|
|
|
Safe haven?
Malware, spyware and adware have plagued the internet for years, with no end to the menace in sight yet. Although companies like Microsoft and AV Vendors are focusing on delivering anti-spyware products, their technologies focus more than anything on the traces of malware on a user’s computer.
All this is fine and well, but to deal effectively with the problem it’s important also that browsers are prevented from accessing physical disk so that no file is altered, created or deleted — thus preventing system changes caused by online threats.
This is exactly what Sandbox IE does. It’s a free tool that sits between your computer and browser interface, ensuring that your online activities will not have any impact on the file system.
Sandbox IE is particularly designed to address the overwhelming number of vulnerabilities discovered in Microsoft IE, but it secures other browsers as well. Sandbox installs itself at a lower level, enabling it to start processes and to monitor them. So, while installing it, AV products should be disabled or they may regard Sandbox IE as a threat.
Once installed, the program appears in the system tray. Double-click the icon to open Sandbox IE Control. This window displays all the sandboxed processes. From this window you can start any application.
Go to File < Internet Explorer < Default Browser, and the Email Reader will appear by default, along with the option of specifying full path using Run and selecting a program from the Start menu. This creates a copy of the Start menu at screen’s top left corner.
Any application that you start from within this control environment relies on a special ‘transient area’ created by Sandbox IE to perform its operation. Let us see how it works.
Go to File, select ‘Run Program’ and type ‘Notepad’. Notepad window appears with title bar showing a hash sign. Enter some text and save the file on the desktop. Exit from Notepad and switch to desktop — the file is not there! Similarly, if you open a file in sandboxed Notepad and make alterations to it, the file cannot be viewed from outside sandboxed Notepad.
This happens because Sandbox IE creates a sandbox to store all the file changes and until you commit the changes or discard them altogether, the changes are not reflected back to actual disk — thus protecting the system integrity against all sorts of modifications.
Go to File > Recover Files From Sandbox to view all the available files, which can be restored to their original locations or to a new folder. Then use File > Delete Contents of Sandbox to delete all the files.
Note that the files that are edited are placed in replica folder hierarchies, which can be browsed using File > Explore Contents of Sandbox. For different editing performed you will find folders like ‘Harddisk-Volume1’ under which edited files can be found. You can manually copy the changed files as well.
These changes are saved in the folder defined, using Options > Set Sandbox Top-Level Folder. The path entry supports generic names like %AppData%, which are in fact environment variables.
Configuration of this program is based on Sandbox.ini file, which can be edited and reloaded using Options > Edit Configuration and Options > Reload Configuration. Other options include control over system startup, quick launch default browser link, desktop shortcut, IE toolbar integration and auto cleanup options.
For registered users, Sandbox IE allows Program Alerts in case a listed program attempts execution outside the sandbox and Forced Programs, a list of programs that are automatically sandboxed even if begun outside Sandbox IE.
Attachments
Sandbox IE can be used to view email attachments, trapping the harmful elements in the sandbox automatically. The support is there for Outlook Express at this time.
Installing a new program can cause undesirable results, especially if it meddles with OS or network settings. Using Sandbox IE, you can safely perform installation tests as no actual changes take place. If a system file is required for alteration, the file is brought into the sandbox as a copy for making the changes.
There is also an option of limiting the size of such files and prompting a warning message, using Options > Set File Copying Options. Once the test is over, and if it is not a useful one, it can be discarded easily, without any traces like orphan entries, dead links and shortcuts.
< nizar.ali@ gmail.com >
|
|
|
|
