Sandboxie vs. SpyShelter Restriction...

Discussion in 'sandboxing & virtualization' started by sweater, Apr 5, 2014.

  1. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    True, very true, Peter, but could you give me more details on this, and if you want to send me pm, Peter on issues how many times and in what situations Sandboxie saved you from all forms of infections, infected web-browsers, infected websites and similar-if you don't mind?
     
  2. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    I agree, CWS. About "except those inside browse." Thats why we have to be extremely carefull about addons that we install. I avoid installing addons, plugins, etc as much as possible and only install the ones that I really need and are well known.

    Bo
     
  3. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Hi Yuki, please read the post by Kerflot. Its old thread but his comment might still apply today.
    http://forums.sandboxie.com/phpBB3/viewtopic.php?t=17445

    Bo
     
  4. 142395

    142395 Guest

    Thanks, I didn't know this thread but I read (maybe) another conflict report in other place, I thought you also participated in the discussion but sorry can't remember where it was.
    Anyway, things might changed so I asked current state for Lagavulin16 (or any other who use both program) as I'm also a kind of HIPS fun, not for Restriction mode (so I'm afraid this might be off topic...)
    However, if conflicts occur intermittently, it's not for me.
     
  5. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    I believe the conflict is still there but Lagavulin16 post says differently. Perhaps things have changed and both programs can now work along each other. If you want my opinion, I ll say stay away from using Spyshelter along SBIE to avoid conflicts. But its only my opinion, though.

    I don't see any Software compatibility settings for Spyshelter in Applications, that tells me that from the Sandboxie side, software compatibility settings have not been developed to make both programs work better along each other. If there had never been a problem between both programs in the past, that would not be a big deal. But since there were problems in the past, not seeing compatibility settings available kind of gives me a bad hunch about recommending using Spyshelter along SBIE.

    Bo
     
    Last edited: Jan 21, 2015
  6. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    One way to find out. Image your system and try it. If it's bad just restore.
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I run them both and there is no problem. But I didn't test the "restricted apps" feature, this may conflict with SBIE, because of it's use of a restricted token.
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    The firewall should show all apps that are allowed to connect out and are allowed to accept incoming connections. The rules window, should not show me all apps from trusted folders. It should also not make separate entries for allowed or blocked behaviors. It should show me which apps are trusted and restricted. The log window, should not show me stuff related to trusted apps, and should not auto-scroll. I could mention some other stuff, but I think this is already enough.
     
  9. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    @Lagavulin16

    I made sure the Sandboxie executables that were triggered by SpyShelter were ticked, to be remembered... the only thing I didn't do was add them to the "exclude" section. By the way, I am just using SpyShelter Premium, not the firewall... I will give it another shot anyway, you've peaked my interest... ugh!
     
  10. Lagavulin16

    Lagavulin16 Registered Member

    Joined:
    Nov 26, 2014
    Posts:
    195
    Location:
    Emerald City
    @142395 Hey, buddy.. no conflict whatsoever. My impression is that this application will blacklist "new" downloaded applications in general. imho, the HIPS appears to function similar to an anti-exe app. Regarding Sandboxie, go into the Spyshelter's "Rules" section and make it allowed with a few right clicks and that's it (a screen shot would be nice... my apologies). A while back, an update with Shadow Defender was a bit of a hassle. Spyshelter gives the option to exclude program files from protection similar to antivirus/malware applications via right-clicking on a file/folder and adding it to the Spyshelter exclusions list. In doing so, the SD problems with updates, etc., were resolved. I have no interest in switching my security set-up every other week, but I would expect that the option to exclude program files should address your concern regarding "conflict with other widely used security software." In any event, it's smooth sailing with SBIE and Spyshelter firewall. No problems with MBAM and Emsi, btw.
     
    Last edited: Jan 22, 2015
  11. Lagavulin16

    Lagavulin16 Registered Member

    Joined:
    Nov 26, 2014
    Posts:
    195
    Location:
    Emerald City
    @marzametal The GUI for the firewall version offers "Protection": "Rules"; "Log Window"; "Restricted Apps" : "Firewall" ; "Settings" ; "About"
    The "Rules" section will clearly indicate what is allowed and blocked. All Sandboxie related items were right-clicked and made allowed. Assuming Spyshelter Premium offers the same option, you can also go in to your computer's Program Files and right-click to exclude the Sandboxie folder from Spyshelter's purview.

    @Rasheed187 My passive contention with your posts is that you seem to suggest that the GUI is "unhandy" as in difficult, possibly confusing, and not user-friendly. That's simply not the case--> especially with the option under Settings to "Auto-block suspicious behavior." (More or less as in shut up and do your job, naturally.) I've followed your posts with little choice in the matter and appreciate your incessant need for lucidity and perfection. If you find that perfect firewall, I'll surely see it in your futures posts and will follow up on it posthaste! No reason not to ditch a life-time license in pursuit of perfection. ;)
     
  12. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
    Unfortunately sometimes it's not enough...sometimes it necessary to switch deffault option in encryption settings to "better compatibility mode".

    SpyShelterPremium_06large.png
     
  13. Lagavulin16

    Lagavulin16 Registered Member

    Joined:
    Nov 26, 2014
    Posts:
    195
    Location:
    Emerald City
    @ichito I did not enable the "keystroke encryption" mode as it appears that you have in your screen shot. Also, my understanding was that if you do enable the encryption, it will definitely break Sandboxie.
     
  14. 142395

    142395 Guest

    Yup, but I hear some bad review about their trial system here and there?:confused: My OS is 64 bit so freeware ver is not available.
    Thanks as always!;)
    I also won't use restricted mode.
    Thank you very much! Well, so I have to allow Program Files if I want to avoid conflict? It's a bit problem for me...as I want to restrict even trusted programs as much as possible. Well, I admit I'm too picky when it comes to HIPS. Also have you heard about compatibility with Toolwiz TimeFreeze? It's also my one of favorite, but as you know quite similar to SD.
    Anyway, that confirmation of no-conflict still makes sense for me.

    Pardon me, what does actually happen if you enabled encryption with SBIE?
     
  15. Lagavulin16

    Lagavulin16 Registered Member

    Joined:
    Nov 26, 2014
    Posts:
    195
    Location:
    Emerald City
    @142395 The "Program Files" was a quick resolve to the Shadow Defender problem I ran into earlier and does not pertain to Sandboxie. I may have been impatient to apply a more granular method, but considering it was Shadow Defender, that was that as they say. In my case, the Sandboxie resolve DID NOT necessitate a folder exclusion. As Peter2150 suggested in post #31, give it a spin and please post your thoughts afterwards. If your reluctance is based on the compatibility with SBIE, it's possible that no tweaking will be necessary if the firewall is installed after the fact. And if there is a SBIE conflict, again, under the "Rules" section of the GUI, a quick 20 seconds or less clicking to "allow" will resolve the problem.

    As for the "keystroke encryption" incompatibly, I briefly passed over an advisement probably in the Spyshelter forum(s) (although it may have been Sandboxie as well) not to apply the encryption when running Sandboxie. It's in writing (fwiw), and verifiable as such if you care to dig around.

    At this point, I'll probably refrain from posting any further comments on this or any other thread regarding Spyshelter firewall. "Fanboyism" need not apply.

    Again @142395... if you come across a superior firewall please let me know (via PM or whatever). I made the same placating proposition to Rasheed but needless to say, coming from you, that would be a real zinger! ;)
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    It's a matter of high standards, and being extremely picky especially when it comes to usability and GUI. Sometimes I wish I wasn't like this. The GUI is not confusing, but unhandy, and I already explained why. But a lot of people don't care about this stuff.

    It only breaks Sandboxie if you choose "better protection mode".
     
  17. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    Ugh... so my tail has been dragging for days here, trying to figure out how @Lagavulin16 got Sandboxie and SpyShelter running side by side... but it turns out the thing that causes the drama (keystroke encryption) was avoided. Damn. Bit hard to put security higher than convenience if one application is being neutered just to allow compatibility with another.

    Curious, how many of you use the default Admin account that came with your Windows installation (eg: not the hidden Admin account, but the one that is created on install - says Admin next to your username) OR have created a seperate "Standard User" account?
     
    Last edited: Jan 22, 2015
  18. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    Cloooooooooooooose, so close :) Naturally, making all Sandboxie related items allowed is the way to go. But to get rid of the annoying message at bootup (without ticking "do not show this message again"), I had to add C:\Program Files\Sandboxie AND C:\Sandbox to SpyShelters' exclude list. Woo hoo, side by side with full force! +1 to you!
     
  19. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
    OK...I'm not using Sbie at all so I can't agree or disagree...maybe one more tip could resolve your problem - you can disable keystroke encryption for specific processes...see below.
    Enter into "Keystroke encryption" tab, chose option "do not..." (#2) and push button "add" (#3)...you get menu and make the next choise from the list - #4 or #5

    ssfw-0001.jpg

    If #4 will chosen you'll get own process manager of SS...select the needed and push "OK"

    ssfw-0002.jpg

    If #5 will chosen you just enter the name of process in empty box

    ssfw-0003.jpg
     
  20. TS4H

    TS4H Registered Member

    Joined:
    Nov 5, 2013
    Posts:
    523
    Location:
    Australia
    Hi everyone sorry to derail this thread a little bit. I have not used Spyshelter and Sandboxie together for a very long time, since Tzuk days and these have evolved immensely. Could someone tell me if there is anything special i need to do to either SBIE or SSP to make them function as expected and to greatest strength?

    regards,
     
  21. 142395

    142395 Guest

    Thanks for very detailed explanation and sorry for late reply:)! I'll try 14 day trial but is it truly full-function version? I ask it cuz I had heard some bad experience about their trial system (no offence intended). And I was not clear, but what I want to test is SS Premium, not FW. There're not many options for those who love stand alone HIPS if the system is 64 bit Windows, but SSP is one of that and this is what I'm very attracted.
     
  22. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    @ichito will give it a shot...

    EDIT: you came soooo close...
    I added SbieCtrl, SandboxieRPCss, SandboxieDCOMLaunch, SbieSvc to the Process Filter tab. Then I switched to the Advanced tab and chose "better protection" over better compatibility, and gave the PC a reboot.

    I remember I didn't tick the box to prevent the Hooks Guard startup warning by SpyShelter, so was happy it didn't pop up. However... tried to run Firefox in a Sandbox, got this...
    pic01.jpg
    The definitions are as follows...
    pic02.jpg
    pic03.jpg
    So... I get out of all of that, and switch back to "better compatibility"... no more errors, Firefox loads properly. I guess there really isn't a way to have protection selected while using Sandboxie... ugh!

    Mind you, I also have the Sandboxie directory and the Sandbox directory in the rules list as "allow all actions"... go figure! It might be a good thing though, if you know you're not going to use a Sandbox during your PC session, boost protection, and vice versa if you need to use a Sandbox... hmmmm...
     
    Last edited: Jan 28, 2015
  23. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,549
    Bo, I'm not sure which conflicts you are referring to, because right now I am using SpyShelter Premium 10.7.6 together with current version of Sandboxie, on Windows 10 x64, chrome x64.
    So far, so good. I have not done extensive testing by any means, but my first impression is good. I think they can complement each other.

    EDIT: Sorry, I just noticed that your post that I am replying to is from a pretty long time ago. Maybe things have changed since then?
     
  24. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Oh, yes, very long time. And I believer things between Sandboxie and Spy shelter have since that time, changed for the better. I heard good things about SS interacting with SBIE from a new Sandboxie user at the Sandboxie forum about a month ago. And now you and someone else about a year ago in this thread was saying that also. I haven't read any complains for a long time, so, its probably OK to use both programs together at this time.

    Bo
     
  25. Spyshelter's "sandbox" is only a restricted token with a disk access restriction (for all restricted programs/folders). The HIPS module is deactivated for restricted programs. So it makes not much sense to combine it with Sandboxie (since SBIE protection is much stronger: low rights token plus per program disk access restriction plus additional HIPS like process virtualization).

    Only way IMO to use them together
    - Protect low risk programs with SS, put their data folders under restricted token protection
    - Put high risk programs in a fine granular SBIE-sandbox
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.