The internet is full of sweet apps, but it's also packed with shady software. Before you install something awful, give yourself an infosec education. Here are the best tools to protect yourself when you're experimenting with new programs.
Unless you have spare computers lying around, you need to protect your system when trying out software you don't trust. This post will guide you through several methods that can help contain any malicious changes or prevent rogue apps from doing something you don't want. Some methods are focused on staying as secure as possible; others are better for trying out apps without messing up your settings, but may not be perfectly secure. We'll explain which ones are best for which at the end of each section.
Method 1: Virtualise An Entire Desktop With VirtualBox
Virtual machines are one of the safest ways to test software (without building an entirely separate computer). This method allows you to simulate a full operating system, isolated from the rest of your machine. If a program installs crapware without your knowledge, it will be contained in the virtual machine. If it changes your wallpaper to a picture of dinosaurs attending the Last Supper, your regular computer won't be affected. You can also save snapshots of your virtual machine so that, no matter what happens, you can restore it to exactly the way it was before.
There are several tools that you can use to create virtual machines, but for we like VirtualBox. It's available for Windows, Mac and Linux, and allows you to take the aforementioned snapshots very easily.
Before you start testing software, you'll need to create the secluded place where you can be alone with it. Begin by creating your virtual machine:
- Install and open VirtualBox. Be sure to install the extension pack from the downloads page.
- Click "New" to create a new virtual machine. You can check out our guide here for detailed instructions, but the wizard should make it fairly simple. You will need to download the OS you want to use.
- Install the operating system of your choice on the virtual machine.
- Before you install anything else, take a snapshot. This will allow you to revert back to your original, "fresh install" state after you're done testing.
At this point, you should have a pristine installation and a quick way to reset back to normal. This is a safe place where you can install programs and try them out. However, it's important to remember that this doesn't mean that everything you do is safe. Here are some other things you should be aware of if you need to try out potentially malicious software:
- Do not enable Bridged Mode: As the How-To Geek points out, Bridged Mode removes some barriers between your VM and your host computer. This can also make your host machine vulnerable to some malware, so be careful. By default, this should be disabled, but if you've ever enabled it for any reason, turn it off. Ideally, you should keep a separate, clean VM for testing potentially malicious software.
- Disable network activity when necessary: Once you've downloaded the software you want to install, you can remove network access from the VM in the menu along the bottom. Simply right-click the network adaptor, select Network Settings, and change "Attached to:" to "Not Attached". It's important to note that not only does this disconnect your VM from the internet, but it also disconnects it from other devices on your network such as the host computer or even your router.
- Be mindful of personal information: If your virtual machine is connected to the internet, you can still transmit personal information. A VM only protects your computer itself. It can't stop you from sending your credit card info to an untrustworthy merchant. If you absolutely have to enter personal information into an app you don't fully trust, disable its internet connection first.
Virtual machines are one of the most powerful software control methods out there. It's highly recommended that anyone who is regularly testing apps create a virtual machine and have it handy at all times. However, if you only try suspicious apps out every few months or so, there are other, less cumbersome methods.
Method 2: Simpler Virtualisation With Cameyo
The downside to virtual machines is that they require a full OS installation and considerable overhead. If you only want to see how an app works once without worrying about all the extra work, Cameyo offers a slightly simpler alternative. You can try out applications in a remote virtualised environment.
As we've talked about recently, the service runs a virtualised version of Windows on a remote computer that you can run apps in. The downside to this method is that you are limited to just one app, so it's not a perfect solution for every task. However, if you just want to see what an app looks like before you try it out on your system, or don't want to go to the hassle of setting up an entire virtual machine, it's a nice middle ground.
If you want to use Cameyo to try out your own applications, follow these steps:
- Create a Cameyo account and log in.
- In the sidebar on the left, click Add App.
- Select "Create a new Cameyo package".
- If you've already downloaded the .exe, upload it by selecting "Local machine". If you're not sure you can trust the source, use the URL option to link to the file.
- Choose a target to store the repackaged app. In most cases, My Apps will work, but you can save the app packages to your Dropbox space if you need to return to the app more than a week later.
- Click Submit.
Once Cameyo is done creating the repackaged app, you'll be able to run it in a browser window. This method is particularly useful if you need to see how an app works while you're on an OS other than Windows, or if you want to make sure it's not going to do anything shady during installation.
Method 3: Get Basic Protection With Sandboxie
Sandboxie is a simpler alternative to virtualisation that allows you to try out software on your own desktop without giving it total control. It allows you to browse the web, or install and run apps alongside your existing system, so it can give you the closest idea of what it would be like if you actually installed it. You can quickly erase anything that's been downloaded or installed with a single button. You can think of it as a disposable sleeve you place over your apps or browser as a form of protection from infections or unwanted installations.
Sandboxie doesn't come without trade offs. Anything you download or install on your system is still on your system. That means if it's given permission to read files, there's no barrier between the apps and your sensitive data. Sandboxie can revert any changes it makes, but reading is fair game. And, of course, if anything happens to slip past Sandboxie, it can infect your real computer. Strictly speaking, virtual machines are safer, but Sandboxie does offer some extra protection to your normal, everyday routine.
You can download Sandboxie here. Once you install the app, you can create a sandboxed browser window, download files and install apps within the sandbox. Everything you do within this sandbox can be deleted with one button. If you want to download an app to try out, it's recommended to start with a sandboxed browser session first, just to prevent any infections from the site itself. To get started, follow these steps:
- Start the sandboxed web browser. Sandboxie should have offered to create a shortcut on your desktop to the web browser when you first installed it. If not, right-click the Sandboxie icon in the system tray and select Default Box > Run Web Browser.
- Open the site with the app you want to test and download it.
- When you download files, Sandboxie will offer to let you "recover" them, which means they would leave the sandbox and stay permanently available. If it's a file you know is safe, accept this option, but keep everything inside the sandbox otherwise.
- Install the app. In the User Account Control prompt, Sandboxie will appear as the application requesting permission to install software, as opposed to the developer you're testing. You should be able to see a window beneath the prompt detailing which app is requesting permission.
- Run the app as normal. You should see a yellow outline over any windows that are within the sandbox.
- When you are finished, right click Sandboxie's icon in the system tray and select DefaultBox > Delete Contents.
When you delete the contents of a sandbox, everything you have downloaded or installed during that sessions should be removed from your computer. Keep in mind that this doesn't mean nothing nefarious can happen: If you use a sandboxed browser to send your credit card information to a shady merchant, there's nothing Sandboxie can do to prevent that. It can, however, remove anything that was quietly installed or revert any changes you make to your system. It's not 100 per cent effective, but it should keep you safer than browsing without protection.