1 00:00:00,940 --> 00:00:06,400 Next is Sandboxie, or SandboxIE, which is an excellent sandbox 2 00:00:06,700 --> 00:00:10,240 that I recommend for Windows. It is shareware software. 3 00:00:10,320 --> 00:00:13,179 The free version is missing a few features 4 00:00:13,180 --> 00:00:14,940 which are available in the paid version. 5 00:00:15,220 --> 00:00:17,459 And after 30 days of use, the free version 6 00:00:17,460 --> 00:00:19,239 displays reminders to upgrade you 7 00:00:19,240 --> 00:00:21,780 to the paid version, but remains functional. 8 00:00:22,450 --> 00:00:24,919 The missing functionality is to automatically 9 00:00:24,920 --> 00:00:28,360 run programs under Sandboxie even when they are 10 00:00:28,440 --> 00:00:30,980 not started directly through Sandboxie. 11 00:00:31,480 --> 00:00:33,260 This could be quite a useful function 12 00:00:33,400 --> 00:00:34,540 and maybe you might need it. 13 00:00:35,130 --> 00:00:39,480 Programs can be forced by name or by containing folder. 14 00:00:40,100 --> 00:00:42,219 Another missing feature is running programs 15 00:00:42,220 --> 00:00:44,600 in more than one sandbox at the same time, 16 00:00:44,840 --> 00:00:47,580 which again could be useful. Prices are here. 17 00:00:48,200 --> 00:00:50,639 Sandboxie is very simple to use out of the box, 18 00:00:50,640 --> 00:00:52,819 but if you want to get the most out of it, 19 00:00:52,820 --> 00:00:55,939 you will need to spend a little time configuring it 20 00:00:55,940 --> 00:00:58,120 and working out what features they offer 21 00:00:58,430 --> 00:01:01,160 so you can configure it to use it in the way you need. 22 00:01:01,540 --> 00:01:04,760 Just download it as normal and install it. 23 00:01:06,620 --> 00:01:09,460 It’s your usual, simple Windows install. 24 00:01:14,160 --> 00:01:16,210 Or you can use Choco to install it. 25 00:01:16,490 --> 00:01:18,200 Let’s do a search here for Sandboxie. 26 00:01:20,240 --> 00:01:23,720 So you can see these two versions. One that actually installs. 27 00:01:28,560 --> 00:01:29,560 It’s installing. 28 00:01:32,560 --> 00:01:33,560 Downloading. 29 00:01:36,520 --> 00:01:40,810 And there we go. Installed. And there it is. 30 00:01:43,840 --> 00:01:45,759 And that’s what it looks like. And immediately 31 00:01:45,760 --> 00:01:48,990 is popping up asking me if I want to apply 32 00:01:49,130 --> 00:01:52,019 the configuration settings which will improve 33 00:01:52,020 --> 00:01:54,240 compatibility with these applications. 34 00:01:54,990 --> 00:01:59,540 So you can see here it’s the Windows and Office licensing service. 35 00:01:59,730 --> 00:02:01,899 So you’d either have to look into that as to whether or not 36 00:02:01,900 --> 00:02:04,030 that’s something you want it to do or not. 37 00:02:04,280 --> 00:02:06,050 But yes, it’s okay. 38 00:02:07,780 --> 00:02:09,640 I’ll give you some tips on Sandboxie. 39 00:02:09,840 --> 00:02:12,769 If you see in the bottom right here, the sandbox icon is there. 40 00:02:12,770 --> 00:02:15,440 You can right-click on here. And if you go up here, 41 00:02:16,080 --> 00:02:19,319 this will show you here the sandboxes that you have. 42 00:02:19,320 --> 00:02:22,010 At the moment, it’s just the default sandbox 43 00:02:22,180 --> 00:02:23,600 which comes when you install it. 44 00:02:24,050 --> 00:02:28,299 If you go up here, you can run each of these within a sandbox. 45 00:02:28,300 --> 00:02:31,119 Your default web browser, email reader, 46 00:02:31,120 --> 00:02:34,450 you can launch any program through the sandbox, 47 00:02:34,810 --> 00:02:39,450 or through the start menu, or through Windows Explorer. 48 00:02:42,720 --> 00:02:45,380 The way I tend to run things is just by right-clicking 49 00:02:46,040 --> 00:02:47,790 and then run Sandboxed, 50 00:02:49,650 --> 00:02:52,750 and then it will give you a choice of which sandbox you want to use. 51 00:02:53,210 --> 00:02:55,970 You have different settings per sandbox. 52 00:02:56,350 --> 00:03:00,079 So I can choose here the default sandbox, or to run outside the sandbox. 53 00:03:00,080 --> 00:03:03,480 Obviously I want to run it as the default sandbox 54 00:03:03,640 --> 00:03:06,260 and I don’t want to run it as administrator. 55 00:03:08,520 --> 00:03:11,600 So there, Firefox has started within the default sandbox. 56 00:03:11,900 --> 00:03:13,599 And you can tell it’s in the sandbox 57 00:03:13,600 --> 00:03:16,800 because you can see this yellow box around it. 58 00:03:17,420 --> 00:03:20,409 So now that is protected by the default sandbox, 59 00:03:20,410 --> 00:03:22,119 and you can see this icon is changed. 60 00:03:22,120 --> 00:03:25,970 It’s got some red dots on it because the sandbox is in use. 61 00:03:26,420 --> 00:03:31,600 If I right-click on here again, go to Show Window, 62 00:03:32,400 --> 00:03:34,000 this here is the sandbox, 63 00:03:34,400 --> 00:03:37,220 and you can see what’s running within the sandbox. 64 00:03:37,520 --> 00:03:40,220 And there obviously you can see that Firefox is there 65 00:03:40,400 --> 00:03:44,960 and the accompanying processes that sandbox itself requires. 66 00:03:46,440 --> 00:03:49,179 Now, I can configure this default sandbox 67 00:03:49,180 --> 00:03:52,960 or the sandboxes that I want to use. 68 00:03:53,360 --> 00:03:56,060 I go here, Sandbox Settings. 69 00:03:56,960 --> 00:03:59,980 Make sure these two are ticked so that you can see a border 70 00:04:00,460 --> 00:04:03,370 around the windows because what you can do is 71 00:04:03,420 --> 00:04:07,580 accidentally think you're running something in sandbox and you're not. 72 00:04:08,120 --> 00:04:11,170 So it’s always useful to have a yellow border around it. 73 00:04:13,260 --> 00:04:14,260 Go to Recovery. 74 00:04:16,200 --> 00:04:19,460 When you close your sandbox or the browser in this case, 75 00:04:19,940 --> 00:04:23,849 it will delete content or ask you if you want to delete 76 00:04:23,850 --> 00:04:27,040 content that you may have downloaded in this folder here. 77 00:04:27,210 --> 00:04:31,950 But what’s set up automatically is what’s called Immediate Recovery. 78 00:04:32,160 --> 00:04:34,300 Now let me show you what Immediate Recover is, 79 00:04:34,490 --> 00:04:37,600 and it is quite useful. So, let’s go here. 80 00:04:41,025 --> 00:04:43,472 So I’m choosing to download the file here just to demonstrate. 81 00:04:43,473 --> 00:04:46,472 I’m choosing the file SDelete because we are going to use that later. 82 00:04:46,888 --> 00:04:50,417 So let’s download that, save it, 83 00:04:52,885 --> 00:04:54,691 and then this is what comes up. 84 00:04:54,692 --> 00:04:57,577 This is because we’ve got immediate recovery set. 85 00:04:58,080 --> 00:05:01,813 So instead of storing this within the sandbox straight away, 86 00:05:01,814 --> 00:05:04,844 what it does is it says, “Do you want to store it in the sandbox, 87 00:05:04,845 --> 00:05:08,066 or do we want to immediate recover it out of the sandbox 88 00:05:08,320 --> 00:05:10,733 and put it within the real file system?” 89 00:05:11,093 --> 00:05:13,066 So we can recover it here if we want. 90 00:05:14,333 --> 00:05:19,133 We can recover and explore. We can recover and run. 91 00:05:19,973 --> 00:05:21,922 So what I'm going to do is I'm going to close it here, 92 00:05:21,946 --> 00:05:24,946 and this means it’ll be saved to the sandbox 93 00:05:25,120 --> 00:05:26,766 and not the real file system. 94 00:05:30,700 --> 00:05:33,300 So on the View, Files and Folders, 95 00:05:36,711 --> 00:05:39,140 we can see there it is downloaded, 96 00:05:39,220 --> 00:05:42,450 SDelete.zip in the Downloads folder. 97 00:05:45,770 --> 00:05:49,430 Now, if you look in the Downloads folder, it isn’t there. 98 00:05:52,123 --> 00:05:55,243 Actually it is there. This is a version I downloaded previously, 99 00:05:55,744 --> 00:05:58,512 but the version I've just downloaded isn’t there 100 00:05:59,048 --> 00:06:01,931 and because that is a zip file. 101 00:06:02,102 --> 00:06:06,274 So the SD zip file isn’t here. 102 00:06:06,480 --> 00:06:08,514 It isn’t in the Downloads folder. 103 00:06:11,080 --> 00:06:16,380 Now, if I was to run Explorer, sandboxed, 104 00:06:18,300 --> 00:06:21,219 with the default sandbox, the Explorer would 105 00:06:21,220 --> 00:06:23,710 be able to see what is in the sandbox. 106 00:06:25,130 --> 00:06:30,480 So, if I go in Downloads here, there we can see 107 00:06:30,680 --> 00:06:34,760 the SDelete that is within the default sandbox. 108 00:06:35,200 --> 00:06:36,860 And you can see here this is yellow. 109 00:06:39,880 --> 00:06:44,139 Close that. I go back here, and you can see 110 00:06:44,140 --> 00:06:46,600 it isn’t there when you're not sandboxed. 111 00:06:48,860 --> 00:06:53,520 So let’s go back to our Options. Default, Sandbox Settings. 112 00:06:56,200 --> 00:06:58,479 So there’s our Recovery options. This is set for 113 00:06:58,480 --> 00:07:00,331 the Immediate Recovery. But you don’t 114 00:07:00,332 --> 00:07:01,999 necessarily have that set. 115 00:07:02,000 --> 00:07:04,672 You can choose at the end what you want to do 116 00:07:04,673 --> 00:07:06,706 with the files that have gone into the sandbox. 117 00:07:10,600 --> 00:07:11,600 Now Delete. 118 00:07:12,740 --> 00:07:14,659 It’s usually a good idea to automatically 119 00:07:14,660 --> 00:07:16,980 delete the contents of your sandbox 120 00:07:17,360 --> 00:07:19,419 when the sandbox is closed or the application 121 00:07:19,420 --> 00:07:21,700 that you’ve launched with the sandbox is closed. 122 00:07:22,080 --> 00:07:23,280 So I usually add this set. 123 00:07:24,420 --> 00:07:26,879 And then you’ve got the choice of Delete Command. 124 00:07:26,880 --> 00:07:29,599 So you can securely delete or write 125 00:07:29,600 --> 00:07:32,000 with random data or zeros and ones 126 00:07:32,180 --> 00:07:34,039 over the content that’s in the sandbox, 127 00:07:34,040 --> 00:07:35,179 and that’s a good idea. 128 00:07:35,180 --> 00:07:40,000 So you want to use SDelete or Easer if you like. 129 00:07:40,240 --> 00:07:41,840 So let me show you how you would do that. 130 00:07:42,780 --> 00:07:47,080 Select SDelete, and we know where we’ve put that. 131 00:07:48,800 --> 00:07:53,219 This is what I downloaded before. And there what you can see, 132 00:07:53,220 --> 00:07:58,864 is it creates a special command so that when it deletes, 133 00:07:59,728 --> 00:08:03,728 it deletes securely, or rather, it deletes multiple times. 134 00:08:04,240 --> 00:08:05,792 This is three passes. 135 00:08:07,632 --> 00:08:11,280 You can get both Eraser and SDelete with Choco if you want to, 136 00:08:14,496 --> 00:08:19,344 as an example. So that’s installed. 137 00:08:22,880 --> 00:08:24,592 And that will install Eraser. 138 00:08:25,856 --> 00:08:27,696 So back to Sandboxie. 139 00:08:32,944 --> 00:08:37,328 You can force processes or applications to run from a specific folder. 140 00:08:37,904 --> 00:08:40,224 That could be quite useful with things like autoruns. 141 00:08:40,736 --> 00:08:44,589 Now only for registered versions, paid for versions, 142 00:08:44,590 --> 00:08:46,656 can you force particular programs to run. 143 00:08:47,088 --> 00:08:49,392 This is a useful feature. So for example, 144 00:08:49,696 --> 00:08:52,816 your browser, your mail client would be good to add here 145 00:08:52,817 --> 00:08:55,389 so that it’s always run sandbox 146 00:08:55,390 --> 00:08:57,584 and you don’t forget to run it sandboxed. 147 00:09:01,008 --> 00:09:03,344 These programs will be automatically terminated 148 00:09:03,552 --> 00:09:06,672 if they are still executing in the sandbox 149 00:09:06,800 --> 00:09:09,456 after all the other programs have ended. 150 00:09:10,480 --> 00:09:13,184 This is the amount of space that the sandbox has 151 00:09:13,344 --> 00:09:15,360 in order to store downloaded files. 152 00:09:15,616 --> 00:09:18,284 48 MB isn’t particularly much. I always increase 153 00:09:18,285 --> 00:09:21,264 this to about 4 GB so I've got a fair bit of space. 154 00:09:21,632 --> 00:09:24,768 But I don’t always have it on Immediate Recovery. 155 00:09:25,120 --> 00:09:28,379 So I need to space in order to download the files 156 00:09:28,380 --> 00:09:30,208 and then make a decision on what I'm keeping. 157 00:09:31,232 --> 00:09:33,659 Restrictions here: you can prevent 158 00:09:33,660 --> 00:09:36,080 programs from accessing the internet, 159 00:09:37,248 --> 00:09:39,520 allow or deny programs to start and run, 160 00:09:40,624 --> 00:09:44,462 and you can drop the rights if you're running as administrator. 161 00:09:44,463 --> 00:09:46,400 You shouldn’t be running as an administrator, 162 00:09:46,864 --> 00:09:49,584 but select that anyway just in case that happens. 163 00:09:51,376 --> 00:09:53,888 Access restrictions: so if it’s a files, 164 00:09:53,889 --> 00:09:59,279 registry access, IPC, Windows access, COM, you can specify 165 00:09:59,280 --> 00:10:02,704 the sort of access that you want to allow the sandbox to have. 166 00:10:02,705 --> 00:10:05,097 So, do you want to give any programs 167 00:10:05,098 --> 00:10:08,866 full access, read access, write access? 168 00:10:09,444 --> 00:10:11,164 Do you want to block anything in particular? 169 00:10:12,022 --> 00:10:14,844 Generally, you want to give as little access as possible. 170 00:10:16,577 --> 00:10:20,511 And then there’s Specific Application Settings that you can make. 171 00:10:20,755 --> 00:10:22,400 So here we’ve got Firefox. 172 00:10:23,511 --> 00:10:27,000 This is allowing a direct access to the phishing databases. 173 00:10:27,488 --> 00:10:29,155 That can be okay for security. 174 00:10:30,200 --> 00:10:32,711 And perhaps you want to keep cookies, 175 00:10:33,222 --> 00:10:34,955 so you may have – so instead of 176 00:10:35,000 --> 00:10:37,803 the sandbox being unable to access the cookies, 177 00:10:37,804 --> 00:10:40,186 you may want to add the access there. 178 00:10:43,832 --> 00:10:48,480 And then Specific Settings for various different Email Clients. 179 00:10:49,142 --> 00:10:50,697 So there you go, that’s Sandboxie. 180 00:10:51,188 --> 00:10:53,471 If you're using Windows, there’s no reason 181 00:10:53,472 --> 00:10:55,896 really why you shouldn’t be using Sandboxie 182 00:10:56,136 --> 00:10:59,519 or some other sandbox alternative in order to 183 00:10:59,520 --> 00:11:02,056 give you that extra layer of sandbox protection. 184 00:11:03,736 --> 00:11:05,524 This is a good document that I recommend. 185 00:11:05,525 --> 00:11:07,728 It goes through using Sandboxie with 186 00:11:07,729 --> 00:11:10,304 your browser and an email client. 187 00:11:10,336 --> 00:11:12,271 So check that out, go through it 188 00:11:12,272 --> 00:11:14,128 if you want to set up Sandboxie 189 00:11:14,129 --> 00:11:18,320 with a browser or Firefox and your email client. 190 00:11:19,440 --> 00:11:21,776 I’d also recommend the Sandboxie forums. 191 00:11:21,936 --> 00:11:24,079 That way you can find quite a lot of information, 192 00:11:24,080 --> 00:11:26,000 and if you’ve got any particular questions, 193 00:11:26,096 --> 00:11:28,192 it is a good, responsive forum.