Sandboxie Plus 0.8

While it is correct that I have previously contributed changes to Templates.ini, the current changes were contributed by isaak654. He actually just split the common "Phishing Direct Access" template to the respective browsers, which makes a lot of sense. I just noted this time that the asterisk at the end of the line is probably still needed.

 

Wanted to share my little foobar2000 update, maybe David will find it interesting.

So I fixed this, I use foobar2000 Portable, and it's not a Sandboxed program, and it appears that when I did the Windows update/upgrade to 20H2 many months ago, file association for some things, like mp3's became "un-associated" and were set to their defaults by Windows but were still being opened by foobar2000 because of "user choice" or whatever, after running foobar2000 as admin and having it "re-associate" audio files with itself, so that it is now seen by Windows "officially" as the audio player, double clicking mp3's in a sandboxed folder now launch foobar2000 sandboxed.

So yeah, this I guess is what David means by "edge cases" where it does not work...

 

A very minor request for confirmation: On boot, right after the machine loaded the OS, I opened Firefox before Sbie loaded into the tray. So, there was no colored (or black in my case) border initially. Then the border appeared when everything fully loaded up.

I haven't noticed this in the prev. Sophos builds; the border would appear only if started manually. So, the Sbie browser protection comes automatically, after the fact? Very nice if so.

 

BTW, I totally forgot to ask, but can you make GhostPress and SpyShelter's keystroke encryption work with sandboxed processes? KeyScrambler only works if it's selected in the security/privacy settings in Sandboxie Classic, but there are no such settings for GhostPress and SpyShelter. So what happens is that keyloggers can "bypass" protection offered by these tools when apps run sandboxed. You can test it with the first two apps, they are keylogging simulators.

https://www.snapfiles.com/get/antikeyloggertester.html
https://www.snapfiles.com/get/stt.html
https://www.snapfiles.com/get/ghostpress.html
https://www.spyshelter.com/download-spyshelter/

 

OK, I disable forced programs to allow Firefox to update. I used the default 60 sec (I think it was 60, didn't pay close attention). Is there any way to re-start the Sandbox if you're finished way before the 60 sec. is up?

In classic, all you had to do was close and restart the browser because there was no time limit. If anything, I guess I'll set it to 10 sec. next time.

 

~ click Plus tray icon Disable Forced Programs to turn On/Off.

Spoiler: related pic

Classic UI & Plus UI have Disable Forced Programs duration timer.

Spoiler: related pic

~ my timer preference nnnn seconds - Disable Forced Programs On/Off from tray icon. Just me.
https://davidxanatos.github.io/sandboxie-docs/Content/ForceDisableSeconds.html

 

oopsie, yes that's it, thanks.

 

Works very nicely on Windows 11 v.22000.51, specifically containing Firefox and Windows Media Player w/ Drop Rights enabled. Just sayin".

Sbie Plus 0.8.2

With all these new hardware security demands in Windows 11 (I have discrete TPM 2.0), will Sandboxie continue to be a relevant software? I would think the risks would be considerably less but not 0%.

Opinions, anyone?

 

Sbie will stay very relevant. TPM2 and Secure Boot are nothing new, and are a PITA with little real benefit for me.

 

The risks will be 99% as big as they are, all that TPM and Secure boot nonsense does not protect you in the least in a private scenario.
This is only interesting for busyness or when you are a target of a physical attack, i.e. you leave your laptop in the open and go for 15 min to the toilet, in this time a physical attacker could try to compromise it, and this features would make this harder.
All this BS is about limiting your rights as the owner of the platform more than anything, and it helps 0, zero, nothing, not at all against any kind of online threats.

 

Thanks! I felt this was the case but wasn't 100% confident because of all the Windows 11 hoopla.

Thank you for this harsh yet reassuring comment.

 

Did you already take a look at this? SpyShelter and GhostPress can NOT protect sandboxed processes at the moment. Seems like Sandboxie blocks them, SpyShelter is using a keystroke encryption driver and GhostPress is using some type of "global hooking" via usermode.

https://www.wilderssecurity.com/threads/sandboxie-plus-0-8.438361/page-2#post-3014285