Sandboxie Acquired by Invincea

Exactly, I use Sandboxie for running multiple versions of the same app for testing purposes, and sometimes older versions are simply better. So will we be able to do the same with UWP apps, that would be interesting to know. Hopefully, SBIE will be able to virtualize AppContainer in the future.

I also saw this recently, let's hope that Sophos will continue to make money on Sandboxie. Seems like they have now integrated Invincea X and HMPA into Sophos InterceptX, I believe this product doesn't really rely on sandboxing that much. So now BufferZone and Bromium are the only security vendors that offer "full" sandboxing to corporations.

 

Great! thanks Bo

 

ofc they made changes with invicea and sophos - they changed license modell dramatically.
3- or 5- pc no longer - only home use, no business. per year.
compared with other "security" programs too much payment - per year.

i am a lucky unlimited license user - but for new users? this price is no stimulation to buy a license when its limited this way.

so sandboxie is going to be used for free more and more i would say and this would drop it to death.

to notice that Edge as an app has its own sandbox - or apps are running in a windows sandbox to say.
chrome has its own sandbox, firefox too - which makes not really sense to run firefox in the box.

a view in the past for me here - sandboxie has its special settings here but it never happend in the last 5 years.
the license has advantage for other purpose here, but not really security.

if people wont buy a license i am pretty sure that sandboxie will disappear sometimes, abandoned.

 

Brummelchen, just like not all Cola soft drinks taste as good as Coca cola, not all sandboxes are as tight and secure as Sandboxies. That is a fact. People using Chrome, Edge or Firefox without Sandboxie are getting infected everyday. Not so when they run their browser under Sandboxie. You yourself should know that.

I am kind of disappointed in the changes as of late regarding licensing but one thing is for sure about SBIE and licenses, you never know, perhaps in the future, lifetime licenses will make a come back. We who have been around SBIE for a long time has seen then come and go. It is likely they ll be back.

Now, regarding me, I am a pure Firefox user, but I would be crazy to stop using Sandboxie to sandbox Firefox. I, who doesnt use nothing for security other than SBIE knows that SBIE is the real thing. Nothing has ever gotten thru ever since I started using SBIE. There are no ifs about that. If I had to stop using SBIE, to replace it, I would have to replace it with programs that once in a while will let something thru. I would have to accept that as just being the way it is.

Regarding browsing, I think NoScript is pretty close to being enough for security. I kind of believe the reason I never see anything like malware when I am browsing is because I am using NoScript. But any mistake on my part, Sandboxie is like a safety net. The Firefox sandbox can not replace that safety net. No way, my friend.

I might shock you with what I am going to say here. I know one day Sandboxie will die and fade away. It will happen, I accepted and realized that fact the day Tzuk left. I just hope the ride continues. To me personally, what we gotten from SBIE after Tzuk left is like gravy, extra. I think there is a place for SBIE as long as Windows doesn't shut down the usage of non Universal apps.

Bo

 

You are welcome, buddy. As far as I can tell, we ll have Sandboxie for a long while.

Bo

 

that is not the target of my previous answers. you can use a browser (any program) whether license or free.

 

Bo, I know and respect your dedication to SB and FF - I am not as strongly dedicated to any particular browser but have recently moved back to FF. I am curious as to what makes No Script better than UBlocko in your opinion. I have used both but I always feel that ublocko is somewhat easier to handle out of the box. Anything that is particular to your setup with sandboxie? At the moment I am using FF and chrome with ublocko and palemoon with No Script all in sandboxie.

 

I agree that SBIE can prevent malware installation and protect a system. But I know a lot of people that don't use it and don't "get infected everyday". IMO getting infected is not as easy as many would like us to believe.

 

What you quoted is figurative writing. I didn't mean people (everyone in the whole world) are getting infected 365 times a year, but most people believe themselves getting infected is normal, its supposed to happen, and in turn it does happens a few times a year. And most of this people are using Edge, Firefox or Chrome without SBIE.

Earlier tonight, I even found one using SBIE who believes infections are to be expected.
https://forums.sandboxie.com/phpBB3...&sid=e563e5687dea23902d1e156183edabfa#p133468

Bo

 

The one thing that makes NoScript better in my eyes, is that I have been using it for 9 years. I feel very comfortable about it. Thats the honest truth. In other words, if you think script blocking works great by using UBO and is easier than NoScript, you should keep using it. Thats my opinion.

(More figurative writing) NoScript is the grand daddy of them all (script blockers), its been around longer, when I took on script blocking, NoScript was the one that everyone talk about and recommended. UBO was years from being born. So, thats why I ended up adopting and learning NoScript. Over the years, I come to realize that just like SBIE, NoScript is top notch security. I credit NoScript for being the one that keeps me clean while browsing, Sandboxie is like a safety net that never gets used.

Bo

 

Yes, to some degree people have become accustomed to infections and don't fret about it any more. At the same time I didn't see much infections on systems of my family, friends and our customers at my work. Apart from some encryptors infecting few customers' computers, last few years were really quite in that regard. Personally I also didn't encounter any intrusions attempts while browsing. So I assume that getting infected is not something people are experiencing on large scale.
What about yourself? Did SBIE ever saved your system from infection? I'm talking about real life intrusion attempt, not some testing that you were performing.
In years of using SBIE, I never stumbled upon situation where it would save my day. But that's just my experience...

 

To be perfectly honest, I cant pin point any specific time were I can for sure say that Sandboxie saved me. But, and this is a big BUT, before I started using SBIE and NoScript, I used to get infected once or twice a year every year. Getting infected regularly was part of my computer experience. So, I cant assume my getting infected cycle was turned to 0 just because. There has to be reasons why I haven't gotten infected during the past 9 years.

So, what changes did I make to turn my computer experience around? My browsing is the same, perhaps even more dangerous now as I do same kind of browsing as before, I don't do safe browsing, but now I do activities that are dangerous that were not available in 2008 (last time I got infected). So, my browsing is even more dangerous now than before. I believe when I used to get infected, I got most of the infections while searching Google or Yahoo. Clicking the wrong links. I still do same type of searches. My interest are basically the same in 2018 as they were in 2008.

About learning security, I know the basics, that's it. I dont spend hours searching or learning security. Knowing the basics, using NoScript and Sandboxie and changing a few computer practices turned my computer experience around. So, the reason why I don't get infected anymore is not only due to using SBIE but using SBIE is an important part.

Also, when you ask "Did SBIE ever saved your system from infection?" you should remember, most malware is sandbox aware, when it detects its running sandboxed it doesn't infect, doesn't do nothing to fool people into running the malware out of the sandbox. So, we cant assume that SBIE hasn't save me just because I cant pin point any specific time were I can for sure say that Sandboxie saved me.

Bo

 

I guess that we have different experience, Bo. I've never had problems with malware so I don't have a software that I consider a must, to keep my computer safe. Thinking of it, I would say Macrium is closest to it.

 

5.25 Beta Available (Latest version 5.25.4) - Sandboxie Support

Changes in 5.25.4 (Beta 5.25.3 was skipped as it was tested internally)
1)Fixed Firefox sandbox content level 2+ issues related to audio, video, printing and crashes:
2)Fixed Firefox "SBIE2205 Service not Available: CreateDesktop"
3)Fixed BSODs and hangs related to Windows 10 Insider v17666

 

Regarding Firefox sandbox content level, this is what was fixed in 5.25.4.

https://forums.sandboxie.com/phpBB3/viewtopic.php?f=17&t=25369#p133544

Bo

 

I disable Multiprocess and set my security.sandbox.content.level to 0. But I just tested 5.25.4 by running the Firefox profile manager sandboxed to create a new Firefox profile, and can confirm, the fix works. Now, you can, if you want, use Multiprocess, and dont have to lower sandbox.content.level in order to run Firefox 60.0.1 sandboxed. Nice fix.



Bo

 

OK, so you can leave 'security.sandbox.content.level' at default 5, or revert to 5 if you lowered it?

Edit: OK, confirmed, it works. Well done Sandboxie devs , hope Sophos remain true to their word re keeping the product alive.

 

Changed from level 4 to level 5. No problems with Firefox 60.0.1 and beta 5.25.4.

 

your definition of "pure"? so it means not "untouched".
if so you muss assume that people get infected 24/7/265 because you disabled most of firefox security mechanisms.
sorry, but i wont talk on this level.

 

To you, pure means untouched. To me, "I am a pure Firefox user" (the words I actually wrote) means, I dont use any browser but Firefox. I dont install any browser but Firefox.

I disable Multiprocess and set sandbox content level to 0 to avoid conflicts. My reasoning is that this conflicts could weaken Sandboxies sandbox. It can happen. Additionally, Sandboxie doesnt need Firefox sandbox. The words I wrote you quoted are part of a paragraph where I write about my experience using Firefox under SBIE (0 infections). In y view, it doesnt make sense to change a formula that has worked for 9 years.

Bo

 

Sandboxie has saved me from browser hijacks, and I have also been infection free the same as Bo, with Malwarebytes stepping in for a few PUPs for my 8 years with Sandboxie.

I recommended it to a work colleague, who ignored me and had a browser hijack that destroyed his system a week later.

 

malwarebytes is only a reacting software outside any other software. as premium it could prevent links, but not infections (* infections could be blocked when start working, but the infection itself has already been made). the goal has to be to secure firefox from internal. as i tried to explain firefox has a lot of security mechanisms which need to be broken. you "browser hijacks" all came from outside (system) as firefox was vulnerable by design before quantum. thats a small but important difference. if you have kept your system clean firefox wont be hijacked, very simple. now with quantum it is much harder. if you speak about unsecure sites and pages where javascript is a trigger to use flash, pdf or other plugins (thats why quantum only allow flash) you have to add security to prevent, any good blocker will do.

@bo - pure= untouched is not what you said as i cited that text for you.
firefox itself very secure and to count infections and compare them with a much higher amount of not infected firefox installations or system is not worth the work.

i have only uBlock installed to lock out, some few for my privacy - but in general i could work without as many other users because the rest of my system is secure - and i dont use any active scanner behind.

and as i tried to explain - lowering the sandbox level will make firefox unsecure. a sandbox will prohibit spreading to system but i can not prevent to read out data and transmit it with firefox into the web. even not if you limit a sandbox to firefox. and thats always what people have to learn and got wrong.

if you use firefox in a box as you described its NOT untouched, its no longer secure as before and ofc this has to lead to malicious behavior.

 

Actually I hope they will not, because lifetime license are probably not interesting to a big company like Sophos. For now the only thing that is important that they will have a healthy cashflow coming from SBIE. I even hope they might add certain features to SBIE to make it even more powerful, but it should not become bloated of course.

 

Me too! I agree with you on this, I really hope they switch to annual renewal scheme.
For Sandboxie to live long and prosper for the many years to come.

Yes. This is a material world and monetary system everywhere. Fully agree.

I'm not with you on this. Hope they add nothing.

 

Brummelchen, from my point of view, I am safer by disabling Multiprocess/lowering sandbox content level. I know its hard for you to understand where I am coming from but I ll try to explain.

I disable Multiprocess and lower to 0 sandbox content level to avoid conflicts, OK. Until Sandboxie 5.25.4, in computers were this conflicts occurred and were detectable, they would show up as loss of sound, crashes, failure to print, video issues. Users could experience one or more of this issues. Personally, I didn't experience any of this issues.

The conflicts that concern me are the ones that are not visible, for example, if at some point in time the Firefox sandbox conflicts with SBIE, and this conflict manifest itself by lowering Sandboxies protection (this is something that you cant detect as its not visible), perhaps the conflict between sandboxes opens a hole in SBIE, I could be in trouble when I get hit by malware. Thats my whole point for doing it. I want Sandboxie to be at its best at all times and I achieve that by not using any other security product and now that Firefox has some sort of sandbox, disabling it. There are documented case when using other security products, even though there was no apparent conflict, indeed there was one that affected SBIE by opening a hole.

About the problem you are having with me using the term pure next to Firefox. Once again, when I wrote "I am a pure Firefox user", its an about me thing, not Firefox. Like I said, it "means, I dont use any browser but Firefox. I dont install any browser but Firefox." I think its pretty clear what I mean.

Bo