Sandboxie Acquired by Invincea

Discussion in 'sandboxing & virtualization' started by ad18, Dec 16, 2013.

Thread Status:
Not open for further replies.
  1. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,372
    But that's the thing. They didn't spent any money on sandboxie.

    Sandboxie just happened to get picked up.
     
  2. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,709
    Location:
    New Mexico, USA
    In June 2013, Dell announced an OEM partnership with Invincea and began shipping a new endpoint security solution dubbed “Dell Data Protection | Protected Workspace” on all of its commercial tablets and PCs worldwide.

    In December 2013, Invincea acquired Sandboxie for an undisclosed amount. Sandboxie is a pioneer in the Windows Containment and sandboxing market, making it a logical addition to Invincea’s technology portfolio.

    In May 2016, Invincea launched X by Invincea. X protects endpoints by detecting and blocking known and unknown malware—without signatures in real-time. X combines deep learning, which is an advanced form of machine learning, behavioral analysis and isolation technology in one lightweight agent. These technologies work together to provide better threat prevention without any negative impact on the workforce. The technology is built based on years of co-development with DARPA. Using this technology, X can determine if a file is malicious, even if that file has never been seen before. X also provides needed visibility to security teams without overwhelming them with data or requiring additional resources.
     
  3. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    392
    Location:
    VPN city
    That's worse. Like Bo said. Most people working at Sophos didn't even know what it was. The devs of sophos products didn't know what it was when they bought the company to have something else.
     
  4. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,372
    Sandboxie is a niche product so it doesn't surprise me they didn't know much about it.
     
  5. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    392
    Location:
    VPN city
    Yeah, it just seems kind of dumb that they didn't do a little research about what else Invincea did at the time.
     
  6. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,995
    Location:
    Nicaragua
    Sophos didnt buy Invncea to get Sandboxie, the truth is that SBIE just came along with the purchase. We love SBIE, but we shouldn't assume that others care about it. Months ago I was told by Curt (read the following quote), and sort of suggested I mention what he said, here. I didn't do it then but I ll do now, he wrote, "BTW, I have read several posts from people stating that the Sandboxie code has been integrated into Sophos products. That is not true. Sophos has not used ANY Sbie code anywhere. Feel free to let people know about that".

    Bo
     
  7. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    4,085
    emsisoft never integrated code from online armor and symantec never code from atguard. surprise surprice.
     
  8. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    What's Direct Access path for new Edge Phishing/Malware database?.
    Does > Template=Chrome_Phishing_DirectAccess < work with new Edge sandbox?
     
    Last edited: Feb 23, 2020
  9. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,995
    Location:
    Nicaragua
    Hi bjm, using the Chrome template is not going to work for Edge but based on what it covers for Chrome, I think you could give Edge direct file access to this folder or the file inside the folder:

    AppData\Local\Microsoft\Edge\User Data\Safe Browsing

    In that folder, I only have one file. I don't know if the folder is supposed to be populated with more files. Personally, I don't care about using Safe browsing so I don't allow this access and if I knew how to completely disable Safebrowsing via Edge settings, I would do it. We can do that in Firefox but I am not sure if we can in Edge. The only Setting I see in my Edge that is kind of related to Safebrowsing is one that is about blocking potentially unwanted apps, I have it Off, and is greyed out. Probably is like that because I disable Smartscreen and everything related to Windows defender.

    Also, take a look at this folder. Perhaps inside you ll find other files that you might want to allow access to:

    AppData\Local\Microsoft\Edge\User Data\CertificateRevocation

    Bo
     
  10. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    png_4629.png
    what about:
    AppData\Local\Microsoft\Edge\User Data\SmartScreen
    AppData\Local\Microsoft\Edge\User Data\Safe Browsing Cookies

    what about: new Edge "Tracking prevention"?
    --------------------------------------------------------------------
    Does Firefox Template include Firefox "Enhanced Tracking Protection"?
     
    Last edited: Feb 23, 2020
  11. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,995
    Location:
    Nicaragua
    Regarding User Data\SmartScreen, in my computer, files there have the date I installed Edge. Remember, I disable Smartscreen.

    The two locations I wrote in my previous post were based on what I see allowing access to Phishing database does for Chrome. Smartscreen is for Edge, so I dont know how you want to treat it. Or how SBIE would treat it in settings if Smartecreen covered Chrome.

    Regarding User Data\Safe Browsing Cookies, I dont have anything that relates cookies with Safebrowsing.

    Regarding "Tracking prevention". I want the least tracking protection I can get from Edge. So, I left that setting on default, which is Balanced. I want it like that because I want to do the blocking of trackers myself, via NoScript.

    Regarding the Firefox template including Firefox Enhanced Tracking Protection, I dont think so.

    Bo
     
  12. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    > added and tested new Edge sandbox against openphish.com samples.
    AppData\Local\Microsoft\Edge\User Data\Safe Browsing
    AppData\Local\Microsoft\Edge\User Data\SmartScreen
    png_4630.png
    SmartSceen was silent against openphish.com samples.

    > tested
    AppData\Local\Microsoft\Edge\User Data\Safe Browsing\*
    AppData\Local\Microsoft\Edge\User Data\SmartScreen\*
    SmartScreen was silent against openphish.com samples.

    > tested
    png_4631.png
    SmartScreen was silen against openphish.com samples.

    Note: SmartScreen works as expected against openphish.com samples outside new Edge sandbox.
    ------------------------------------------------------------------
    Firefox Enhanced Tracking Protection appears to work with just Firefox Phishing template.
    IDK if Enhanced Tracking Protection has local database?
     
    Last edited: Feb 23, 2020
  13. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,995
    Location:
    Nicaragua
    The template for tracking is needed only if there is a database and would be for updates to get saved outside the sandbox. That way updates of the database don't get deleted when you delete contents and dont have to be downloaded over and over. Thats the purpose for this type of settings. For Edge, it should be the same. Anti tracking in Firefox should work as designed even if you don't allow anything to go outside the sandbox in Sandbox settings, same with Edge.

    Bo
     
  14. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    Yes, I grasp the concept for updates to get saved outside the sandbox.
    I've been thinking about Chrome & Firefox built-in protection/s since, I've not been able to get SmartScreen to work in my Edge sandbox.
    Just a head scratch.
     
  15. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    related folders are in my Edge sandbox ... but, SmartScreen does not work = head scratch
    Edge sandbox.png
     
    Last edited: Feb 24, 2020
  16. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,228
    Location:
    US
    Started having a problem with Sandboxie. In Firefox I cannot get into my Hotmail account, I cannot even get to the web page. All other accounts I can get into and all other web pages work. Using Firefox WITHOUT Sandboxie I am able to do everything. Not sure when this started. Using Firefox 73.0.1 and Sandboxie 5.31.6.
    Thanks much, Acadia
     
  17. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    17,756
    Location:
    UK
    Is this on your new Win 10 machine?
    If yes perhaps you could update to the latest Sbie build 5.33.2
    https://www.sandboxie.com/DownloadSandboxie
     
  18. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,228
    Location:
    US
    THANK YOU, stapp. Latest version of Sandboxie did the trick! :)
     
  19. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    17,756
    Location:
    UK
    Good :thumb:
     
  20. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,986
    Location:
    Location Unknown
    Has anyone been able to get Outlook (part of Office 365) to function properly inside Sandboxie? If so, can you paste you template? I can get it to open, but after that the gui stops being responsive and nothing is clickable.
     
  21. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    599
    Location:
    UK
    Latest versions include the following Blocked Access setting:
    *\cryptngc.dll

    Users of older Sandboxie versions can add this manually. But really it's best to update to the latest version as suggested by stapp.
     
  22. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    599
    Location:
    UK
    See ^
     
  23. Alexhousek

    Alexhousek Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    634
    Location:
    USA--Colorado
    I am also curious as I've tried many times to do this without any success.
     
  24. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,825
    Location:
    The Netherlands
    I hope that when they make it open source, developers wil be able to make money out of Sandboxie, that's the only way it will survive. I would be willing to pay a yearly fee, let's say 15 to 20 bucks a year.
     
  25. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,305
    I am getting frequent error messages and forgot what they actually mean:

    SBIE2303 Could not hook CoGetObject (33, 1655)
    SBIE2303 Could not hook RegisterDragDrop (33, 1655)
    SBIE2214 Request to start service 'bits' was denied due to dropped rights
    SBIE2219 Request was issued by program SandboxieDcomLaunch.exe [DefaultBox]
    SBIE2220 To permit use of Administrator privileges, please double-click on this message line
    SBIE2214 Request to start service 'bits' was denied due to dropped rights
    SBIE2219 Request was issued by program SandboxieDcomLaunch.exe [DefaultBox]
    SBIE2220 To permit use of Administrator privileges, please double-click on this message line
    SBIE2214 Request to start service 'bits' was denied due to dropped rights
    SBIE2219 Request was issued by program SandboxieDcomLaunch.exe [DefaultBox]
    SBIE2220 To permit use of Administrator privileges, please double-click on this message line
    SBIE2214 Request to start service 'bits' was denied due to dropped rights
    SBIE2219 Request was issued by program SandboxieDcomLaunch.exe [DefaultBox]
    SBIE2220 To permit use of Administrator privileges, please double-click on this message line
    SBIE2214 Request to start service 'bits' was denied due to dropped rights
    SBIE2219 Request was issued by program SandboxieDcomLaunch.exe [DefaultBox]
    SBIE2220 To permit use of Administrator privileges, please double-click on this message line
    SBIE2214 Request to start service 'bits' was denied due to dropped rights
    SBIE2219 Request was issued by program SandboxieDcomLaunch.exe [DefaultBox]
    SBIE2220 To permit use of Administrator privileges, please double-click on this message line

    The explanations on the sb page are not very clear to me and while I am tempted to just hide these, the question "are you really sure" makes me uncertain again. Sandboxie seems to be working for me but if I am constantly bombarded by these error messages, I am not sure I want to continue using the program. Eg. what is SandboxieDcomLaunch.exe trying to do - it's their own program that is being prevented from doing something?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.