Dell releases sandboxed Firefox [Freeware]

Prev: Sonarca Sound Recorder Free v3.2.8
Next: [PORTABLE] X-Firefox 3.6.7 ready to DL

From: orbro on 22 Jul 2010 05:56

Download:
http://www.kace.com/products/freetools/secure-browser/download.php

Article about the release:
http://www.zdnet.co.uk/news/workspace-it/2010/07/20/dell-launches-
sandboxed-version-of-firefox-36-40089588/?s_cid=938

O

From: Mark Warner on 22 Jul 2010 10:34

From: VanguardLH on 22 Jul 2010 13:36

orbro wrote:

> Download:
> http://www. kace. com/products/freetools/secure-browser/download.php
>
> Article about the release:
> http://www.zdnet.co.uk/news/workspace-it/2010/07/20/dell-launches-
> sandboxed-version-of-firefox-36-40089588/?s_cid=938

But you can already do sandboxing of ANY web browser by using Sandboxie.
GesWall affords another choice (sandbox plus policy enforcement plus
tracking and limiting w/choice any downloaded files). Avast has its own
sandbox alas not in the freeware version. Comodo's firewall has a
sandbox. These aren't limited to walling off just one lone application.

Or you could do the unthinkable and login under a limited account to
reduce priviliges for your web browser's process - or you could login in
under an admin-level account but run your web browser under a LUA
(limited user account) by using something like OnlineArmor with its
RunSafe option or just use SRPs (software restriction policies) already
available in Windows XP+ (once you define the 'basic' mode under which
to run a process). Besides just cleaning up (wiping) the environment or
sandbox used just for the web browser, you could virtualize your entire
OS (but without the slowness of using a virtual machine that emulates
all hardware except the CPU) by using Returnil Home. Then if anything
leaked past the sandbox or you got socially engineered to permit
something to run outside the sandbox, a reboot of your host wipes it ALL
back to a prior known or baseline state.

Sandboxing or virtualizing the web browser is hardly new. That
Dell/Kace makes it appear something fantastic and new shows just how far
behind they are. Why would I want to sandbox just one particular web
browser, anyway? I might not be using another web browser but if I did
then just how would sandboxing for FF help later with other web
browsers? Use something that covers all web browser, or even other
Internet-facing apps, like e-mail clients, newsreaders, etc. For most
users beyond the noob stage of expertise, just running the process under
a LUA token is sufficient (and all the other cleanup can be automated by
configuration options of the programs or by using 3rd party tools that
you can even schedule using Task Scheduler).

Why would you add bloat for just one web browser? If you're going to
add the bloat, make it handle all web browser or even other types of
apps, like anything that can connect to the Internet. Maybe this is
just a preview of the Kace Kontainer sandbox and maybe they'll expand it
to cover any process the user chooses. Alas, as seen by reviewing it
(http://www.kace.com/products/overview/virtual-kontainers.php), it looks
like they have a whole commercial suite of products so they just dropped
this little gem to lure customers to their bigger solutions.

From: mike on 22 Jul 2010 14:43

VanguardLH wrote:
snip
> Or you could do the unthinkable and login under a limited account to
> reduce priviliges for your web browser's process - or you could login in
> under an admin-level account but run your web browser under a LUA

Doesn't "dropmyrights" do this?
It's rather painless.

snip

From: Craig on 22 Jul 2010 16:38

On 07/22/2010 12:34 PM, me(a)tadyatam.invalid wrote:

> Hmm, perhaps Dell should sandbox some of its H/W, too?
>
> http://www.newscientist.com/blogs/shortsharpscience/2010/07/pc-giant-warns-of-hardware-tro.html

/That/ was enlightening.

thx,
--
-Craig

| Next | Last
Pages: 1 2
Prev: Sonarca Sound Recorder Free v3.2.8
Next: [PORTABLE] X-Firefox 3.6.7 ready to DL