How to surf with complete security, part 3
In issues #129 and #130 I talked about using the free VMWare Reader and the free Ubuntu LiveCD to surf safely. Both are great solutions but both are a little awkward to use as they take several minutes to start up.
Today I'll show you two different free products that will allow you to start surfing safely in seconds rather than minutes.
The first is called Sandboxie. Its name accurately describes what it does: it creates a sandbox environment on your PC within which you can browse safely.
The strange name "sandbox" derives from the Java world where it refers to the highly contained and restricted environment in which Java programs (applets) are allowed to run. They are allowed to "play in the sandbox" but not go outside it. The important point is that while running in the sandbox, the programs have no access to your PC.
So it is with Sandboxie. While browsing within the environment provided by Sandboxie you are totally corralled off from your other parts of your PC. Any files you download are isolated to the sandbox. Similarly, any programs that are executed only do so within the sandbox and have no access to your normal files, the Windows operating system or indeed any other part of your PC.
This means you have complete browsing security. Nothing you do while browsing can have any effect on your PC outside the sandbox.
Starting SandBoxie is simple. You just double click the Sandboxie icon and it will launch your default browser within the sandbox. When you've finished browsing you have the option of deleting all files accumulated in the sandbox during the session or retaining specific files. The secure option is to delete the lot.
It's a neat solution for safe surfing but there are some caveats. First, Sandboxie only works on Windows 2000 and later so Win9x users are out of luck. Second, the system is only safe if you choose the option of deleting all files at the end of your browsing session. Third, you have to be constantly mindful whether you are browsing in the safe sandbox environment or just browsing normally as the two environments look exactly alike. This is a real problem and I do wish the makers of Sandboxie would do something to make the sandboxed environment look visually different.
I also wonder about SandBoxie's ultimate security compared to using VMWare or a Linux LiveCD. I wasn't able to break out of the sandbox environment and get access to my PC but maybe a smart hacker could.
I don't have these residual concerns about the next option: surfing from Damn Small Linux within a QEMU virtual machine running on your Windows PC.
This is bit similar to the option of running a Linux on your Windows PC within a VMWare virtual machine that I mentioned in issue #129. It differs in that the virtual environment is created using the free Open Source program QEMU rather than VMWare.
Damn Small Linux (DSL) is a special cut-down version of Knoppix Linux that only takes up 50MB. However, it does include a pre- installed version of Firefox so it's ideal for creating a safe- surfing environment.
This may sound daunting to set up but it's not. The folks at DSL have included everything you need in a single archive. All you need do is download the 50 MB DSL archive, unzip it to a folder and run the file dsl-windows.bat.
This will automatically launch QEMU and then Damn Small Linux which will auto-install, including automatic network configuration. On my test 3.2 GHz P4 the whole process took less than one minute.
Running Firefox from within DSL is no more complex the clicking the Firefox icon on the DSL desktop. Ending your session is equally simple: just right click on the desktop and select "Power down."
When you power-down, all traces of your surfing session will disappear. That includes any files downloaded, any cookies and your whole surfing history.
This all sounds very attractive but I must warn you that QEMU takes up a lot of processing power; bags of it. You'll need at least a 2.0 GHz Pentium class processor to run it and even then you'll find response to be sluggish. With faster processors, though, it will work just fine.
So that's it folks. You now have four free options for safe surfing; VMWare Reader, the Ubuntu Linux LiveCD, Sandboxie and DSL under QEMU.
Which is best? Well, if convenience is your top priority then you can't beat Sandboxie. If you have a really fast PC then you'll be tempted by DSL and if you want the best security VMWare and Ubuntu are the way to go; it's your call.
Whatever option you choose you will soon discover that once you are freed from security and privacy concerns you will be free to surf the internet without fear, to go to places you would normally never dream visiting and to try things you wouldn't normally dare. All this, while knowing that at the end of your browsing session, you can wipe everything from your PC without leaving a trace.
No comments:
Post a Comment