Quote:
Originally Posted by Stuart
It also appears to offer little or no protection against attacks where a virus infects another machine on the network, then starts scanning that network for other machines it can infect. All they need is a network share with bad security and the ability to create processes on a remote machine. Both things that SandboxIE probably will not protect against, and therefore would be unable to sandbox the virus.
|
This is a very good point that I missed. Even if Sandboxie's protection of your own machine were 100% perfect, allowing web browsing through it by nature depends on allowing applications to send and receive network data. In addition to your example, they could also use remote code execution exploits against other machines on your network, not necessarily even PCs. They could infect your phones, tablets, consoles, and so forth, all from within the sandbox. And any virus out to steal your data could easily do so, and send that data back to it's creator, well before you close down the sandbox. Sandboxie
could potentially block that by blocking local network access, but that's not it's job, that's the job of a firewall or IDS.