Sandboxie Does Hidden Online Validation?

I found an interesting comment on "hidden" online validation by Sandboxie on ~Url link removed~

The guy in that forum used PE Explorer and extracted some strings from Sandboxie's start.exe . One of the string extracted contains " 'http://www.sandboxie.com/buy.php',0000h ".

I have a lifetime license on Sandboxie and hence I have no worry on online validation by Sandboxie, but I just wonder how true it is that Sandboxie does "hidden" online validation?

Any comment?

 

That's disgusting...
I have no issues with online validation, many companies do it, but to try and mask it from your firewall by such methods... Just reinforces my hatred towards the author, on top of his "omg 64bit" moaning and crying (at least he grew up and wrote a 64bit version), I'm glad I ditched such useless 3rd party products ages ago.

I especially like how a few of the commenter's themselves describe Sandboxie bypass experiences.
VM > Sandboxie.
VM forever

 

Useless might be a bit harsh lol. I cannot think of another program, no matter who wrote it and what thier ethics are, that is so easy for the average user to use and that leverages very good protection for the said average user. VM is better, but also more complicated for novices and requires more poop to run not to mention that you must start the VM up (unless you use snapshots) before you can use it. Makes the slight 3-5 second delay some experience with sandboxie seem pretty snappy if you ask me.

Online validation was only a matter of time in coming if the author expects to get paid for his work.

Sul.

 

Couldn't care less if it does some online validation even less so for the assertion by some cracker. That some firewalls might let the communication through is neither here nor there

 

Indeed, the language you use shows that you obviously must feel something like hatred. Only that you do not (and probably are not able to) mention a reason for your hatred.

And the statement that the product is "useless" is simply ridiculous. Read some threads here in the Forum to comprehend that the opposite is true. But people with an irrational hatred will hardly be convinced by arguments.

 

Did you even read the article describing how he does it? This isn't your every day validation, if it was, it wouldn't be a problem.

I'm surprised I'm the only person that finds this disgusting.

 

I Can see both sides but tzuk does offer a free version and a paid version, And i suppose he wants $$ for his hard work it`s not like it is microsoft activation, If he asked you to activate your paid license i prseume some people would only complain He is trying to protect his product and would like the payment for his paid version if people are using it....
For me i have no problem about it connecting out and verifying my license.. i have nothing to hide so it doesn`t bother me

 

Weird comments. Why so aggressive ?

People have been given fair warning, more like. I seem to remember Tzuk and Ilya both explaining the situation - as they see it ... pointing out the potential flaws with Win 64bit and their products. Tzuk has given Sandboxie user's the choice to use the 64bit, but, at their own discretion. I certainly wasn't aware of the issues untill Tzuk explained the technicalities. I imagine a lot of average Sandboxie user's were in the same boat as me.


EDIT: I didn't see the link, was edited out, so maybe you are angry at the method (which I haven't seen) lol

---​

Anyway, there are some Sandboxie cracks/keygens around because I've seen them. I don't honestly mind that Tzuk might be protecting his income this way.

I guess Tzuk might now have to state this validation check into small print somewhere - that is if he hasn't yet.

 

But he could do it in a normal fashion instead of trying to sneak it through an ActiveX control.

Why was the link removed? Now no one can see the story...

It's not about validation, it's about the methodology he chose to put it into practice. Essentially trying to backdoor through your PC to do so.

 

I can see what you mean. I trust the software so I don't mind at all - I can see others might not.

 

I could not follow the link to the article, but there is no hidden activation in Sandboxie. Just because some random guy claims something that does not automatically make it true.

The buy.php link takes you to "Register Sandboxie" page, and that page is certainly not some activation backend. The link is there for the very simple reason that there is a button which says "click here to buy Sandboxie" and it opens this web link when you click the button. There is nothing sneaky about any of this.

elapsed, did I do something to you personally that you need to assume the worst about me and adopt a "guilty until proven innocent" attitude?

 

But when someone offers you a free product, trust is the only thing allowing you to install it. How does something like this build trust?

I can't understand why a moderator removed it.

Yes. But that's not for debate in this thread.

I'm not surprised you claim nothing exists. Again bringing us back to who to trust.

 

Read it again but objectively and you will see that is a load of ..... a truck load

 

Well, as we've got it straight from the guy that knows ... I guess it was all Horse ~ Snipped as per TOS ~. In the end.

 

He backed it up with evidence and it had nearly 10 replies without any objections.

 

How can we read it? It's gone. If there's nothing to it, there's nothing to it. If the link contained malicious script/files or other inappropriate (meaning against the rules, not opinion), then fine, removal of the link was necessary. But at least give a reason for removal in the edit like usual. As far as this "validation", I understand it, and, as long as I know where it's trying to connect, I don't care. However, using Active-X to do it isn't exactly comforting.

 

elapsed there is no evidence. A pirated key stops working and someone says it must have been "... by creating an invisble internet explorer activex object instance and takes control over it via COM or by creating a invisible Windows-/Internet-Explorer process and uses it to send and recieve validation data."

Only someone who wants to see bad things written about Sandboxie will take the drivel I quoted as proof of anything.

Again I ask. What did I do to you personally that this attitude towads me is justified in your mind?

 

I don't know if that was meant to be funny, but anyway, I found it funny.

When evidence is removed, there is no evidence indeed.

I ask you now nicely to stop trying to make this thread about me and you. It has a point to exist, let's not obscure it with personal debates of bad history.

 

What is not there to start with can't be removed

 

Elapsed. You try to launch a smear campaign against me. I ask why, you say let's not make it personal. If it wasn't personal then you wouldn't have this bias against me in the first place, and would not easily believe lies about Sandboxie and then repeat those lies with a passion.

Now I've done my part to disqualify all the false accusations about "hidden activation" when the truth is this genius cracker had to have been using a widely circulated pirate key, that I found by googling, and then simply invalidated in a later version of Sandboxie which he then installed.

But rather than assume it was something trivial like this, he proposes the bit of drivel that I quoted earlier.

Now I hope this can put an end to these wild and baseless speculations.

 

You clearly cannot understand that my personal issues with you have nothing to do with this thread, yet you keep trying to bring them up. If I had launched a smear campaign against you, my posts would be about you, not the questionable methods you use for validation in your software.

What exactly did you do short of give us your word and ask us to trust it over his just because it was posted on a hack forum, you know, where people hack software, and find things like this.

Like you do with most discussions you dislike, don't worry, I have no evidence to back up my debate anymore, so I'll leave it in your hands, and the hands of your users to decide what to make of it, and how to proceed from here. Good day.

 

Questionable methods do not get into software by themselves. Based only on paranoid lies of a software thief, you were trying to convince people that I am a dishonest man employing dishonest methods. With neither him nor me providing tangible evidence, you would prefer his mindless drivel over my reasonable explanation. And in the end you concede, but you will make neither a retraction nor an apology. And yet you say your personal issues with me have nothing to do with this thread. Good day, indeed.