Sandboxie Acquired by Invincea

You are welcome, Minimalist.

Bo

 

Adding chrome.exe to lingering programs list created some problems - sometimes at startup some chrome processes would fail to start. So I removed it from that list.
As workaround I created shortcut with terminate_all switch and assign it a shortcut key combination. Now if chrome doesn't end by itself I just use this combination to shut it down.

 

I think thats a good workaround. I have a shortcut like that in my task bar for just in case I ever need it.

The shortcut you created terminates all programs running in all sandboxes. Instead, you can create one that terminates programs running in one specific sandbox, like for example, to terminate programs that run in a sandbox named Chrome.

"C:\Program Files\Sandboxie\Start.exe" /box:Chrome /terminate

Bo

 

Thnx for tip bo

 

Yes of course, but I didn't have to disable Chrome's and Vivaldi's sandbox to make it work, so I believe you're incorrect. Both of the mentioned tools install correctly, but Dashlane doesn't even start and Cent can not display tabs, so perhaps you can check it out.

 

No, I am not incorrect. Read the link I posted for you the other day. In the link, users talk about the problem and the current workaround (disable Chrome sandbox). As you know, programs behave differently in different systems. So, you not having to disable the sandbox doesn't make me wonder. Here is the link again. You should read it.

http://forums.sandboxie.com/phpBB3/viewtopic.php?f=11&t=21974&start=30#p125656

Perhaps Cent will display its tab if you disable its sandbox or install it in your system (not in the sandbox) and then run it sandboxed.

Bo

 

Rasheed, I just tried both programs. Cent installed but tabs do not display content, looked grayish. Looks to me to work around that problem, you need to follow the instructions I pointed out to you a few days ago.

Dashlane also installed fine but when it asked to register using an email, I stopped testing and deleted the sandbox.

Bo

 

OK thanks, so it's not just me and I'm guessing Dashlane also wouldn't have worked on your system. It might be because how tightly it wants to integrate with the system, not a good sign anyway.

OK then I misunderstood, because Chrome 40 and Vivaldi 1.6 work just fine, so maybe newer versions will not work correctly anymore. I will install the new Chrome and check it out.

 

BTW, I installed the new Firefox 52 with sandbox enabled, I had to disable all extensions. But it wouldn't work, I couldn't load any website, is this correct? I'm running SBIE 5.13.8 on Win 8.1 64 bit.

 

I was going to tell you that, that newer versions don't work without disabling the sandbox but didnt because I thought you were using their latest.

Bo

 

For many users the new Multiprocess in Firefox conflicts with Sandboxie in their systems. This conflict doesnt happen in everyones computer, I am not experiencing it but there is an issue at this time.

What you describe is what users with the issue experience. To workaround the problem you need to disable Multiprocess. In Firefox this is easy to do.

Open about:config, change preference

browser.tabs.remote.autostart.2

to false and make sure preference

browser.tabs.remote.autostart

is also set to false

By the way, you are using a way way too old version of Sandboxie (Sept 2016). You should upgrade now.

Bo

 

Rasheed this might interest you. I read earlier today in another thread some guy replying to one of your posts insinuating that Sandboxie is affected by "hooks bypass methods".

A few months ago I asked Curt about that when the same guy (there is also another guy who does the same) was spreading same misinformation and this is what he said.

"I did see one post referring to Sbie and user mode hooking. Their information is incorrect. I have explained several times in different posts that Sbie does not depend on hooking for security because they are easy to bypass (among other reasons). Hooking is only used to get apps to work."

Bo

 

You misunderstood, I actually enabled multi-process to see if it worked with SBIE, but apparently it does not. And often I wait a few months before upgrading, especially if SBIE is working just fine.

I think you misunderstood, we both agreed that it's hard to bypass SBIE when malware is running inside the sandbox, you probably need a kernel bug in order to escape it. But you can't do it by magically bypassing SBIE hooks.

 

More likely its you who misunderstood me, maybe my fault. I told you, "To workaround the problem you need to disable Multiprocess.".....and you did the opposite .

Bo

 

Beta 5.17.6 has been released. Changes and improvements below. The big one, Multiprocess in Firefox is now supported .

http://forums.sandboxie.com/phpBB3/viewtopic.php?f=60&t=23888#p125732

Bo

 

I cant test this fix as I didnt experience this issue but the first report from a user confirms its fixed .
http://forums.sandboxie.com/phpBB3/viewtopic.php?f=11&t=23902&start=60#p127136

Bo

 

To clarify, I just wanted to know if the FF sandbox was already supported, and apparently it was not, but now it is. Did you already test it, and does FF perform smoothly?

 

The fate of Sandboxie would be the same as the so many third party HIPS that once appeared promising. However, once every AV program started integrating their own HIPS, all these third party HIPS died. Now that the Windows OS, the main browsers (except FF) all have effective build-in sandbox, I don't see a long life time left for Sandboxie. It's only a matter of when before it bites the dust.

 

These SBIE's trashbags are one of the main reasons I use it, and many others too. So I see SBIE very far from disappearing.

 

Good question Pete. I am not so sure though, how important it is to delete everything when the browser exits. What happens is that our browsing history/DNS requests are already logged on Google or other companies' servers even before the browser exits. Cookies and stuff are convenient for third party to obtain browsing info but I am afraid is the only way to obtain users' info.
The effectiveness of OS and browser built-in sandbox has been proved by several of my observations. 1. Google chrome has not been hacked in the most recent pwn2own hackers contest. Although the Edge (on Windows v1607) was hacked 5 times, Microsoft significantly improved the sandbox in Edge in Creators' Update: https://blogs.windows.com/msedgedev/2017/03/23/strengthening-microsoft-edge-sandbox/
2. ReHIPS is utilizing the Windows built-in security mechanisms instead of any third party techniques. To me it's a vote for the OS built-in sandboxing (Appcontainer) capacity.
There could be others but I ditched third party Antivirus with the Windows 10 Creators Update. I now only use Limited User Account, Windows Defender and Applocker for my security now. Microsoft has been investing in the OS security aspect for years since Windows 8.

 

Yes, Multiprocess is supported now .

I never experienced the issue with Multiprocess. My Firefox has always run smoothly under Sandboxie. Over the years that has been a constant. Even after Multiprocess was introduced by Firefox, my Firefox was great.

By choice I rather keep Multiprocess disabled but Firefox performs the same for me with it being disabled or enabled. And that was so even before official support of Multiprocess was introduced in beta 5.17.6.

Bo

 

No they don't. I experimented with 2 options: 1. browser + SBIE and 2. browser with cache on ramdisk + deleted cache. In 2nd case daily incremental image of system partition is approx. 50 MB larger than in 1st. So using SBIE browser makes less changes to system partition.
I also like how I can prevent browser from accessing personal data. That's not so easy (and convenient) to achieve using OS built- in mechanisms.

 

Not quite sure what you mean by personal data?

 

Personal files, pictures, emails...