Essential Software: Sandboxing Programs

When it comes to surfing the Internet or trying out new software on our systems, there’s always a risk that the software in whatever form may compromise the security of our personal data.  Creating an environment that insulates our operating systems from potentially risky software/situations will reduce the margin for error..

Insulate your programs with Sandboxie

The concept of Sandboxie is pretty straight forward: instead of letting your programs have a free run of what and where they can write to your hard drive, you have the Sandboxie Transient Storage (Sandbox) key component acting as an intermediary each time you run a program from the Sandboxie environment.  The program will read it’s necessary data, eg; program files, configuration settings from the registry etc. from their real location on the hard drive.  Sandboxie makes it so that when the program running within a sandbox wishes to make a change to it’s data, the data is written to a corresponding (apparently identical) location within the sandbox – the program won’t know the difference.  When you stop the program and exit Sandboxie, the program’s information is retained.  Most importantly, the information is abstracted from your real system environment, so if you encounter a rogue program (malware or perhaps problematic beta software) running in a sandbox, any nefarious file-system activities will be rendered harmless to the operation of your system or data. 



Using the Sandboxie Control Program, you can conveniently select your default browser, email client, as well as choose to run any other programs from under the default sandbox provided or create a new sandbox.  The default view mode for the Sandboxie Control Program is the Programs View, which can be changed to the Files And Folders View, and is very useful for seeing exactly what is going on concerning sandboxed programs reading your system’s data, including files and registry entries and writing their data to the sandbox. 

Recovery/Storage Of Program Data

A useful feature in Sandboxie is Quick Recovery.  This feature allows you to select the Quick Recovery scan command, which will cause Quick Recovery to scan all locations marked as recoverable folders for any new/altered data.  Any relevant data found during the scan is presented with it’s real location (non-sandbox) recovery destination options to either Recover To Same Folder or Recover To Any Folder as well as giving you the ability to specify new recoverable folders to include in future scans.  Also, there is the Immediate Recovery feature, which will constantly monitor the designated recoverable folder locations for any new data which, once found will result in the Immediate Recovery dialogue box being presented with the same options; Recover To Same Folder or Recover To Any Folder, as with the Quick Recovery feature.

These recovery features are useful for backing up anything that you might actually value as a result of running programs in Sandboxie.  

Deleting Sandbox Program Data

You have the ability to clear the data from your sandbox in the Sandboxie Control Program – doing so will invoke the Delete Sandbox dialogue window, giving you a last chance to recover your information before deletion.  There is also the option to set Sandboxie to delete information automatically after the last of the sandboxed programs have been shutdown. 

A great additional security measure for your system

Sandboxie is a great addition to the security of your system, creating a great testing environment for software you aren’t sure about, or perhaps are, but want to see what a suspected malware application is up to by looking under the Files and Folders View at what is being accessed.  Sandboxie even provides the ability to prevent programs from reading certain data or registry keys by adding entries to the configuration file. 

Note: For more information on the restriction of a program’s read access within Sandboxie, look under these respective links: File access and Registry access. 

Version at the time of writing supports: Windows 2000, XP, 2003, Vista (32-bit). 

Note: Windows XP 64-bit will work, however you must first remove Windows Update KB932596

Here is the URL for this essential software:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: