Long time Sandboxie user and been using it with different browsers over the years. Sandboxes are set differently with the DefaultBox being most used and restricted. Have also used it for installing & testing apps. Works well with CCleaner in secure deletion of the sandboxes. Sandboxie can be configured for Windows Explorer, download folder, USB drives and more.
You shouldn't feel delays launching programs in your XP. Usually, other security programs are the ones that cause the delays when they scan the activity inside the sandbox. Since you got none of this type of programs, your sandboxes should open and close fast most of the time. Thats my experience in XP and W7. I got nothing but SBIE and NoScript. And I run all kind of programs sandboxed. I have a rule. If a program is going to run in my computers, it runs sandboxed. You ought to test SBIE, again. Updating browsers, Firefox or Palemoon, should be done outside the sandbox. Sandboxie, for security, don't allow the browser to update while running sandboxed. But you can test new versions of your browser by running the new versions installer in a sandbox. It ends up working as if you done an over the top installation. I just tested Firefox 37 that way before upgrading it in my real system. Works nice. Bo
Hi bo. I've never tried Sandboxie in XP full stop, so I'll see how it goes My XP machine has no realtime protection, but my other machines (Windows 7 & 8.1) have MBAM Pro, so perhaps that could explain the delay. I'd considered it normal as it had been there since I first used SBIE years ago, on completely different machines to the ones I use now. It's also possible that the delay could be attributed to the need to populate the sandbox, so since moving to SSDs then this might be negligible now. As for FF, I had assumed that the Mozilla Update Service (running outside of Sandboxie) could update the real FF, even if a Sandboxed instance of the browser was running.
Hi RJK3. Yes, MBAM is going to put the brakes on when you are browsing. And it should cause an slight delay when opening and closing the sandbox. Probably not too bad. Years ago, you could for testing or for fun, update Firefox (Via Help>About Firefox>Check for updates) while running sandboxed. But when you deleted the sandbox, the update was gone. Then later, that changed to how it is now. So, you cant do that anymore. I think with SBIE is best to set Firefox or Palemoon to Never check for updates. Sandboxie in XP works really nice for me. I use my XP for fun and run things a lot harder in it than in W7. No issues. All programs open and close fast. Videos, streaming sports, all is well. This are some of the things that I run in XP. Bo
Hi bo, just testing scenarios on my XP machine: - With a sandboxed version of Firefox running, I can manually update the real (unsandboxed) Firefox (which I expected); - I see what you mean about not being able to update a sandboxed firefox due to "canceling process updater.exe", which I think is heavy-handed; - I can update a sandboxed firefox if I've first used About>Update on the unsandboxed FF, then loaded a new sandboxed FF. I've not figured out how to manually trigger the Mozilla Maintenance service to update an unsandboxed FF, with or without a sandboxed FF running. I'll read through the wiki again later. Then again, I've realised that after an update, FF will likely want to re-configure, so a sandboxed FF would do that every startup until I first ran an unsandboxed instance of FF. I can't think of a way to update FF without having to run FF unsandboxed sometimes.
Yes... In real time. I used to use it on demand because I'm anal about conserving resources, which encompasses startup items, but changed for 2 very good reasons. For one, I'd end up needing to use it like immediately upon firing up my PC anyway since I have so many things sandboxed, including my browser. I was actually losing more time by having it then take longer for the Sandboxie to fire up than I'd gain by not having it set up to start with Windows (completely negligible... always the first icon to pop up in my quick launch bar). And the other, when it occurred to me to actually create a realtime sandbox, even called "Realtime", in which I have removable drives/USB ports sandboxed. Maybe it would fire up and sandbox the things anyway once inserted, don't know didn't test it out or at least don't recall, but I feel safer knowing it's on & proactive instead of reactive... a precious moment or three waiting for it to initialize may allow something through before it can kick into action. It's been the centerpiece of my security setup ever since I discovered it. If "something else" doesn't play nicely with it, that something else is the thing to go, not SBIE... never SBIE. And I base my other layers and approaches off of it.
We can test new updated versions of Firefox by running the new versions installer in a sandbox. I do that all the time and tested Firefox 37 that way. I had read someone reporting Firefox 37 having problems with SBIE, I usually wait a few days before upgrading but after reading that post, I right away wanted to test Firefox 37 in SBIE. We can update Firefox that way without having to run FF unsandboxed but the change wont stick after deleting the sandbox. I just don't think there's a way you ll get to update Firefox in SBIE and make the update stick for good or get a sandboxed Firefox to restart and apply the updates after updating Via Help. Bo
Well what I ideally wanted was for the Mozilla maintenance service to update the real FF, and for that update to eventually make its way to the sandboxed FF after the next time that sandbox emptied on exit. That way one could just use FF sandboxed and never have to put much further thought into updates. But it's not going to work that way. Oh, I had also wanted to test my security configuration, but frustratingly I couldn't infect my XP machine no matter what I did. Might have to try again another night.
I see what you mean. I rather is how it is. I don't like any kind of automatic updates. Allowing Firefox to update automatically would be a big hole in SBIE, I think. Bo
I've started to use SBIE more actively since switching to Win 8. Besides testing software, I'm now also running browsers like Firefox and Opera 12 inside the sandbox. The only drawback is that SBIE hasn't got dedicated anti-exploit protection, I hope that this will be added someday. MBAE and HMPA are not fully compatible with SBIE on my machine.
When I play with setups, I'm also trying to consider how I transfer these things for non-techie friends and families to have a self-maintaining system using rational rules. Also, the security risk of Firefox auto-updating is negligible IMO while the convenience is plain, especially when it's not a main PC. Just been playing with Sandboxie a bit more on my main (8.1n) machine. Honestly it's been a little frustrating, with the latest version giving the "canceling process" dialog for a number of programs I tried to test (e.g. the Reason Core security apps). I had to version jump a bit to get it to work, but the older 4.x versions seem to fuss about Windows font templates or some such. I'm limited in how far back I can go, as support for 8.1 was only introduced 4.06. I feel like it's fighting me on everything I want to use it for, which wasn't my experience before the sale to Invincea. I'm going to have to find some time and learn what's changed over time.
I just checked out of curiosity, and it appears that Sandboxie (at least on my 8.1n machine) disables EMET protections in most of my programs. Doesn't work for Pale Moon: http://oi59.tinypic.com/333zqsk.jpg (although Pale Moon is unchecked in all categories as per Moonchild's post) MPC-HC: http://oi59.tinypic.com/2hnarg2.jpg Works for VLC, but not for PortableApps's YouTubeDownloaderHD: http://oi59.tinypic.com/a87is.jpg and works in LibreOffice: http://oi57.tinypic.com/9vh40j.jpg Given that I use wildcards instead of specific paths where possible, then it's unlikely to be the case that EMET isn't seeing the new paths in c:\sandbox\*. Incidentally I also get this error on version 4.16 if Secure Policy (SSRP) is in a locked state: SBIE2203 Failed to communicate with Sandboxie Service: *GUIPROXY_00000002 - SandboxieRpcSs.exe [C0000002]
HI RJK2, we wont agree about automatic updates. But yes, for users who don't do updates manually or follow up on programs they use so they know when a new version is out, setting updates to be done automatically is a good practice. Even so, in the particular case of SBIE, a sandbox program, I think not allowing the browser to be setup to allow browser updates to bypass sandboxing is the way it should be. I don't know why you are getting many unexpected Sandboxie messages. In both my computers, I only get one for one program. That is in XP, I get a SBIE 2203 message (similar to the one you wrote about in your reply to Rasheed). I get that message when I run the ancient KMPlayer version that I use. By the way, that is one SBIE message that sometimes can be hidden and the program still works. Thats what I do in my XP, I hide it and KMPlayer still works fine. I get no other unexpected message in XP or W7 despite running sandboxed just about anything that runs in my computers. I had never heard of Reason Core security, after reading your post, I installed it sandboxed in my W7 and ran a scan. I did not get any SBIE messages. I took a picture after the scan was over. You can see the result. If you are getting many unexpected SBIE messages, its probable you are using software that conflicts somehow with SBIE. Bo
RJK3, the setting below was implemented in SBIE 4.16, it is added by default in new sandboxes that you create when you are using 4.16 and newer versions. "Added OpenIpcPath=*\BaseNamedObjects*\FntCache to templates.ini to eliminate font cache problems". http://www.sandboxie.com/index.php?VersionChanges#v_4_16 For old sandboxes or when you are testing older SBIE versions, perhaps enabling "Allow direct access to Windows font cache" setting manually (Sandbox settings>Applications>Miscellaneous) helps you in your testing. HTH. Bo
Hi Bo, don't worry I'm just putting forth my opinion with no desire to change your mind We all have our own philosophies to building our security setup, so it makes sense to do things different ways in order to fit in with everything else we're doing. Thanks for taking the time to reproduce some of what I'd done. I do wonder if it's to do with me running 8.1N, or if it's my general setup. I'll try it on a Windows 7 machine and see if I get similar symptoms. Only EMET or Software Policy are likely to conflict, as I don't use a lot of installed software on my machines. I'll have to consider the security implications of allowing direct access to the font cache before I make that a permanent rule, but should be fine for a sandbox that's purely for testing programs.
Are you a Sandboxie user? Vista = No ~ SBIE not compatible with Norton v22 W8.1 = Yes ~ SBIS compatible with Norton v21
RJ, you can untick the setting in sandboxes where you don't get an error, I haven't had to allow direct access to the font cache in any sandbox. Bo
Hi, can anyone please provide a link to older versions of sandboxie when it was owned by Ronen Tzur. Thanks
Older Versions of Sandboxie If you need to revert to an older version for some reason, old versions are available.
Absolutely love Sandboxie, wouldn't feel safe without it on a windows machine.Can't understand the 4 voters would said " Never tried it and never will "
I was a sandboxie(free version) user. Sadly, it doesn't seem to work with Comodo firewall installed. I had to removed it because of that. And currently using Comodo sandbox instead.
On my host system, I don't need it. I use it sometimes on my VMs for malware analysis, but that's it.
Dont be sad, here is a known workaround for Comodo and Sandboxie that as of today, it works for most people using both programs. The last couple of days I read a couple of users confirming that it is still working, you might want to try it. http://forums.sandboxie.com/phpBB3/viewtopic.php?f=11&t=21539&start=15#p113172 Bo