Sandboxie Acquired by Invincea

Discussion in 'sandboxing & virtualization' started by ad18, Dec 16, 2013.

Thread Status:
Not open for further replies.
  1. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,003
    Location:
    Nicaragua
    Controler, I like to add something. My friends in life who use Sandboxie everyday, don't ever go into settings. They have no idea what a restricted sandbox is and they don't change anything regarding how I setup their sandbox. And after a few months, when they realize that SBIE really works, they use it all the time.

    In my opinion, a default settings sandbox is well balanced between security and safety but to make it more convenient, usable and headache free, first time users should know when they start using the program1: 1) How to save bookmarks out of the sandbox, 2) How to save downloads out of the sandbox, 3) How to delete the sandbox and 4) How their antivirus and Sandboxie interact with each other. Anything else, can be learn later.

    Bo
     
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    It's strange how it works, do people even run downloads outside of SBIE? Or do they always download from trustworthy sources? I'm talking practical security here, not the extremely unlikely drive-by exploits.

    I'm guessing it's somewhere in between, but how exactly does one go from malware-ridden to malware-free? How do they decide what to sandbox or not?
     
  3. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,003
    Location:
    Nicaragua
    I think your questions J L are pretty much answered by the Sandboxie motto. Next to the Sandboxie name (top left on any SBIE webpage), you see the words "Trust no program". I look at those words and they mean something to me, I mean, Tzuk put them there not because they look pretty but because they are what Sandboxie is about. And that's pretty much what I do with Sandboxie. I Trust no program (file). And it works.

    Whenever I download something like a video, PDF or whatever. And it doesn't matter where I download it from. If that file its gonna run in my computer, its gonna run sandboxed until the day it gets deleted. The only question really is, In which sandbox is it gonna run? And that depends on the location of the file. All this is done naturally by using Forced programs and Forced folders as well as a sandboxed Windows explorer.

    Thats pretty much what I do, sometimes I bend a little but its extremely rare. Doing it like that, the only time that I feel that I might be in danger is if I install the wrong program out of the sandbox. But I basically don't install nothing new in my real system. Last time that I installed something in my XP or W7 out of the sandbox is when I switched Light virtualization programs to Shadow defender. And that was around November 2012.

    Bo
     
    Last edited: May 24, 2014
  4. guest

    guest Guest

    I will add this to Bo reply:

    If you are a proper habit user , Sbie out of the box will give you enough protection.

    If like me, you go to dodgy sites and like to play with malwares , cracks or infected keygens; Sbie must be tweaked or the scenario above may happen.

    Now all i said earlier with this test is to show and hope what i consider a flaw should be fixed.

    a beginner using Sbie encountering this issue will surely think Sbie failed and may not use it anymore. It is not because some experienced Sbie users are aware of this and know that this scenario is benign (security wised) that every user know too.

    business-talking it is not good to let it like that.

    if your AV detect a malware but your explorer get lock , i am sure that you will say "this AV is not good" or "you contact the support and report it"

    it is not because you know a flaw is benign that you don't fix the flaw.

    This is my opinion. i am not here to bash Sbie , i like this product, learnt to use it according my needs , maybe not at the level of Bo or Chris ; but enough to voice my opinion.

    Now if the experienced users or devs said , what i observed on this scenario should be ignored because an Hard shutdown solve it ; i will say good luck to them and i move out of Sbie. i don't use products will serious bugs/flaws.
     
    Last edited by a moderator: May 24, 2014
  5. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I don't see either bugs or flaws. Any software you use, requires you understand it's workings. Even true of office apps. You can restrict what runs in the sandbox, and then what you saw wouldn't have happened. But if you don't use the restrictions and you run malware, then you have to accept that what sandboxie does is let it run, but keep it from infecting the system. To expect anything else just is not logical. If you can't accept that then you are correct your choice is to abandon sandboxie. Of course the same is true of any other solution.
     
  6. guest

    guest Guest

    of course, every product should be learnt, i never deny this fact but you have to consider the position of a sandboxie beginner or non-techie user.

    i redid again this scenario but this time i let it into the hand of my friend who never heard of SBie and is a computer beginner , i just told him the purpose of Sbie and then ask him to sandbox the malware i disguised and renamed as an well known exe (i used a VM on my machine in full screen so he thought it was my real system).

    when Explorer was lock , his first word was :"what the hell happened" he got some drop of sweat thinking he ruined my system; then i told him what happen; he replied "this product is ****" even i told him that he was still safe and a hard shutdown solve the issue he kept saying , "it is still ****"

    i know that few will encounter this scenario but even if one person encoun ter it , something should be done.

    security forum members and average joes are different people , and any product vendors have to take it into consideration.

    Now if Sbie devs say i am wrong so i will move out without regret , if they say i am right and this can be fixed; my "fight" was not useless.

    i am used to do some closed and public betas, and no devs until now, ignored what issue i reported; sometimes i am right sometime i am wrong , i am not omniscient just human; but at least they don't say "go learn how to use it and come back here"
     
    Last edited by a moderator: May 24, 2014
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Your test was a setup to fail. You deliberately setup a failing scenario. You just want to ignore the fact that SBIE was designed to let it do it's thing, but in a Sandbox. Sandboxie was never designed and never intended to prevent malware from running, but to keep it from damaging the system. I see you run appguard. If you asked him to run a program from the desktop and Appguard blocked it from running under the scenario you gave him he'd probably call it garbage also.

    If I was to bet, I'd bet the developers well not respond in the positive.
     
  8. guest

    guest Guest

    the problem is that i cant terminate the sandbox unless by hard shutdown because explorer was locked , this doesn't sound wrong to you? Sbie supposed to keep anything isolated (it is their moto) so i should be able to use my system and able to terminate the sandbox easily; now they plan, as said Bo, to do a keyboard shortcut to teminate the sandbox; if done , my main complain will surely be solved.

    i don't blame Sbie not protecting my system from damages but let the malware lock it without any other solutions than an hard shutdown.

    This is a big difference.
     
  9. guest

    guest Guest

    at beginning i thought it was bypassed and asked for verification then Chris shown me that the system was safe but just Explorer was locked and an Hard shutdown solved it, i happily received this news.

    now i just complain that the lock should not happen or at least i should unlock it without hard shutdown, that is all. i am not a Sbie hater , but when i observed something that seems wrong to me, i report it for a solution.

    better excessive complains leading to a solution than stay quiet and let things go. Don't you agree?

    the product should fit to the users, not the users fit to the product.
     
  10. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,003
    Location:
    Nicaragua
    Peace guest. Restarting the computer kills all activity in the sandbox and allows you to delete the sandbox afterward. I don't see anything wrong with that.

    But guest, I would say it would be a nuisance if SBIE users had to shutdown the computer all the time, like you did, because of the way Sandboxie works, but you know, in over 5 years of using SBIE, I have never had to shutdown the computer like you had to. And even though I don't play with cracks or malware like you do, I haven't used an antivirus for almost 4 years. And there must of being malware inside my sandbox more than a few times. And when I delete my sandbox, malware gets deleted, I don't even know about it.

    Sandboxie is not perfect or anything but on my end, never a freezing that forces me to shutdown the PC or BSOD or anything like that in any of my computers. It cant be any better. I suggested to Chris from Invincea the keyboard shortcut, not because of malware, I don't care about malware, malware don't bother me at all ever since I started using SBIE:cool:. I suggested it because Flash sometimes freezes my computer for about 10 seconds and I have to delete the sandbox to take care of my issue. And restart the browser.

    Bo
     
  11. guest

    guest Guest

    restarting is ok, it is the hard shutdown that i dislike, i had bad experiences with that before (not because of Sbie); like having to reinstall my system because of this and loose my works.

    my whole point is about that; and i know Bo , we know each other and share our experience enough since MT; i value your experience with Sbie (i even follow yours advices to set it properly); but sometimes you have the "art" to make me mad :D

    even not originally because of malwares , this shortcut will help with those locks anyway.
     
  12. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,121
    Location:
    Mountaineer Country
    Here is what I have been doing for years. I download from trusted sources which includes the author's site, majorgeeks or softpedia. That latter two give you a heads up if any "extras" are included. I download to my download folder which is also forced to run sandboxed. Before a file or folder gets removed from my downloads folder it gets scanned by virustotal, hitman pro (on demand) and my resident anti-malware plus I may add mbam again soon on demand. I actually scan the entire downloads folder as it doesn't take much longer plus it could pick up on something it missed earlier. Once they turn up clean I can do what I want with the file. The only time I run a program sandboxed is if it is an internet facing app like a browser, media player, pdf reader, etc. I trust whatever runs on my machine unless it wants internet access. Steam and Origin for gaming are the only exceptions only because I have no choice.
     
  13. guest

    guest Guest

    same here too, good behavior :thumb:
     
  14. chris1341

    chris1341 Guest

    Ditto. Sometimes also run the file in Shadow Mode if I'm unfamiliar with it. Just because it's safe doesn't mean it won't do something I don't like.

    Cheers
     
  15. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    There is no such thing as perfect isolation. I have even seen things I run in a VMware Workstation machine, lock up the whole system. It can happen. Like Bo, I've never had Sandboxie lock up the system. But when you play with malware, it's anyone's game as to what can happen. If SBIE protects the system from getting infected, it's done it's job.
     
  16. Behold Eck

    Behold Eck Registered Member

    Joined:
    Aug 23, 2013
    Posts:
    563
    Location:
    The Outer Limits
    You start off using Sandboxie to just protrct your browser straight"out of the box".

    Then you pick up info on how to save save bookmarks and auto delete sandbox on closing.

    Then you run a program or two in it.

    Now my latest one is to sandbox explorer, learned from Bo of course.

    I even have my daughter using it and believe you me that is the toughest test of any software never mind Sandboxie and as yet no problems what so ever.

    So I am glad to see Sandboxie still doing its job even with guest`s hard shut down.
     
  17. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,121
    Location:
    Mountaineer Country
    I do the same :cool:. Shadow Defender is also nice when you need a program installed for only a short amount of time like to upload to a cloud or downloading Amazon mp3s. I don't use those type of programs often and I don't want that crap on my computer. A simple reboot makes everything normal again.
     
  18. cooldays

    cooldays Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    27
    Location:
    usa
    so I'm sure somewhere .... probably already in this thread these questions are answered...if so...I am sorry.

    but please tell me how I should download a new program or application or whatever in sandbox and then use it? For example If I want to download a program should I just open it in a regular non sandbox window?

    Next question, if I use a Java application, can I sandbox that to protect me from some java vulnerabilities?

    Thanks

    cooldays
     
  19. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,003
    Location:
    Nicaragua
    Cooldays, if you have Java installed in your system, when you run your browser or programs in a sandbox with no Start/Run restrictions, Java runs sandboxed automatically if called upon. If you are running a sandbox with restrictions, the only difference would be that you need to add Java processes in the Start/Run restrictions Window.

    In the case that you don't have Java installed in your system and rarely use it, you can install Java in a sandbox and afterward when you run your browser or program that requires it (same sandbox), Java will run with the browser or program sandboxed as its needed. In my personal case, I haven't had Java in my system for a long time so if I ever have any need for it, this is what I do. And after using Java, I just delete the sandbox and all is gone.

    For the first question. I am not really sure what you are asking but maybe this is the answer that you need. There are many things that can be done with Sandboxie and infinite ways of using the program but most of the time when you download, for example, the installer for a browser. After the download has finished, the installer is inside the sandbox where you are running your browser, then you "recover/take out" the installer out of the sandbox, After you do that, and the installer is in your Desktop or Download folder folder, you run the installer. After installation, you can run your new browser in a sandbox. :)

    Bo
     
    Last edited: May 26, 2014
  20. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    73,280
    Location:
    U.S.A.
  21. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    800
    Location:
    sweden
    Hi

    Does someone know where i can get my hands on S-boxie 4.09.5 - i am having some minor but most irritating problems with 4.10 final . I have searched the net without results and at the homesite i can not find it either .

    Solution - anyone ?
     
  22. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,975
    Location:
    Boston, MA
    What kind of problem are you having?
     
  23. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,003
    Location:
    Nicaragua
    Pb1, a lot of problems get taken care by deleting the sandbox (in case you don't delete it automatically). Or by creating a new sandbox and running programs in it instead of DefaultBox. This helps to figure out if a setting in DefaultBox (or the sandbox that you are using) is messing things up or if the sandbox is corrupted.

    I have the installer for 4.09.05 32 bits. If you want it, I can upload it somewhere but going back to it is not a good solution.

    Bo
     
  24. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,505
    Location:
    Slovenia
    @pb1 I've sent you a link to 4.9.5 SBIE version installer (it's both 32 and 64 bit). Check your PM.
     
    Last edited: May 27, 2014
  25. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    800
    Location:
    sweden
    Hi guys

    Thank you for your interest !

    I only use S-boxie for surfing and 4.10 slows down the browsing while surfing in a way i have not experienced with 4.09.5 - i changed between 4.09.5 and 4.10rc before to compare and 4.09 worked fine but when 4.10final came out i figured i would take my chances with that it was fixed .

    Bad decision .

    Anyway - you have saved my day hqsec - thank you .

    This copy i will keep !
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.