Sandboxie Acquired by Invincea

But that's the thing. They didn't spent any money on sandboxie.

Sandboxie just happened to get picked up.

 

In June 2013, Dell announced an OEM partnership with Invincea and began shipping a new endpoint security solution dubbed “Dell Data Protection | Protected Workspace” on all of its commercial tablets and PCs worldwide.

In December 2013, Invincea acquired Sandboxie for an undisclosed amount. Sandboxie is a pioneer in the Windows Containment and sandboxing market, making it a logical addition to Invincea’s technology portfolio.

In May 2016, Invincea launched X by Invincea. X protects endpoints by detecting and blocking known and unknown malware—without signatures in real-time. X combines deep learning, which is an advanced form of machine learning, behavioral analysis and isolation technology in one lightweight agent. These technologies work together to provide better threat prevention without any negative impact on the workforce. The technology is built based on years of co-development with DARPA. Using this technology, X can determine if a file is malicious, even if that file has never been seen before. X also provides needed visibility to security teams without overwhelming them with data or requiring additional resources.

 

That's worse. Like Bo said. Most people working at Sophos didn't even know what it was. The devs of sophos products didn't know what it was when they bought the company to have something else.

 

Sandboxie is a niche product so it doesn't surprise me they didn't know much about it.

 

Yeah, it just seems kind of dumb that they didn't do a little research about what else Invincea did at the time.

 

Sophos didnt buy Invncea to get Sandboxie, the truth is that SBIE just came along with the purchase. We love SBIE, but we shouldn't assume that others care about it. Months ago I was told by Curt (read the following quote), and sort of suggested I mention what he said, here. I didn't do it then but I ll do now, he wrote, "BTW, I have read several posts from people stating that the Sandboxie code has been integrated into Sophos products. That is not true. Sophos has not used ANY Sbie code anywhere. Feel free to let people know about that".

Bo

 

emsisoft never integrated code from online armor and symantec never code from atguard. surprise surprice.

 

What's Direct Access path for new Edge Phishing/Malware database?.
Does > Template=Chrome_Phishing_DirectAccess < work with new Edge sandbox?

 

Hi bjm, using the Chrome template is not going to work for Edge but based on what it covers for Chrome, I think you could give Edge direct file access to this folder or the file inside the folder:

AppData\Local\Microsoft\Edge\User Data\Safe Browsing

In that folder, I only have one file. I don't know if the folder is supposed to be populated with more files. Personally, I don't care about using Safe browsing so I don't allow this access and if I knew how to completely disable Safebrowsing via Edge settings, I would do it. We can do that in Firefox but I am not sure if we can in Edge. The only Setting I see in my Edge that is kind of related to Safebrowsing is one that is about blocking potentially unwanted apps, I have it Off, and is greyed out. Probably is like that because I disable Smartscreen and everything related to Windows defender.

Also, take a look at this folder. Perhaps inside you ll find other files that you might want to allow access to:

AppData\Local\Microsoft\Edge\User Data\CertificateRevocation

Bo

 

what about:
AppData\Local\Microsoft\Edge\User Data\SmartScreen
AppData\Local\Microsoft\Edge\User Data\Safe Browsing Cookies

what about: new Edge "Tracking prevention"?
--------------------------------------------------------------------
Does Firefox Template include Firefox "Enhanced Tracking Protection"?

 

Regarding User Data\SmartScreen, in my computer, files there have the date I installed Edge. Remember, I disable Smartscreen.

The two locations I wrote in my previous post were based on what I see allowing access to Phishing database does for Chrome. Smartscreen is for Edge, so I dont know how you want to treat it. Or how SBIE would treat it in settings if Smartecreen covered Chrome.

Regarding User Data\Safe Browsing Cookies, I dont have anything that relates cookies with Safebrowsing.

Regarding "Tracking prevention". I want the least tracking protection I can get from Edge. So, I left that setting on default, which is Balanced. I want it like that because I want to do the blocking of trackers myself, via NoScript.

Regarding the Firefox template including Firefox Enhanced Tracking Protection, I dont think so.

Bo

 

> added and tested new Edge sandbox against openphish.com samples.
AppData\Local\Microsoft\Edge\User Data\Safe Browsing
AppData\Local\Microsoft\Edge\User Data\SmartScreen

SmartSceen was silent against openphish.com samples.

> tested
AppData\Local\Microsoft\Edge\User Data\Safe Browsing\*
AppData\Local\Microsoft\Edge\User Data\SmartScreen\*
SmartScreen was silent against openphish.com samples.

> tested

SmartScreen was silen against openphish.com samples.

Note: SmartScreen works as expected against openphish.com samples outside new Edge sandbox.
------------------------------------------------------------------
Firefox Enhanced Tracking Protection appears to work with just Firefox Phishing template.
IDK if Enhanced Tracking Protection has local database?

 

The template for tracking is needed only if there is a database and would be for updates to get saved outside the sandbox. That way updates of the database don't get deleted when you delete contents and dont have to be downloaded over and over. Thats the purpose for this type of settings. For Edge, it should be the same. Anti tracking in Firefox should work as designed even if you don't allow anything to go outside the sandbox in Sandbox settings, same with Edge.

Bo

 

Yes, I grasp the concept for updates to get saved outside the sandbox.
I've been thinking about Chrome & Firefox built-in protection/s since, I've not been able to get SmartScreen to work in my Edge sandbox.
Just a head scratch.

 

related folders are in my Edge sandbox ... but, SmartScreen does not work = head scratch

 

Started having a problem with Sandboxie. In Firefox I cannot get into my Hotmail account, I cannot even get to the web page. All other accounts I can get into and all other web pages work. Using Firefox WITHOUT Sandboxie I am able to do everything. Not sure when this started. Using Firefox 73.0.1 and Sandboxie 5.31.6.
Thanks much, Acadia

 

THANK YOU, stapp. Latest version of Sandboxie did the trick!

 

Has anyone been able to get Outlook (part of Office 365) to function properly inside Sandboxie? If so, can you paste you template? I can get it to open, but after that the gui stops being responsive and nothing is clickable.

 

Latest versions include the following Blocked Access setting:
*\cryptngc.dll

Users of older Sandboxie versions can add this manually. But really it's best to update to the latest version as suggested by stapp.

 

See ^

 

I am also curious as I've tried many times to do this without any success.

 

I hope that when they make it open source, developers wil be able to make money out of Sandboxie, that's the only way it will survive. I would be willing to pay a yearly fee, let's say 15 to 20 bucks a year.

 

I am getting frequent error messages and forgot what they actually mean:

SBIE2303 Could not hook CoGetObject (33, 1655)
SBIE2303 Could not hook RegisterDragDrop (33, 1655)
SBIE2214 Request to start service 'bits' was denied due to dropped rights
SBIE2219 Request was issued by program SandboxieDcomLaunch.exe [DefaultBox]
SBIE2220 To permit use of Administrator privileges, please double-click on this message line
SBIE2214 Request to start service 'bits' was denied due to dropped rights
SBIE2219 Request was issued by program SandboxieDcomLaunch.exe [DefaultBox]
SBIE2220 To permit use of Administrator privileges, please double-click on this message line
SBIE2214 Request to start service 'bits' was denied due to dropped rights
SBIE2219 Request was issued by program SandboxieDcomLaunch.exe [DefaultBox]
SBIE2220 To permit use of Administrator privileges, please double-click on this message line
SBIE2214 Request to start service 'bits' was denied due to dropped rights
SBIE2219 Request was issued by program SandboxieDcomLaunch.exe [DefaultBox]
SBIE2220 To permit use of Administrator privileges, please double-click on this message line
SBIE2214 Request to start service 'bits' was denied due to dropped rights
SBIE2219 Request was issued by program SandboxieDcomLaunch.exe [DefaultBox]
SBIE2220 To permit use of Administrator privileges, please double-click on this message line
SBIE2214 Request to start service 'bits' was denied due to dropped rights
SBIE2219 Request was issued by program SandboxieDcomLaunch.exe [DefaultBox]
SBIE2220 To permit use of Administrator privileges, please double-click on this message line

The explanations on the sb page are not very clear to me and while I am tempted to just hide these, the question "are you really sure" makes me uncertain again. Sandboxie seems to be working for me but if I am constantly bombarded by these error messages, I am not sure I want to continue using the program. Eg. what is SandboxieDcomLaunch.exe trying to do - it's their own program that is being prevented from doing something?