Replies

I have always been a follower of the ‘Run your browser in a sandbox’ camp. I am not sure why this practice is not more widely used. To my mind all browsers are insecure because of one major overlying design ‘feature’…. by default, a browser allows 2 way interaction between a web page and your PC it has to. So nothing you do over the internet can be trusted… ever. It makes sense then that your browser sessions should be run in a crash and burn environment. There are two options… running the browser in a virtual environment (a little challenging for the average non tech user) or in a sandboxed environment. While I have noted some Windows Secrets writers have mentioned SandboxIE in the past, it has never really caught on. While it does not prevent infection on the session itself, it really does not matter… once you delete the sandbox, the infection (of any kind) is removed from your PC. This includes Cryptolocker and its relatives. Whatever it encrypts within the sandbox is not needed anyway. I would like to hear counterpoints if there are any. Thanks.