

Your reply is perfect and thank you so much.
John
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP