The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

How can a Browser Sandbox protect your computer?

Download Windows Speedup Tool to fix errors and make PC run faster

Most mainstream browsers come with their own sandboxes to keep your computer safer. This post looks at what is a Browser Sandbox, how to use it, or disable it completely on Google Chrome, Microsoft Edge, and Mozilla Firefox.

What is a Browser Sandbox?

What is a Browser Sandbox

A Sandbox allows your kids to play with sand without the sand scattering everywhere in your garden. This is because the sand is enclosed in a box with high walls. The same happens with sandboxes in computers. When you want to test your new app or something else without spoiling the whole computer, you can build a sandbox using Windows Sandbox feature or by using third-party tools. You can then install your app into the sandbox and check it without worrying about breaking the computer.

A browser sandbox is a security mechanism that runs web applications in isolated environments. This helps prevent malware and other malicious threats from affecting the system or network. By isolating browser activities, a sandbox ensures safer browsing and protects against potential security vulnerabilities.

Most browsers already have a sandbox to enhance your computer protection. The idea of browser sandboxes is to protect your computer from the side effects of browsing. Even the best of websites may be hosting malicious code without their knowledge. Thus, what happens is, if a website downloads any malicious code, it is downloaded to the sandbox part of the computer. When the sandbox is closed, everything inside it is erased, including the malicious code.

Firefox Sandbox

Firefox runs untrusted code in a sandbox to protect the computer in case something malicious happens. Firefox has two parts: the parent and the child processes. While working on the Internet, untrusted processes are run in Firefox’s sandbox, which helps contain contamination. While the child processes are run in the Sandbox, the parent part acts as a mediator between the child process and the rest of the computer resources.

Users can change the sandboxing level in Firefox to make it stricter or easier. At 0, Firefox is least restrictive; level 2 is balanced and current; level 3 will be highly restrictive. To see which level Firefox is using, type the following in the address bar and press Enter key:

about:config

It will load the Firefox configurable variables on the page. That done, press CTRL+F after placing the cursor in the config page anywhere. In the Find box, enter the following code and press Enter key:

security.sandbox.content.level

The value returned by the function is the current level of sandboxing Firefox is using.

Chromium Browser Sandbox

Chromium is used by both Microsoft Edge and Google Chrome browsers. Basically, their sandbox, too, works as the one explained above in the Firefox section.

There are two parts – The broker process and the target process. The browser process is the broker process, while the child processes are called target processes. All codes run by the target processes run in the sandbox. The other part is called the broker process because it acts between the child process and other computer resources to supply the child processes with the resources they want.

In Windows Pro and above editions, you can use Windows Sandbox for running Microsoft Edge.

What is Sandbox mode in Chrome?

Sandboxing in Chrome is a security feature that isolates websites and web applications into separate processes. This helps prevent malware and phishing attacks by creating a protected environment, ensuring that malicious sites cannot affect your system or other browser tabs.

How to turn off Google Chrome Sandbox?

To turn off the Google Chrome Sandbox right-click on its icon. Click on Properties and then on the Shortcut tab in the dialog box that appears.

Add the following to the app path being shown in the Target:

--no-sandbox

Henceforth, whenever you click the Chrome icon, it will load Chrome without a sandbox.

Using Microsoft Edge in the Sandbox

When you start the Windows Sandbox, you will get a new desktop with only Recycle Bin and Edge shortcut. It shows Start Menu and other icons, but they don’t really work in this sandboxed operating system. You can open them in the main Windows instead of sandboxed Windows OS.

You can start Edge from this sandboxed Windows environment for browsing with maximum security. Once you close the sandbox, after working on Edge for a while, no one can trace what you did on the Internet. Your ISP may create a log of what you did but no one can check those activities you performed using Edge in the sandbox.

As with other data, if a website downloads malware to your system, the malware will also vanish when you close the sandbox.

Notes:

  1. Using a sandboxed environment for browsers won’t make it 100% safe. Some parts of the browser extend beyond the sandbox, especially if they still use Flash and ActiveX elements. These can be compromised and then the cybercriminals can access your computers.
  2. You can also create a sandbox using third-party tools such as Sandboxie if you do not want to use Edge but another browser. You just need to turn on the sandbox program you are using and when the sandbox is created, you can install the browsers there. Know that closing the sandboxing will clear all the contents of the sandbox. So, if you want to use Firefox again in a sandbox, you must create and install a sandbox.

The above explains browser sandbox and how to use and disable it. Let us know your views and ideas about browser sandbox and security by commenting below.

ArunKumar@TWC

Arun Kumar has been a Microsoft MVP (2010-12). He is obsessed with technology, especially the Internet. He deals with the multimedia content needs of training and corporate houses.

Live Chat Button