Most Internet users make use of a web browser for all Internet related tasks. They hang out on Facebook or Twitter, browse shopping websites, download files to their system, watch videos on YouTube, or do online banking.
While that is perfectly fine for most, some may want to improve security for Internet activities that they consider critical. This may include online banking or shopping websites, but also visiting websites that you do not trust.
Browser in the Box is a free safe browsing solution for Windows that is free for personal use. It comes as a Personal edition and an Open Source edition. The Open Source edition does not ship with "secure upload", "trusted-channel to central management" and "Isolation of internet traffic via IPsec-tunnel to the program's gateway".
The program is using Oracle's Virtualbox virtualization environment for its core, which will be installed on the system if not installed already. This is also the core reason why the file size of the installer is larger than 400 Megabytes.
You can customize the installation by selecting the Expert mode option. Here you can define several settings, including whether or not clipboard data can be copied to and from the virtual browser, whether or not files can be uploaded or downloaded, and what kind of data you want to store persistently.
The start of the browser takes quite some time, which makes it less than ideal for day to day browsing. The browser used in the latest standalone edition is Iceweasel 17.0.9, a fork of Firefox that more or less works exactly as the browser. The core issue here is that 17.0.9 ESR is not the latest version, which means that the browser is vulnerable to security vulnerabilities that Mozilla fixed in newer versions of Firefox.
To put this in perspective, Firefox 17.0.9 was released in September 2013. The latest version is Firefox 24.0.2 ESR.
If you check the IceWeasel website for Windows, you will notice that the latest version of the browser has been released in September as well. This means that it is not the fault of Browser in a Box that the version has not been updated.
Still, in the end, it is their responsibility to select a browser that is secure and up to date, and if IceWeasel cannot deliver that, they should consider switching to another.
Anyway, you can install extensions from Mozilla's Addon repository, and if you have selected to keep persistent data, can make use of them in every browsing session.
If you plan to use the virtual browser, it is highly suggested to install security extensions such as NoScript to it to mitigate most attacks that target unfixed vulnerabilities in the product. While it may be unlikely that you are exposed to any depending on how you use the browser, it will improve security significantly all in all.
A safe browsing solution that uses an insecure version of a browser, that does not bode well. It is not clear why IceWeasel was picked by the developers instead of the regular Firefox ESR version.
Considering that IceWeasel for Windows has not been updated for a couple of months, and that Firefox was updated in that time, it may be time to rethink the decision.
I cannot really recommend Browser in the Box right now because of this. While you may want to keep an eye on the application, it is best if you use a different software for that task.
Sandboxie comes to mind for example.
Now Read: Make Firefox the Fort Knox of browsers
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.