Is Sandboxie useless on Windows 10?

Discussion in 'sandboxing & virtualization' started by CoolWebSearch, Dec 1, 2016.

  1. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,550
    to tell you the truth, I did not check it out thoroughly. When I did not see the outward signs of HMPA at work, I assumed that it is not working at all. Maybe I am wrong about that.
     
  2. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,550
    okay, my bad. false alarm. after a reboot, the green border etc reappeared...
     
  3. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    6,028
  4. guest

    guest Guest

    I agree and sandboxie offers some other cool features (like the forced modes). Anyway you can't compare a security feature built in an OS with a dedicated software, and even less when the technologies used are different.
     
  5. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,550
    @guest, what's "windef" in your signature? Is that something new, and what is it?
     
  6. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,919
    Location:
    .
    Windows Defender. :geek:
     
  7. guest

    guest Guest

    WinDef = Windows Defender
    WinFW = Windows Firewall
     
  8. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    Brummelchen, guest, actually it can be possible to compare this what's the point of SBIE if you can do those tweaks with Appcontainer inside your own OS?
    AppContainer simply replaces Sbie in most of the tasks that Sbie always does all the time (once you tightly configure Sbie everywhere).
     
  9. guest

    guest Guest

    Appcontainer is valid only with Metro Apps while Sandboxie can be applied to most of the softwares.

    Also Sbie can isolate any folders the user want. Appcontainer cant do it because it is a mechanism of Windows and not an application.

    So we have to wait an application to be able to implement capabilities from Appcontainer to other softs.

    Until then Sbie will be still useful.
     
  10. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247

    And who say that Appcontainer will not sandbox/isolate everything in Windows 10 what is part of Windows 10 OS, eventually?
     
  11. guest

    guest Guest

    Everything? no, but more areas possibly. but it won't be isolation but more virtualization (which is already implemented to the registry and others places when you are using SUA)
     
  12. @guest and @CoolWebSearch

    I think Cool has a point, consider a Windows 10 desktop:

    - Use metro Apps for pdf-reader, media, mail, agenda, skype, social media (apps) and access Office online through Edge
    - Use Chrome for browsing and gaming

    With Control Flow Guard and Return Flow Guard exploits have a hard time escaping the AppContainer sandbox. This pretty much covers all internet facing software I can think of (I don't mind desktop utilities apps running medium IL like CCleaner, Synback, etc). Use the DESKTOP-TO-APP-CONVERTER for the rest (LINK). When you are willing to provide M$ with usage metrics: Windows 10 build in security. what else?

    Using SBIE or HPMA is not bad, it is easier than tweaking your Windows 10 OS to provide simular (or better) protection. As long as there are people using Firefox there is a need for programs like Sandboxie and HPMA.
     
    Last edited by a moderator: Dec 10, 2016
  13. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    appcontainer is not used for any win32 apps by default. Chrome will use it, but thats a special case rather than the norm.
     
  14. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    6,028
    any chromium release use the sandbox, and firefox is able since v48 (e10s officially introduced) but disable it for reason sometimes (extensions to name). @guest already explained it well.
     
  15. @Brummelchen Firefox is at release 50. So it has AppContainer sandbox now, that is big news! Well done.

    So Firefox catches up like it did in XP area when it was the second safest browser (after Opera, but way more safer than Internet Explorer).
     
  16. guest

    guest Guest

    yes it is what i do, i'm using most of the Metro Apps (some are quite handy) , if i have specific needs not covered by them , i use portable versions.

    This much an hassle to me :D

    Agree.
     
  17. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,550
    appcontainer in firefox works like in chrome? How to enable it?
     
  18. Sorry, you have to ask @Brummelchen he came with this breaking news (I have not touched Flunky Fox since I moved from Xp to Vista)
     
  19. guest

    guest Guest

    Same here , very long time i ditched it in favor of Chrome.
    That is a huge step forward in FF's security (which was the weak point); once i will know the tweak i may reinstall FF :D
     
  20. guest

    guest Guest

    For each website a new firefox.exe-process is launched, and it has a Low Integrity Level. But it is no AppContainer sandbox like in Chrome.
    Firefox.exe = Low Integrity Level
    Chrome.exe = AppContainer
    But even if it's no AppContainer, "e10s - Multi-process Firefox" is an improvement.
    Edit: cosmetic fix
     
    Last edited by a moderator: Dec 12, 2016
  21. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,604
    Location:
    U.S.A.
    IE has been using AppContainer since ver. 10. You have to be using WIN 7/8/10 x64, running x64 IE, and enable advanced EPM. Edge by default runs in AppContainer on Win 10 x64.

    Edge is more secure than IE11 due to how AppContainer is implemented for it on Win 10 x64. Also Edge runs as a service adding more security.

    -EDIT- If you run IE11 in private mode on Win 10, then IE11 runs identical to the way Edge does; it runs as service under RuntimeBroker.exe. This combined with AppContainer assuming advanced EPM is enabled makes for a very secure browser.
     
    Last edited: Dec 14, 2016
  22. Thanks you mean Low Integrity Level. So I have to try it out and see whether I can isolate Firefox completely with MemProtect and Fides/PumperNickel (nice project between Christmas and New Year)

    EDIT: downloaded Firefox, it was still single process and ran at Medium Level Integrity Level, where to download this multi-process Low IL version?
     
    Last edited by a moderator: Dec 11, 2016
  23. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
  24. guest

    guest Guest

    so still not interesting to me.
     
  25. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,550
    you need the "nightly" build to get multi-process
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.