on the Todo list me too don't worry we requested it from the very beginning. At the moment you have to copy-paste the ReHIPS.xml file before launching ReHIPS for the 1st time then do some manipulations.
Sadly it's currently more than that with my scenario. We're talking a brand spanking new OS install and needing to be able to 'IMPORT' settings so that they function as expected within ReHIPS. It keeps passwords and such in the XML (Not a big deal, /cough but one I would inspect later) once a user is created but it doesn't help in the 're-creation phase' if the xml already has that info stored but the OS doesn't have said user.... =INVALID=Not functioning as expected... =(
ah yes, ReHIPS wont execute some Isolated Environment (IE) previously made, however you have a (littlebit complicated) separated tool (Rulepack Manager) to edit the .rdb file and preset the rules/IEs you wan't being installed but you have to ask for it in the rehips forum.
Thank you for your opinion and suggestions. You're right, it's possible to use runas. But it requires password knowledge (using passwordless account is prohibited), it requires isolated program to pass the child process check somehow and also to pass runas child process check. If it's that critical, it's always possible to just block runas. I think in this regard, we did our best to provide a way for the user to secure his system. If he set a weak password and manually allowed other checks, we can't fight the user for his own PC We've got it on our TODO list. So we'll get there, one step at a time. I understand that no software is completely uncrackable, it's just a matter of time and persistence. On the other hand I strongly believe that kernel-mode is a path that should be taken with exteme care. So if something can be done in user-mode like license checking, do it there. And I decided not to use any protectors not to introduce additional incompatibilities. Indeed, when someone own a signature, he can resign patched service, but the same also can be done with the driver. Besides signature will most likely get banned for this. And who knows how this patching will affect protection it's a security product after all. And all this fuss for a 15$ program? As promised posted a blogpost here https://forum.rehips.com/index.php?topic=9488.0 about an interesting issue investigated yeasterday https://www.wilderssecurity.com/threads/rehips.364248/page-32#post-2681923 Best Regards, fixer.
It's https://forum.rehips.com now. We had some difficulties with old registrator and their support wasn't helpful at all, so I decided to change it. Best Regards, fixer.
Chrome/Chromium is blocking your forum: https://www.google.com/transparency...x.html?hl=en-us#url=https://forum.rehips.com/
Yeah, it's a funny story actually. Well, "funny" also depends on your point of view. Anyway at first they didn't like ReHIPS setup. Have no idea why actually, it's served through https, certificate is OK, it's signed with a valid signature, no protectors, packers, whatsoever, no AV detections. I decided it's not good and tried to fix it via google webmaster tools. Now the whole forum and site are banned as their crawler found links to the setup. I'm afraid to fix it further, maybe they'll ban the whole server Best Regards, fixer.
Tried ReHIPS last night and this morning. Most of the applications I try to start just result in a black desktop and the SSD working like crazy (see picture). I've tried Discord, Spotify, Process Monitor, Process Explorer etc. I can't shut the frozen isolated environment down either unless I shut ReHIPS down with ctrl + alt + delete with admin. Anyone else experiencing the same problem? Using Windows Defender for Win 10 only. I'm on SUA and got the SUA permission from the admin account in ReHIPS.
i never encountered this froze since all my tests , had some quirks but nothing similar to a froze with heavy disk usage. let's take Process Explorer as example: so you tried to to run Process Explorer sandboxed : 1- by clicking directly on the exe and you have like screenshot 1 , then you chose "Allow In Isolated..." and ended up with screenshot 1a, and pressed "ok" or 2- via "run isolated in ReHIPS" context menu (get the popup like screenshot 1a) and then selected "oK" And in both case the Isolated Environment is launched then froze, right? - Also, on what mode are you, Standard or Expert? - In ReHIPS logs, what it says about Process Explorer? what you mean exactly by this? you added the SUA account in rehips via "trusted users" tab, right?
My best guess is that you've got Copy User Data checked in Isolated Environment, so it copies some data from your real user profile to isolated user profile. This item is checked by default on Standard Mode for compatibility purposes. So you've got 2 options: uncheck it if you don't need it for some program or wait for it to finish. Best Regards, fixer.
Looks like sometimes VBox VMs have this HWID CBEEA890950AFB02C3A72068DEFF53D4345DC43A. So here is Lifetime license key for it 28C5501D4E45F1AF1857973A1A42799A55922DF627C09D6A4E31F5559B18756D69F7EEBA75693661A97DFEF72CA0202840881A55CB81CD5551370D6D9E16B9F9000000000000000000000000FFFFFFFFFFFFFFFF560042006F007800 Best Regards, fixer.
Hi! It's not working. I unchecked "Copy user data" and then ReHIPS give me this error message; 2017-06-06 21:31:23: Failed to start isolated program C:\Users\junge\Desktop\ProcessExplorer\procexp.exe 2017-06-06 21:32:07: Failed to start isolated program C:\Users\junge\Downloads\hmpalert3b709.exe 2017-06-06 21:33:06: Failed to start isolated program C:\Users\ReHIPSUser3\Downloads\hmpalert3b709.exe 2017-06-06 21:36:53: Failed to start isolated program C:\Spel\Teamspeak\ts3client_win64.exe 2017-06-06 21:37:34: Failed to start isolated program C:\Spel\Teamspeak\ts3client_win64.exe See attached image. That's what I get whenever I try to start something isolated. I did however manage to start MPC-HC and 7zip from Program Files. I'm on SUA if that matters.
1) Tried that, not working. 2) Tried that. Not working. Same result with both Standard and Expert. Error message in ReHIPS logs described in one post above (the attached image). Yes, I added my SUA account to "Trusted Users" tab. Everytime I check "copy user data" my SSD is loading a LOOONG time and the isolated environment remains black.
Valid point. But why is not Spotify, Discord or even Teamspeak able to start isolated? They're all installed.
Chrome and Opera do start in isolated environment. The others don't. I'm trying to get them to work or I need to uninstall.
I am doing as described in tutorial videos and using default settings. Sandboxie 'just' works. ReHIPS doesn't. I've re-installed countless of times too. After last reboot I get this error message too;
OK, let's see. At first the basic idea is most (hopefully all) applications should work in isolation, whether it's an installer, some system tool or some other software. But how they work, it's a different question. Most system programs indeed require special access rights and in isolation in best case will be useless and in worst case will just crash. So basically there's just no need to isolate them. Let's take a look at your failed to start programs. C:\Users\ - programs from this folder will indeed fail to start in isolation unless Copy Used Data as checked is isolated programs aren't allowed to read from a real user or some other user profiles for security purposes. What's wrong with ts3client_win64.exe I don't know yet, but I can reproduce that it fails to start, maybe it's a bug, not sure, need some time to check this one. Best Regards, fixer.
What Copy Used Data is copied to the isolated environment? Everything from user space? If that is the case, I had 55 gb of pictures in user space (Onedrive directory set to User Space). If all that data is needed to copy I understand why it's a bit too much.
I fugured out this ts3client_win64.exe issue. There was a small bug in ReHIPS, now fixed, thank you for your report. But it's not recommended to execute this program as isolation anyway as it requires UIAccess-it's some kind of light elevation that allows privileged desktop access. In other words in isolation this program may work incorrectly anyway. Copy User Data works in dynamic. If a program tries to access some file, it's checked. If this file is absent in isolated user profile and present in real user profile, it's copied. So hard to say in advance what files and folders some program will try to access, some of them may be quite huge, so copying them may take some time. Best Regards, fixer.
Whose who had database error on our forum are welcome to come in any time, this issue should be fixed now. And google issue should also be fixed. Best Regards, fixer.
