The installation of Sandboxie is fast and completes without the need to restart the system. The program runs a compatibility check at the end of installation and displays programs it can improve compatibility with in a list.

The main program interface has not changed since our first review of the program in 2008. But that’s not necessarily a bad thing, as it is highly functional. The program ships with a single sandbox but provides options to create new ones. It is not really necessary to configure multiple sandboxes as multiple programs can run in one. It does have benefits though. Each sandbox comes with its own set of rules to configure. Running programs in different sandboxes makes sure that they are isolated from each other as well as from the system.

Sandboxie can run virtually any program in its own virtual space: from web browsers and email clients to Microsoft Office applications and Windows Explorer.

Running applications in sandboxes has implications. Data saved by sandboxed programs for instance is only saved temporarily in the virtual space. Sandboxie does however offer comfortable options to deal with data that needs to be written to the local system (like program updates or downloads).

Lets take a web browser as an example. If you run Internet Explorer in a sandbox you cannot download files to your system. The download works as intended but when you close IE the files get closed as well. Sandboxie ships with a recovery feature that can move files out of the sandbox so that they are stored permanently on the system. This is an automatic process.

Another option to move files out of the sandbox is the quick recovery option which becomes available in the right-click context menu in the main application interface (not automatic).

Both programs scan folders like downloads, favorites or documents on the computer. Additional folders can be added to the configuration, for instance to include different download locations on the PC.

Sandboxie furthermore offers pre-set options for popular applications like email readers, web browsers or download managers. Here it is for instance possible to allow Firefox to save browsing sessions, enable Outlook to access the mailbox or to improve the use of dozens of additional applications.

The developer has added comfortable options to his application to make the program more convenient to use. Immediate recovery is one of those options but there are others, including options to force run applications in a sandboxed environment, and to configure files, Registry keys or hardware that is directly accessible by applications running in a particular sandbox.

It only takes a couple of clicks to run programs in the sandbox. Right-click a sandbox in the main program window and select run sandboxed. A selection menu is displayed with options to run the web browser, email client, any program, any program from the start menu or Windows Explorer in the selected sandbox. Programs can also be started directly from Windows Explorer. A right-click on the application offers to run it in a sandbox. That’s useful especially for downloaded files.

Applications running in the sandbox can be identified by the [#] in the application title, and by moving the mouse cursor over the title which displays a highlighted border around the application window.

Sandboxie Tips

New users who install Sandboxie for the first time need to think about the programs that they want to run in the virtual environment. Programs with Internet or network access, and downloaded programs are two core candidates.

You can test a program’s compatibility by running and testing it in the sandbox. If the program behaves like it should, you could add it to the list of applications that are forced to run in the sandbox whenever they are started on the system. This prevents that you have to remember to launch that software in the sandbox all the time.

Some programs, like email clients or web browsers, need special access to folders on the system for some of their functionality. This can be configured in the sandbox settings. Firefox for instance needs access to data stored in its profile folder, Outlook to the email program’s mailbox and uTorrent to the temporary and complete download directories.

Creating multiple sandboxes has several positive effects. First, it protects applications from each other. Second, it allows the user to run different configuration sets as each sandbox comes with its own set of preferences. This way you could run a program with a different set of rules than others.

You can not only force programs but also all files of a specific folder to run in a sandboxed environment. That’s useful for download folders, optical drives or removable hard drives and other folders where file names may change regularly.

You sometimes may need to run programs normally, for instance when a program update is available. The disable forced program toggle disables sandboxing for selected programs for a limited amount of time. Firefox users could use the toggle to apply updates to the browser or browser add-ons for instance.

Another interesting application is to run program installers in their own sandbox. You can install and use the program normally as long as the sandbox is up. Once you are done testing you can just shut down the sandbox and everything goes back to the way it was before the installation. That’s very handy if you are testing a lot of programs.

The Help Topics on the Sandboxie website offer a getting started tutorial, usage tips and advanced topics.

Sandboxie Video Review

Verdict

Sandboxie adds a whole new layer of protection to the system that runs nearly unnoticed in the background. While it is possible to run the program without configuration changes, it only plays out its real strength when those changes are made. Tech savvy users will love the sheer number of configuration options. Inexperienced users on the other hand may run into troubles during the configuration stage. It is nothing that they cannot overcome though, it just may take them a bit longer before they have configured their system the same way an experienced user would have.

Giveaway

We have ten Sandboxie licenses for this giveaway. You can win one by leaving a comment below. Let us know what you like most about the program. You can download the latest version of Sandboxie from the developer website. The program is compatible with all recent and not so recent versions of the Microsoft Windows operating system.

Sandboxie is an excellent software for that purpose. It basically allows a Windows user to run any program in an isolated space (a sandbox) preventing it effectively from damaging or modifying other parts of the operating system outside that sandbox.

Some benefits of a sandbox

• Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.
• Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don’t leak into Windows.
• Secure E-mail: Viruses and other malicious software that might be hiding in your email can’t break out of the sandbox and can’t infect your real system.
• Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox.

Sandboxie Review

Sandboxie will automatically scan installed programs and offer to apply compatibility settings for them. The programs are displayed in an extra window and it is suggested to accept these suggestions.

Sandboxie is operated through Sandboxie Control. The program is automatically started after installation, but also accessible from the Windows start menu. There are two options (actually three when the desktop icon is included) to run programs in a sandbox. Users can right-click the system tray icon and select DefaultBox from the menu to run web browser, email programs, Windows Explorer or other programs in a sandbox, or use the Sandbox > DefaultBox menu at the top of the Sandboxie Control software to do that.

DefaultBox is the first sandbox that is automatically created by Sandboxie. Users can create additional sandboxies, but only registered users can run programs in multiple sandboxes at the same time.

Sandboxie aids the user when errors occur, for instance when the user tries to launch a program that requires additional configuration to run in a sandbox. The email client is a prime example. Why? Because the program will not be able to save data to the system when it runs in a sandbox which means that received mails will not be added to the system mailboxes.

Sandboxie does have a solution for that though as it can be configured to exclude files from the sandboxing. For an email client this could mean to exclude the mailbox data files and include the rest to work with it properly and save data in the mailboxes.

Programs that are configured correctly appear in the control window.

Sandboxie integrates with the Windows Explorer shell so that programs can be launched in a sandbox with a right-click. That’s handy for new program installations for instance to test an application on the system while preventing that it can make changes to the system.

It is possible to switch the program view to folder view, which shows all the folders and files that are currently stored in the sandbox.

Video Review

Users may sometimes want to save files even if a program is running in a sandbox. Say you run a sandboxed web browser and want to save an image to the computer that should be there once you close the sandbox.

Sandboxie can be configured to monitor selected folders for new files for an option to recover them. The program distinguishes between immediate and quick recovery. Immediate recovery pops up whenever a file is saved in one of those locations offering an option to save it to the same folder but outside the sandboxed environment or another folder.

Quick Recovery on the other hand is invoked by user request or before the sandbox is terminated on the system.

Users who run Sandboxie for the first time should take a look at the Usage Tips which offer introductions to concepts but also helpful tips including how to create sandboxed program shortcuts to launch programs directly in sandboxed mode.

Registered Sandboxie users get additional features including the ability to force programs to always run in the sandbox. This means that the program will be launched in sandboxed mode (if Sandboxie is running) whenever and from wherever it is launched. That’s better than having to select a program from the Sandbox menu, and still better than having to click on a shortcut to run it in sandboxed mode.

A similar option is available to force folders to always run in sandboxed mode. This can be download folders from the Internet, CDrom or DVD drives to sandbox autorun programs. Basically, all programs run from a forced folder location will be run in the sandbox.

Both options can be temporarily disabled by the user.

Sandboxie can be downloaded directly from the developer website. The program runs on 32-bit and 64-bit editions of Microsoft Windows and is available in many different languages.

Sandboxie Verdict

Sandboxie is an excellent program for Windows users who want to add that extra security to some programs that they run on their system. It is ideal for testing out new programs, browsing on the Internet without leaving traces on the computer and dozens of other applications to improve a system’s security.

The help popups when an error occurs detail what needs to be done to overcome the error. They do however lead to the Sandboxie website but that should not be a big issue.

Sandboxie Giveaway

We have ten Sandboxie licenses for you to win. Please let us know which program or programs you’d like to run in a Sandbox if you win a license.

Installation

Sandboxie is compatible with lots of 32-bit Windows operating systems including Windows 7, Windows Vista and Windows XP. A 64-bit edition is not planned but 64-bit Windows 7 operating systems can run Sandboxie in Windows XP mode.

Installation itself takes less than a minute and ends with the display of the Sandboxie Control interface which is used to run and configure Sandboxie.

Sandboxie review

The Sandboxie interface consists of a menu bar on top and a larger area that lists the configured sandboxes. These sandboxes can either display the programs that have been started in a sandbox or the files and folders that are currently accessible in those sandboxes.

New programs can be launched in sandboxes in numerous ways including the Sandbox menu at the top of Sandboxie control or a right-click on the program icon in the Windows system tray (there are automated ways but more about that later). Another handy option is that programs can be launched in a sandbox with a right-click in Windows Explorer which is for example handy when installing new software.

The default web browser and email program can be started from the shortcuts offered in the Sandboxie menu. Other programs can be launched by browsing for them using the file browser or the start menu which is displayed in a minimalistic menu if the option is selected by the user.

Every sandboxed program window will displays a # at the beginning of the window which indicates to the user that the program is running in a sandboxed environment. The Is Window Sandboxed option in the File menu can also be used to check if a specific window is running sandboxed.

Data that is created in a sandbox stays in the sandbox. This can be temporary files, cookies, documents that are created or saved files from the Internet. It would not be very practical if there was not a way to exchange files between the sandbox and the rest of the computer system.

Sandboxie provides two options on how to deal with those files.

• Explore Contents: It is possible to launch a Windows Explorer window that gets access to the sandboxed files. This can be done by right-clicking a sandbox and selecting Explorer Contents. The same option is also available in the top menu under each sandbox entry.
• Quick Recovery: Quick Recovery, when executed by the user, automatically scans specific folders (My Documents, Desktop and Favorites) for files that have been created. These files can be recovered by the user to the same folder (of the normal system) or to any folder. There is also an option to add another folder to the list so that its contents are scanned as well.
• Immediate Recovery: An automated version of Quick Recovery which will automatically display a dialog if a new file has been discovered in one of the monitored folders.

Programs in a sandbox can be terminated by closing their program window, right-clicking them in the sandboxie control window. There is another option to close all programs at once that are running in the sandbox.

Each sandbox comes with its own custom set of options. All start with the same options at the beginning and can be customized by the user of the computer system.

This ranges from appearance changes (display a border around sandboxed windows instead of the # indicator), recovery options to add or remove monitored folders, force programs to start in the sandbox which will automatically launch selected programs in a sandboxed environment whenever they are started, restrictions (Internet access, hardware access..) and Resource access (files, registry, IPC, COM..)

And then there are application specific options that make it a little bit easier to work with Sandboxie. Observant users might have noticed that it can be difficulty to run specific programs that require write access like a desktop email client that wants to add the new emails to the mailbox. Sandboxie by default would prevent those write operations. That’s where the application specific settings come into play. Sandboxie provides those settings for web browsers, email readers, pdf and printing, security and privacy, download managers and many more. A lot of programs are listed in that menu from Internet browsers like Internet Explorer or Firefox to security programs like Kaspersky Internet Security or Norton Internet Security to Adobe Acrobat, Evernote and 7-zip.

An option to configure additional custom program rights is provided as well.

Verdict

Sandboxie is an indispensable program that protects a computer system effectively from harm. It is ideal for users who test new applications regularly, download files, spend lots of time on the Internet or simply want to protect their privacy by preventing write operations of temporary data to the computer system.

Christmas Giveaway

We have ten licenses of Sandboxie to give away. Please leave a comment and explain why you would like to win a license.

Raju is handing out licenses of JV16 Powertools 2009 today.

The software developer is providing access to a free version of Sandboxie on his website which has a few limitations compared to the commercial version.

As the name suggests Sandboxie makes use of the concept of so called sandboxes (also called virtual environments by some). The main advantage of running applications in a sandbox is that everything that happens in there stays in there. If you land on a website that uses a 0-day browser exploit to download and launch malicious code on your computer you can rest assured that the rest of the system – that is the part outside of the sandbox – will not be affected by the virus. And the sandbox itself can simply be cleared so that the malicious software has no means of affecting the computer system.

To make it even more visual: Sandboxie acts as a border that is impenetrable for applications that get started inside. Many of these applications usually interact with other system components, say a web browser that is storing cache on the hard drive or storing new bookmarks on the computer. Every attempt to interact with the computer system will be intercepted by Sandboxie and emulated so that the application “thinks” that everything is ok.

These changes on the other hand are not permanently and once the application or the sandbox have been terminated they are gone. But don’t worry: Sandboxie is still providing the means to save data that has been created or downloaded into the sandbox. Think of a document that you are downloading from a website, you might want to keep it even after the browser session closes.

It is possible to configure resource access rights for files running in the sandbox. These are left blank on purpose by default but it would be possible to allow the web browser Firefox to access its bookmarks file directly so that bookmarks get stored permanently. (There is an option in Sandboxie’s settings that allows direct access to the bookmarks of Opera, Firefox and Internet Explorer and another setting for email clients.

The installation runs through without problems or user interaction. The system is ready to run applications in the sandbox right after installation. Sandboxie integrates itself in the right-click context menu (Run Sandboxed) and it is also possible to drag and drop applications into the program interface to run them sandboxed.

The control interface is listing the programs that are running in the sandbox. This is helpful because there is virtually no way of telling if it is running in a Sandbox by looking at the program window.

The commercial version of Sandboxie introduces several interesting and helpful features. It makes it possible to run multiple sandboxes on a computer system. This can be useful to launch set of tools in different sandboxes which is great to isolate programs further.

The Forced Folders and Forced Programs options become available after registration.

Forced Folders:

This options allows you to select folders (this can also be a drive letter) and force all applications starting from there to run in sandboxed mode. Some useful applications for this are CD / DVD drives or a downloads folder for Internet downloads.

Forced Programs:

Allows the user to select files that should always be run in sandboxed mode. This is very useful to make sure that an application is always running in the sandbox without having to launch it that way at every program start.

The developer of Sandboxie was nice enough to give us six licenses of his security software program. You should know the drill by know. Just leave a comment letting us know what you think / like about the program and you are eligible to win a copy of it.

Although the promotion is only running today users who download the virtualization software have seven days to install it and are still eligible to use it freely. The registration key will be send to the email address entered during registration and is good for one year of free updates.

Zonealarm Forcefield is compatible to Microsoft Internet Explorer 6 and Internet Explorer 7 as well as Mozilla Firefox 2 and Firefox 3. No Opera support in sight unfortunately though.

ZoneAlarm Forcefield adds a toolbar to the browser which thankfully can be shortened so that the icons only appear in the statubs bar and are thus less obtrusive.

Features:

• Browser Threat Immunity
• Keylogger & Screengrabber Jamming
• Anti-Phishing
• Spy Site Blocking
• On-The-Fly Encryption
• Website Safety Check

Unlike the other two virtualization software programs ZoneAlarm Forcefield virtualises only the browser and not other applications that connect to the Internet.

Sandboxie steps between the application and the system and allows only reads from the system itself but no writes. Writes are only allowed in the sandbox. This is great if you want to run applications without having to worry about system safety at all. It is still a good idea to be careful as usually when working with Sandboxie. If something bad slips through it is intercepted by Sandboxie.

It is a good idea to run applications that are used to attack computers with malware, spyware and viruses inside the sandbox to avoid that they reach your operating system. What can I say, it is a nice uncomplicated way to add an additional level of security to your system.