Bitcoin Forum

So in this day and age of so many online threats; malwares, ransomware, wallet stealing software, phishing, etc.

Is there a way to run something in an isolated environment where it cannot infect your actual pc or steal from hotwallet?

I saw something on virtual pc, vmware, sandboxie, and comodo sandbox, are they all the same?

The most handy way would be to run the software in a virtual machine.
The more safer way would be to run it on a second dedicated PC.


Generally, yes.
But VirtualBox [1] (from Oracle) and VMware [2] are the most reputable.
You should also keep in mind that this is not 100% safe. There also has been found exploits to escape the safe environment of a virtual machine.
For example: Pown2own hacking contest in march, this year: https://www.pcworld.com/article/3182816/security/pwn2own-hacking-contest-ends-with-two-virtual-machine-escapes.html (https://www.pcworld.com/article/3182816/security/pwn2own-hacking-contest-ends-with-two-virtual-machine-escapes.html)
These exploits arleady have been fixed. But the possibility of breaking out does exist.
Of course, there isn't a high risk. Most of the malware trying to steal private keys, wallets are coded extremely bad. But you should be aware of the possibility.

[1] https://www.virtualbox.org/ (https://www.virtualbox.org/)
[2] https://www.vmware.com/ (https://www.vmware.com/)

I mean if Sandboxie does the same job as VirtualBox and VMware, than I'd rather jsut use Sandboxie as it's so simple and fast.

Sandboxie requires you save files on storage drives. It works different them virtual machines.

You may wish to look into https://qubes-os.org (https://qubes-os.org), it's designed to make it quite easy to isolate applications. So you can run untrusted software, and if it turns out to be a virus, oh well, the rest of your system is completely safe.

Sandboxie is free and super easy. Has the same properties than a virtual machine but you can sandbox specific applications. If you want to create a complete environment and run insecure software then a virtual machine is the best option.

I am a holder, so I dont have many transactions to do.
I think the best option is to use a dedicated PC (or a Raspberry Pi, if you have one) for your transactions.
Virtualbox is an option but I dont know how safe it is.
You could also buy a Ledger/Trezor for sending money and use your PC with a virtuabox for more security.

Sanboxie might be simplier and faster to set up.. but security-wise it is pretty weak.
A huge amount of exploits have been found in 2013. Since then a lot of improvements have been done.
But i wouldn't rely on the 'features' of sandboxie. VM's would definetly be safer.
You can read more about the vulnerabilities/attacks on sandboxie here: https://bromiumlabs.files.wordpress.com/2013/07/application_sandboxes_a_pen_tester_s_perspective2.pdf (https://bromiumlabs.files.wordpress.com/2013/07/application_sandboxes_a_pen_tester_s_perspective2.pdf)

But you should always keep in mind that a PC connected to the internet is never a safe way to store your coins.
You should only store an amount on your hot wallet PC which you can afford to lose.

It's better to use cold storage for the majority of your coins, and a hot wallet for transactions.
Split your coins in several addresses.