Better Security Through Sandboxing

by Dan

Have you ever felt like messing around with viruses to see what they can do? Or perhaps testing an application to see if it contains a virus or not? Or maybe messing around with your computer without risking destroying it? With Sandboxing you can do all of these and more, its main purpose was for security and testing, but you can always take it to the next level and use it for anything that comes to your mind.

What is Sandboxing?

Sandboxing is a method that we use to restrict applications from interacting with our PC in places where they should not interact, you could call it a kind of a Windows security tool. There are various methods and ways that you can use Sandboxing and there are also applications that use Sandboxing from the moment you install them.

For example, let’s take Google Chrome. You can install any extensions you want to it, but these applications will not be able to do anything that is outside of Google Chrome unless you give them permission to do so of course. So that’s a good example of Sandboxing, by restricting your installed extensions on your browser and the websites that you view from it to interact with your PCany further than required, you get an additional layer of protection.

But that is a case where the application was Sandboxed by default, what if we wanted to sandbox a random application that we found online to make sure that it doesn’t have a virus or to simply make sure that it won’t see anything that it is not supposed to see on our PC? Not only it is possible to sandbox any application that you want, but you could also use an entire OS that is sandboxed, we’ll get there in a minute though.

One great application to sandbox applications is Sandboxie. Sandboxie can sandbox one application at a time and by that restricting it from doing anything unnecessary to your PC. The paid version enables you to run as many applications as you want. While that is a very simple and fast way of Sandboxing applications, I would not recommend it.

Sure this is better than running a potentially dangerous application right out of your system, but it’s still not quite enough to provide the maximum possible protection because Sanboxie by itself relies on your system files in order to function correctly and that could lead to damage. There is another way to make sure that an application will not damage your system or mess with your files, and that is called a Virtual Machine.

A Virtual Machine can run a whole Operating System sandboxed, so it is something like running Windows 7 alongside Windows 7 at the same time. By running a whole OS in a virtual machine, you can be sure that nothing can touch you and your files because that virtual OS has nothing to do with your host OS and anything in it.

Please note that malware removal tools must be tested against malware only in Sanboxed environment.

A VM machine that I was pleased with was Oracle’s Virtualbox. I was able to run any OS that I had in mind and I had endless fun by experimenting with viruses and with applications that normally I would not mess around even if you had paid me, all in all, it worked fine for me, so I recommend this method for Sandboxing.

How it works

Each method of Sandboxing uses a slightly different method to sandbox an application. In the case where applications come pre-installed with Sandboxing such as Google Chrome, the application simply gives very low rights and privileges to everything that runs through it, in reality, the actual application has low privileges which gives it an extra layer of protection.

In case you didn’t know, one of the reasons as to why Windows is more exposed to viruses compared to other Operating Systems is because the user (you) has administrator privileges, that gives to you and to any application that you install the freedom to do anything with your PC and its files. So applications that come sandboxed by default, simply restrict anything that interacts with them from interacting with anything else than them by giving them low privileges.

Please note that while using

When it comes to applications that can sandbox other applications, they simply restrict them from having access to anywhere that is not absolutely necessary for them to have access to. However, experienced hackers could bypass this kind of restriction, so this is not the safest way to sandbox applications and to check them for viruses and malicious behavior.

A virtual machine will run a whole OS using your current OS as a host, in that way all applications that you try on it will run in their native environment without having access to your PC at all. The bad thing is that this takes a lot of storage space and it’s time-consuming. But it’s absolutely safe to mess around and try any application that you want on it.

The bad thing is that some viruses can detect whether you’re running them on a virtual OS or on your actual PC, when they detect that they are being tested on a VM they will not perform any malicious actions in order to fool you into thinking that they are legitimate applications. So, while VM’s are not perfect for keeping yourself safe, they are definitely the safest among this whole Sandboxing thing.

Advantages of Sandboxing

  1. Good for testing applications
  2. Offers an additional layer of protection
  3. Easy to use

Disadvantages of Sandboxing

  1. Unable to offer complete protection
  2. The best way to use this method is too much time consuming
  3. It can be frustrating


Alright, so all in all, Sandboxing surely offers an additional layer of protection and it is really useful in some occasions such as browsing the web or testing applications for malicious behavior. But it’s simply not enough on its own to keep us safe from viruses and malware, it’s great if you want to use it with other security methods, but that’s all.

I wouldn’t recommendto completely rely on it. There are other methods that can enhance your security and compared to running a whole VM, they are not that much time-consuming. Let’s get right into it and see what else we can do.

More ways to stay protected

It goes without saying that you must be wary of any suspicious looking websites, emails, links, documents and everything in between. To be honest, there is absolutely no security application that can protect you from scammers that trick you. You must use your intuition and knowledge to determine if someone is trying to scam you or if he is a legitimate person. So first of all, be wary and don’t do anything stupid.

Other than that you should always have an Antivirus and an Anti-Malware installed to your PC so that you can stay safe from viruses and malware, and when I say an Antivirus and an Anti-Malware, I mean both of them, not just the one or the other.

I know that installing two security applications at the same time is bad for your PC, but that only applies when you install two Antivirus programs or two Anti-Malware ones. As long as you use only one Antivirus and only one Anti-Malware program at the same time you should be fine. Just make sure that they don’t scan for viruses at the same time because that could lead to interferences and you wouldn’t want that.

The reason that I’m telling you to install both an Antivirus and an Anti-Malware, is because they work in a different way. An Antivirus will look for older kinds of threats while an Anti-Malware for newer ones.

Keep in mind that there is no best Antivirus or best Anti-Malware, it all comes down to preferences and needs. So do your own research and pick the one that mostly suits your needs and your budget.

Related Posts