Is Sandboxie useless on Windows 10?

@WildByDesign

Thanks Dave, I downloaded stable version and the ghacks tip to change browser.tabs.remote.autostart in about:config worked on 32 bits system.

Firefox with same Low-IL subprocess security as IE9 in 2009

 

So no Appcontainer? was it a misunderstood info?

 

No @mood (post 45) corrected info of @Brummelchen (post 39) suggesting FF had AppContainer, but Low-IL is a great improvement in security for FF, so it is a major change for the better.

5 processes of Chrome use less memory than two processes of Firefox, so they still have a way to go (more memory usually implies more progam code, more program code is more chances on errors in the code meaning more potential vulnerabilities). But let's give FF some time to mature, you can't expect them to time warp their software from 2009 technology (IE9 using Low-IL) to 2016 state of the art technology.

 

#51: Yes, this is what i can see too. Firefox.exe with a Low Integrity Level (not Low priority, which i had mistakenly mentioned in my previous post , but i corrected the post now)
If installed extensions doesn't "support" e10s, the user must change settings in about:config to force it to enable.

 

This return flow guard is the first real win10 exclusive feature I consider to have value.

 

I actually still use Sandboxie now that I upgraded to Win10 a few months ago.

A few people in this thread said this already, about how you can restrict access to selected folders and be certain that any child-processes will also be contained as well. One of the sandboxes I set up has been made to auto-sandbox everything from all of my personal file folders as well as all of the desktop-programs that I use. The only exceptions being my security products and a handful of other things that I scan with Emsisoft EEK, Zemana and Mbam regularly.

If your security product has been proven to miss certain threats sometimes, then I would recommend using sandboxie to test out every setup file for updates of desktop apps and anything new that you wanted to install from somewhere. And especially for all of your daily internet browsing, I.M.'ing and P2P'ing no matter how safe the websites and services you visit and use on a regular basis are. "Trust no program" is the slogan after all.

I would also highly recommend using sandboxie whenever you intend to visit a dirty website, because you never know what might be hidden inside of a banner ad on a lot of those dirty websites that offer "dirty things" for free viewing. Sorry, uncertain about the rule regarding the mentioning of things like that here.

The point is...The windows AppContainer seems a bit too relaxed and easy going after some google'ing I did. So if you have sandboxie, use it religiously. I can't even begin to tell you how helpful it's been for me.

 

GrDukeMalden, that was a very nice post. I like to add something. I not only do the "Trust no program" slogan for programs (I sandbox every program and file I run every time they run during their lifetime in the PC, very rarely I run something unsandboxed), but I carry the slogan a little extra and do it also with websites. I treat every website, the same, I dont trust any or saying it in another way, I trust them all the same. I dont care what kind of site it is, if I am going to browse, I am going to do it sandboxed. Malware can be hidden, embedded in any site, even in the ones from your local church, newspaper or the Vatican. So, I use Sandboxie for any and all kind of websites. There is no reason not to do so. Trust no program....Trust no website .

Bo

 

Bo Knows.

 

I have Sandboxie, 5.26.0.0, which I believe is compatible with Windows 10. I initiated it and then created a folder to see if when I turned my computer off it would be deleted; when I turned my computer off then turned it back on the folder was still there. Unless I am mistaken when I did this in Windows XP the folder had always been deleted. I then did the same with Shadow Defender, 1.4.0.655; and the folder was deleted. Any idea why Sandboxie would not have deleted the folder? As always I appreciate all replies and would thank you in advance.

John

 

What are your Delete settings?

https://www.sandboxie.com/DeleteSandbox
Sandboxes survive machine restart.
Sandboxie is not reboot restore.
Shadow Defender is rollback program.
Sandboxie is not rollback program.
Sandboxie is Isolation program.
https://www.sandboxie.com/FrequentlyAskedQuestions

 

Some time ago sandboxie left a !empty! folder after closing my browser sandbox. Since
there was no content of any sort in it i forgot about it till your question let me remember it.
No clue what was the reason and a newer version seemed to fix it since the problem is gone now. (I deleted the sandbox with s-delete form MS if you did the same maybe it has something to do with it?)
Tldr:
When you got a working backup program you could also try the latest sandboxie 5.27.3 beta. For most people the sandboxie betas are very stable.

 

You're being paranoid, chrome is secure enough, that's all I'm gonna say

Also if your programs can run sandboxed, there's no reason not to, in a separate sandbox each, as long as performance is not affected. But majority of programs, at least the ones I use, require access to the host for one reason or another

 

The settings reflect "automatically delete contents of sandbox". The settings are the same on my Windows 10 Laptop as they are on my Windows XP Pro Desktop. So you can inagine how surprised I was when Sandoboxie functioned differently on the two computers. I thought it had something to do with Windows 10 so I wanted to ask if anyone else was experiencing it. Oh well, hopefully I can figure it out. Thanks for replying.

 

No, Chrome as is is not secure enough. Example: If you are browsing with Chrome unsandboxed and you get hit by ransomware, your host will get infected. That wont happen if you were running it under Sandboxie.

You are calling me paranoid for running all programs I run in a daily basis sandboxed, but at the same time you say, "Also if your programs can run sandboxed, there's no reason not to, in a separate sandbox each, as long as performance is not affected.", that is exactly what I do. So, I dont understand why you are calling me paraoid. But anyway, all I use for security is Sandboxie and NoScript. To completely rely in Sandboxie (no scanners of any kind), I must be strict, and almost every time something runs, it has to run sandboxed. If instead, I was like, lets run this file and this program sandboxed but not that one, Sandboxie its not needed for that site, then I should use real time AV along Sandboxie.

To be secure as I do security, I cant be iffy, I have to be strict. Personally, I think i bend my rules a little bit more than I should, but not enough to endanger my computers. Pretty much, the only time I really put myself at risk is when I install something. But for installations, I am 100% strict. My rule dont allow me to install programs that sound nice and I should try in the host, that rule is not bendable. Many times, I wanted to try sometging, pondered a little about it, but in the end, I always let it go and dont take the chance.

I used to use Shadow defender, but in Windows 10 I decided not to use it. So, when I want to try something, I try it in SBIE, and if it cant be installed sandboxed or the program dont work well in SBIE, I forget about the program and move on.

By the way, almost all, if not all programs you run under Sandboxie or install sandboxed have to have access to the host. If they didnt have access, they wouldn't run or work properly. Sandboxies role is not to block programs running in the sandbox from accessing the host, Sandboxies role is to keep changes (good or bad) done by programs running in the sandbox from affecting your file system, the registry, other programs, the system in general. Sandboxie gives users settings to block programs from accessing your personal files, sensitive files, files that the sandboxed program dont require to access to work. But you cant, for example, block access to AppData, and expect Firefox to work. Firefox needs to reads its own files in AppData for it to work.

Last. In my personal case, running programs sandboxed or unsandboxed feels pretty much the same. I cant tell the difference whether I am running sandboxed or unsandboxed. Theres got to be a little difference but is so little, I cant tell it. If I was using AV, or another type of security program, then, more than likely I would feel some difference in performance as the real time AV, takes time scanning every time you run something sandboxed and when you close the sandbox. But as I use my computer and Sandboxie, 0 loss in performance. Also, if Sandboxie made things uncomfortable, inconvenient, I would have never become a Sandboxie user.

Bo

 

I am baffled as I have Sandboxie on my Windows XP Pro Desktop and my Windows 10 Laptop; and the settings are the same for each. I have always been very hesitant installing beta programs and even with a backup I would be unsure. I will look into it in more detail when I have the time and hopefully it is something I have done. Thanks for your reply.

 

I remember that from when I used Windows. Sandboxie has no performance penalty. It's a gem of a program in every respect and that is the cherry on top.

 

Hi JP, its rare but sometimes, the sandbox doesn't get deleted automatically as it should. If it doesn't, you can manually delete it after navigating to it via Windows explorer, clicking Delete contents or by running something sandboxed again, and more than likely, this time, the sandbox will delete properly. Keep this in mind, if it happens, nothing gets out. Whatever you did in the sandboxed session that didnt get deleted automatically, remains within the sandbox folder until it gets deleted.

Everyone who has used Sandboxie for a while has experienced this sort of thing at one time or another. If it happens very often to someone, then the solution is to find the program thats locking files in the sandbox when you close the sandboxed program. Usually, an antivirus or another real time security programs does the lock that keeps the sandbox from deleting. Most of the time when this happens, if you find out inmediatedly that it happened after it happened, you need to reboot to terminate the lock, after rebooting you ll be able to delete contents of the sandbox.

JP, by the way, Sandboxie 5.26 is fine for W10 1803 and earlier, but you ll need latest beta for1809.

Bo

 

Edit: I C bo elam.

 

I am on Windows 10 and the only time my browsers are not run boxed with Sandboxie is when they need to be updated, nothing like having a clean browser every time you run it.

 

JP, lke bjm was telling you, Sandboxie doesnt delete nothing on reboot. Deleting contents of the sandbox doesn't work like in Shadow defender.

Try this. Make sure you default sandbox doesnt have contents. Set that sandbox to delete contenta automatically, run your default browser in it by clicking the sandboxed web browser icon that Sandboxie places in your desktop, visit a few sites, and then close the browser and as you do it, look at the Sandboxie icon by the clock. If you see a red X, it means contents are being deleted.

Bo

 

It really is, because for someone like me who doesnt want to give up any usability for security, thats what makes it or breaks it.

Bo

 

Normally speaking, modern browsers like Chrome, Firefox and Opera should be secure enough, but if malware manages to bypass Chrome's sandbox, then Sandboxie will most likely still block it, depending on how severe the exploit is.

 

Despite those questions and statements almost make me cry , can't deny the fact they are VALID.

 

Mr X, I am going to say a few things regarding the post you are linking. First of all, Windows 10 1809 is a broken version of Windows 10. Four months after it came out, only about 15% of W10 users are using it. Personally, I am avoiding it, and if I can do, I will skip it.

Second. I installed version 1809 the day it came out on last October third, I had it for 3 days and then reverted back to 1803, and basically, everything related to Sandboxie worked fine (except installing programs in a sandbox). But Sandboxie worked fine, and that was during the days that 1809 was at its worst.

Third. Releasing stable versions always takes time, its been like that for a long time. I think they should cut betas earlier and release more stable versions but thats how that has always been. Thats why we use latest beta all the time.

Fourth. Development continues and will continue. There is always someone wanting to kill SBIE, its been like that for a long time, but on the other hand, there are people who want to keep it alive and as of today, they continue to put the effort to keep it going.

Bo

 

@bo elam

With all due respect:
Do you think those arguments of yours are going to convince me the facts about Sandboxie and the reality about M$/Windows?
The fact there are an alternative for sandboxing such as ReHIPS?
To not see the strange and quite disturbing your relationship as a Sandboxie's fanboy?
To ignore or be blind and stupid to the fact you always defend Sandboxie with sweet talk to minimize our supposed bashing vs. sbie?

With all due respect but you look ridiculous doing so.
Anyone with a decent level of knowledge about this program and security in general could see your intentions.

Btw @guest is not at MT anymore, so no MT boys here trying to destroy Sandboxie.

:facepalm:
:doh:


Btw, if I don't quote or reply to your posts that doesn't mean you won the discussion bro.
It's just ...