Icy- (OP)
Newbie
Offline
Activity: 28
Merit: 0
|
|
June 21, 2011, 04:31:59 AM |
|
I haven't looked into this further, but I use to use this program for video games to prevent certain things from being detected with modifications on the game I was playing. I'm not sure if this would even work with bitcoin app, purhaps someone could take a look? Personally I don't understand whats going on with everyone left and right reporting getting their shit stolen, like shit what the hell. I hope something gets resolved to this ever growing serious problem. If the people who use bitcoin now are getting their ewallets stolen, then for sure the rest of the world will be even more likely to have this happen and be very turned off. Anyway, here is the site. http://www.sandboxie.com/Very easy program to use. Benefits of the Isolated Sandbox Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially. Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don't leak into Windows. Secure E-mail: Viruses and other malicious software that might be hiding in your email can't break out of the sandbox and can't infect your real system. Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox.
|
|
|
|
imperi
|
|
June 21, 2011, 04:33:05 AM |
|
I've been using this program for months now (even before I found Bitcoin). It would help, yes.
|
|
|
|
zhalox
Full Member
Offline
Activity: 176
Merit: 106
XMR = BTC in 2010. Rise chikun.
|
|
June 21, 2011, 04:43:07 AM Last edit: June 21, 2011, 05:47:33 AM by zhalox |
|
Sandboxie wouldn't protect your PC if a trojan read the wallet.dat file and secretly uploaded it to a foreign server. Sandboxie simply helps protect from writing malicious data to your HDD, not reading from it...
EDIT: Apparently the new version can block sandboxed programs from accessing certain directories...
|
|
|
|
imperi
|
|
June 21, 2011, 04:46:09 AM |
|
Sandboxie wouldn't protect your PC if a trojan read the wallet.dat file and secretly uploaded it to a foreign server. Sandboxie simply helps protect from writing malicious data to your HDD, not reading from it...
You can block all sandboxed programs from accessing the Internet except for your browser. edit: You can also set it so certain directories cannot be accessed by any sandboxed program.
|
|
|
|
Icy- (OP)
Newbie
Offline
Activity: 28
Merit: 0
|
|
June 21, 2011, 04:53:39 AM |
|
Sandboxie wouldn't protect your PC if a trojan read the wallet.dat file and secretly uploaded it to a foreign server. Sandboxie simply helps protect from writing malicious data to your HDD, not reading from it...
This is wrong.
|
|
|
|
Bunghole
Member
Offline
Activity: 64
Merit: 10
|
|
June 21, 2011, 04:54:49 AM |
|
How is Sandboxie any better than running Ubuntu (for example) in a virtual machine (like VMware or Virtualbox)?
|
|
|
|
imperi
|
|
June 21, 2011, 04:55:44 AM |
|
How is Sandboxie any better than running Ubuntu (for example) in a virtual machine (like VMware or Virtualbox)?
It's easy to setup. It's really efficient to launch your browser within it. Full virtual machines are clunkier. Sandboxie is streamlined for this specific task basically. Also, don't you like webpages to render quickly?
|
|
|
|
zhalox
Full Member
Offline
Activity: 176
Merit: 106
XMR = BTC in 2010. Rise chikun.
|
|
June 21, 2011, 04:58:30 AM |
|
I personally would recommend a VM or clean Linux system rather than Sandboxie. I use Sandboxie for other things, but believe me, malware exists that can break out of Sandboxie's "sandbox." By all means, feel free to use it if you want, but if you really want to maximize security, you'll see that the "paranoid"/security conscious actually end up winning
|
|
|
|
Icy- (OP)
Newbie
Offline
Activity: 28
Merit: 0
|
|
June 21, 2011, 04:59:38 AM |
|
I personally would recommend a VM or clean Linux system rather than Sandboxie. I use Sandboxie for other things, but believe me, malware exists that can break out of Sandboxie's "sandbox."
Same for VM Plus sandboxie is a lot easier to use and takes seconds to install.
|
|
|
|
imperi
|
|
June 21, 2011, 05:00:28 AM |
|
I personally would recommend a VM or clean Linux system rather than Sandboxie. I use Sandboxie for other things, but believe me, malware exists that can break out of Sandboxie's "sandbox."
You can't prove it. But sure, if you want to make up stuff, then go right ahead.
|
|
|
|
jkminkov
|
|
June 21, 2011, 05:16:48 AM |
|
How is Sandboxie any better than running Ubuntu (for example) in a virtual machine (like VMware or Virtualbox)?
you can see a trojan is making changes in that sandbox registry, installing itself somewhere and if it runs some not-anymore-hidden_executables
|
.:31211457:. 100 dollars in one place talking - Dudes, hooray, Bitcoin against us just one, but we are growing in numbers!
|
|
|
imperi
|
|
June 21, 2011, 05:21:23 AM |
|
Sandboxie was made specifically for this purpose. VMware was not.
Like jkminkov said, Sandboxie gives you great tools for seeing which files the sandboxed programs tried to modify or run. It also has other features I haven't explored yet.
I blocked off my %APPDATA%\BitCoin folder, and tested trying to open it with sandboxed Google chrome, and it didn't work, as intended.
|
|
|
|
zhalox
Full Member
Offline
Activity: 176
Merit: 106
XMR = BTC in 2010. Rise chikun.
|
|
June 21, 2011, 05:42:27 AM |
|
Sandboxie may be more secure at the present time, but it has been hacked in the past as seen by some quick googling: http://ssj100.fullsubject.com/t188-yet-another-proposed-sandboxie-bypasshttp://www.wilderssecurity.com/showpost.php?s=14a8705973037892395c6143a80d11ab&p=1709792&postcount=39http://www.wilderssecurity.com/showpost.php?p=1707945&postcount=77Fortunately, the developer of Sandboxie seems to be active in updating when vulnerabilities are discovered, which at least adds some additional security in that respect. I do acknowledge that I haven't fully investigated the latest version of Sandboxie, but my earlier post was simply responding as a former user of the program from a couple of years ago. For the version I used a couple of years ago however, my original post was still legitimate in the sense that Sandboxie's functionality (at that point in time) was to protect your PC from getting infected with malware that corrupts the system's integrity by writing data to critical system disk locations, but did not function as a complete HIPS/firewall, and did not stop malware (even running within the sandbox) from reading data from your PC. Just now, you've informed that you can supposedly block certain directories from access by sandboxed programs). According to some of you, apparently its features have grown substantially, so I may need to investigate it. As for me, I'm going to stick with keeping my BTC bank inside a VM on an encrypted virtual disk using a 40+ character password with multiple ciphers and an undisclosed hash algorithm
|
|
|
|
imperi
|
|
June 21, 2011, 05:44:12 AM |
|
As for me, I'm going to stick with keeping my BTC bank inside a VM on an encrypted virtual disk using a 40+ character password with multiple ciphers and an undisclosed hash algorithm Seems pretty bad-ass. Hopefully you're storing it in redundant places though?
|
|
|
|
zhalox
Full Member
Offline
Activity: 176
Merit: 106
XMR = BTC in 2010. Rise chikun.
|
|
June 21, 2011, 05:48:47 AM |
|
Most definitely of course, different locations, various encrypted backups. Heck, maybe I'll put a backup microSD card in my physical wallet lol
|
|
|
|
jkminkov
|
|
June 21, 2011, 06:25:24 AM |
|
sandboxie looks good as no external program can read its memory, but it just stores files unencrypted on hdd, so it is unusable only to run bitcoin inside a sandbox
|
.:31211457:. 100 dollars in one place talking - Dudes, hooray, Bitcoin against us just one, but we are growing in numbers!
|
|
|
imperi
|
|
June 21, 2011, 06:30:25 AM |
|
sandboxie looks good as no external program can read its memory, but it just stores files unencrypted on hdd, so it is unusable only to run bitcoin inside a sandbox
You have it backwards... bitcoin should be run outside of Sandbox, while your web-browser should be inside Sandbox.
|
|
|
|
jkminkov
|
|
June 21, 2011, 02:52:22 PM |
|
I just said that IF sandbox container had its content encrypted on hard drive, you can run that bitcoin.exe inside and no other app can't read its files or its RAM, upload that wallet somewhere or use script - to fake mouse moves, typing amount and sending it to another wallet.
|
.:31211457:. 100 dollars in one place talking - Dudes, hooray, Bitcoin against us just one, but we are growing in numbers!
|
|
|
elggawf
|
|
June 21, 2011, 02:57:29 PM |
|
I just said that IF sandbox container had its content encrypted on hard drive, you can run that bitcoin.exe inside and no other app can't read its files or its RAM, upload that wallet somewhere or use script - to fake mouse moves, typing amount and sending it to another wallet.
Except that sandboxes don't work that way. If you can invent a VM, jail, zone, or sandbox that protects it's contents from the host system, you will make millions selling it.
|
^_^
|
|
|
|