A lot of IT professionals and security experts try to lock down their machine against malicious code (especially those who run Windows OS's). When I come along a new free application, I first like to try it out in a virtual machine environment, just to be on the safe side in case their is malicious code running in the application.
But, there are malicious applications that can detect the virtual environment, and do not try to exploit the machine. What can someone do in that case?
There is a very very nice applications, called Sandboxie by Ronen Tzur. This small application basically runs any application (even installers) in isolated space, so any changes made to the filesystem are not reflected in the actual systems' filesystem. This space may be discarded at any time, and with it, any changes made by malicious code.
The newest version (3.34) has the addition of a DropMyRights like feature, which runs the isolated application with the lowest possible level of rights on the machine. In general this is a very nifty application, and one that is very modestly priced. Purchase allows the user a lifetime subscription of updates, and unlimited use of the application on any computer that the end-user owns.
There are limitations though (such as the inability of Sandboxie to be installed on Vista or XP 64 bit versions, due to Windows PatchGuard), but is overall, in my modest opinion, a must have application for the security conscious.
No comments:
Post a Comment