Sandbox Your Apps With Sandboxie
I recently found Sandboxie, a Windows app that creates a sandbox where programs can run without touching your actual OS. When the apps try to write data to your harddrive, it is written to a cache and kept seperate from your real data. This prevents any malware from being installed in your Windows directory, or hijacking any other files. When you’re done using the sandbox, you can choose to recover some files (move them back to your real harddrive) or erase them. It has a lot of powerful configuration options that allow you to do things like:
- Set a whitelist so only specified programs can be launched or access the Internet
- Block any access to sensitive folders (like your taxes)
- Use a secure erasing program to completely delete any left over data
- Set Sandboxie to delete any leftover data after you close all programs.
- Keep your Sandboxie data in a TrueCrypt volume, which ensures any data in the sandbox is encrypted
For example, you could create a sandbox that only allowed FireFox.exe to be started, and only allowed FireFox.exe access to the Internet. If you downloaded any malware, it couldn’t even be started. And once you closed Firefox, the malware would be securely erased (along with your history, cookies, and temp files if you desired).
All of this is done with a fairly low performance hit (unlike running a virtual OS in something like VMware). Sandboxie is free to try, and costs around $30.
