TRUST NO APPLICATION!!! TRUST NO INSTALLERS!!!
When you run a program on your computer, data flows from the hard disk to the program via read operations. The data is then processed and displayed, and finally flows back from the progam to the hard disk via write operations. For example, if you run the Freecell program to play a game, it starts by reading the previously recorded statistics, displaying and altering them as you play the game, and finally writing them back to disk for future reference. Sandboxie changes the rules such that write operations do not make it back to your hard disk.
Protecting your Freecell statistics using Sandboxie may be a good idea when a less qualified player comes along, but you will probably want to play most of your games outside the sandbox. On the other hand, you may want to run your Web browser inside the sandbox most of the time. This way any incoming, unsolicited software (spyware, malware and the like) that you download, is trapped in the sandbox. Changes made to your list of Favorites or Bookmarks, hijacking of your preferred start page, new and unwanted icons on your desktop -- all these, and more, are trapped in and bound to the sandbox.
You could also try a new toolbar add-on, browser extension or just about any kind of software. If you don't like it, you throw away the sandbox, and start again with a fresh sandbox. On the other hand, if you do like the new piece of software, you can re-install it outside the sandbox so it becomes a permanent part of your system. Sandboxie intercepts changes to both your files and registry settings, making it virtually impossible for any software to reach outside the sandbox. Sandboxie traps cached browser items into the sandbox as a by-product of normal operation, so when you throw away the sandbox, all the history records and other side-effects of your browsing disappear as well.
The ActiveX mechanism lets Web sites run little programs in your computer. These are mostly well-natured programs, for example automatic download managers or automatic toolbar installation. Some not-so-well-natured Web sites use this mechanism to install spyware into your computer. You could browse with ActiveX disabled (by turning it off, or by switching to a browser that doesn't offer support for ActiveX), but you would be trading security over functionality. With Sandboxie, you can keep ActiveX turned on, and have both security and functionality.
* * *
o Restrictions > Drop Rights is a DropMyRights-like feature.
o Applications > Screen Readers
o Delete > Command buttons for third-party delete utility now ask you to locate the third-party program executable.
o Appearance settings page includes option to draw a border around a sandboxed window.
o When "Disable Forced Programs" mode is in effect, the Sandboxie icon becomes darker.
* * *
o Fixed a problem that prevented some full-screen programs from changing the display resolution on Windows Vista.
o Fixed a problem to run Java applets within a sandboxed Web browser, when the new Java plugin architecture is enabled (which is the default case).
o Sandboxie no longer disables COM+ within the sandbox. This resolves some problems with Flash in Internet Explorer which manifested as delays when switching and closing tabs and rare cases of IE crashes. This change only takes effect after the sandbox is deleted.
o Sandboxed Windows Explorer can now "Paste" files that were "Copied" outside the sandbox.
o Improved handling for some .NET programs.
o Fixed a small kernel memory leak that caused problems if a sandboxed program was left running for many hours without being terminated.