It is portable but the setup looks similar like an normal installation progress (but it simply extract it to //Desktop/TorBrowser) I not wanted to confuse people here. Thanks for keeping the thread alive, I still think Tor overall is a promising project since it is under development regularly. I may think to post/write an thread for combining I2P together with Tor since Tor is only for Outbound and I2P more for Inbound traffic. greatest weakness is still that everything what you write is in plain text which makes it some how more or less easier to reveal what you did on your machine.
That would protect you from catching malware, but will it stop your identity being revealed thru the exploit? Because that's the problem here.
Yes it will. Why? Because it is a javascript exploit, so it is executed in the browser and SBIE will block the calls this exploit makes to kernel32.dll. Maybe the sandbox filter/redirect/block mechanism was not tested at all, because FF ran with untrusted integrity level (rights) and the exploit did not overcome these UNTRUSTED-IL restrictions in the first place. Compare it with parkour/street runner which manages to jump from street level (medium IL) to first floor (kernel access). This is certainly a feat. However with SBIE, the street runner would not start at street level but a level lower, that is, from the basement -1 level (untrusted IL) and had to break through a cloaked sandbox ceiling making it impossible to reach first floor from the basement without additional stepstones.