TechSpot

Sandbox bank account tracking cookie?

By zombi3
Apr 20, 2014
Post New Reply
  1. I'm a little confused by this. Isn't the whole point of using a sandboxed browser is that nothing leaves it. SAS picked this up:

    accounts.key.com [ C:\AVAST! SANDBOX\S-1-5-21-3583729876-1247344376-3946384776-1000\SFZONE\C\USERS\NIGHTMARE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JG77RLU5 ]


    I assumed that with a sandbox, stuff like this (especially a key bank flash cookie) would simply not exist.
    Also, there is no C:\Avast!. I installed Avast to a custom folder and Avast doesn't use the word "Sandbox" to describe it's program in any files, always "SafeZone".

    Don't get me wrong, pc's fine. I'm just wondering if this is typical or if Avast just makes a crappy sandbox.
    Last edited: Apr 20, 2014
  2. JC713

    JC713 TS Evangelist Posts: 6,954   +900

    Try using Google Chrome or FireFox with Disconnect + Adblock. That should eliminate the majority, if not all tracking stuff.
  3. zombi3

    zombi3 TS Rookie Topic Starter

    I use DoNotTrack and Adblocker with my regular browsers. What I'm wondering is if it's normal for something like this to be stored on the pc (albeit hard-to-find) when the page was opened in a sandboxed browser. Am I misunderstanding how these programs work, or is Avast SafeZone simply not as good as another program might be?
  4. jobeard

    jobeard TS Ambassador Posts: 13,408   +314

    Hmm; my impression is Sandbox allows all normal functions (including cookies & history) but arranges memory such that things like buffer or stack overflow do not cause an exception and thus leak memory OR cause privilege elevation.
  5. zombi3

    zombi3 TS Rookie Topic Starter

    At least it was buried pretty deep. Turns out there is "C:\Avast! Sandbox" folder, it's just not visible, even with "show hidden" enabled. It can only be seen in safe mode.

    I guess I've been thinking of sandboxed programs the wrong way. I heard they were good for running "iffy" programs and that if they should contain any kind of malware or virus the sandbox would keep the infection contained. I just assumed that meant nothing activated inside the sandbox was stored in any way. Don't know why it never occurred to me that a sandbox could have it's own contained storage. S.M.R.T. !

    Kinda surprised SAS detected this though, especially scanning in normal mode. I'm sure most others would miss it.
  6. jobeard

    jobeard TS Ambassador Posts: 13,408   +314

    this is all true
    not true. Private Browsing is much closer to this


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.