Sandboxie Acquired by Invincea

Discussion in 'sandboxing & virtualization' started by ad18, Dec 16, 2013.

  1. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    650
    Location:
    usa
    I have followed your link and downloaded that "new" version.
    I was able to easily install it on my laptop Win10 with Bit Total Security, but the same Bit Total Security antivirus on my desktop computer totally refused to allow that "new version" to be installed.
    I've tried twice to no avail; therefore, I got back to older version.

    Sandboxie2-issue.PNG Sandboxie-issue.PNG
     
  2. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    625
    Whitelist SbieDrv.sys

    David is using a leaked cert to sign the driver. That's the reason why some antivirus detect it.
     
  3. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    650
    Location:
    usa
    Hello, David,

    Please, don't use some "leaked cert" for such a well-respected program - Sandboxie.
    In addition, it cost me two re-starts on the computer - it took about 40 minutes of my precious time.
    Plus, I could not even imagine that such a serious web-site as wilderssecurity could AFFORD to post anything that is NOT totally secure.
     
  4. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    478
    Location:
    Viena
    A proper EV Code Signing certificate costs 1000$/year, I would get one if I could finance that from donations.
    I am not going to finance it myself, its already a large expenditure to put all the necessary time in.

    There are hobbies where you need to put time and money in but than I'd rather buy another 50TB of HDD's then paying this "Microsoft Windows Kernel Tax".


    A leaked certificate does not pose any risk whats o ever, when used to sign legit software.

    The only risk that arises from leaked certificates is bad people signing malware with them and windows loading it.

    Good people using them to sign open source software do not impact this.


    When some Anti Malware Fool flags a file signed with that cert as a Virus or Trojan it does not mean that there is anything of that sort inside, only that some malware used the same certificate. And that fool is to lazy to actually evaluate the file on its own merit instead it just acts on wrong assumptions.


    A software is as secure as it is and the used certificate has no affect on its security at all.





    I would not sign the drivers at all if it would be possible to get it loaded into the windows kernel, but since MSFT took your and every one else choice in that mater away I'd rather use a leaked certificate, than asking everyone to put their systems permanently into test mode.


    If you want a certificate than some one has to pay for it and why should I do that, that is a lot of money and its to be payed annually.

    I for myself am perfectly happy loading drivers signed with leaked certificates, and before I pay the "Microsoft Windows Kernel Tax" I'd rather boot my system using something like this: https://github.com/Mattiwatti/EfiGuard

    Now that would be something to be called insecure, patching all the security out of your kernel on boot time, yea! Like driving a motorcycle without a helmet, its Fuuuuuun! Its exciting, its freedom!



    If there are as little as 100 people out there that really want their Sandboxie driver to be signed than if every one of them pays up 10€ per year its all that's needed to sign the driver.
    On the other hand if its not worth 10€/year to 100 people why should it be worth to me 1000€/year?
    Or do you see some ware a flaw in my logic?



    Don't get me wrong I gladly spent my time on something that benefits the community, but there is a underlying self interest, I want, I need the tools I make myself. Making them available to others is a way for me to do something for the betterment of mankind and the advancement of technology, that in the end does not cost me much.

    I for my self don't need and don't want, a signed driver for myself.
     
    Last edited: Jun 20, 2020
  5. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    14,070
    Location:
    UK
    You can wait for Tom's version if you want which will have cert signed by Microsoft

    https://www.wilderssecurity.com/threads/sandboxie-technologies-sbie-open-source.428156/
     
  6. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,691
    Location:
    Mexico
    Well said and thanks a lot for your precious time and effort.
     
  7. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    318
    Location:
    Canada
    Well said DavidXanatos, also respect!

    I feel you need to edit the title of this thread or in the OP use GIANT HUGE *** LETTERS AND WRITE "Stop reporting false positives" or some much because this thread is already 25% hurr durr my AV is triggering. Like no one cares, use your brain.
     
  8. Peter 123

    Peter 123 Registered Member

    Joined:
    Feb 1, 2009
    Posts:
    251
    Location:
    Austria
    I agree too. Very well argued by David. :thumb:

    Especially with these considerations:
     
  9. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    650
    Location:
    usa
    Thank you for your hard work.
    I just need to know that Sandboxie is not pure and unique SANDBOXIE anymore.
    I'll try to install your version with BD turned off.
     
  10. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    650
    Location:
    usa
    Sorry, I've tried.
    While BD was off, I'd successfully installed that "forked" Sandboxie, but the next morning, my BD removed it.
    And I've said to myself, Sandboxie 5.33.6 is OKAY for my simple needs.
     
  11. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    625
    You should whitelist "SbieDrv.sys".

    Whitelists are made for situations like this one.
     
  12. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    650
    Location:
    usa
    Maybe.
    Don't get me wrong.
    This particular thread is named after that TRUE Sandboxie; therefore, I stupidly presumed - it's SANDBOXIE.
    Yes, there are OTHER "forked" Sandboxie variation threads, that I did not opened and followed.
    Once upon a time, I used to have lots of time to spend with computers, I used to study computers and take courses.
    Currently, my work (long hours and stressful) does not allow me to indulge in my "happiness" around computers, and/or explore programs, apps, etc...
    (Plus, I'm getting older and slower).
    To sum up.
    Nowadays, I want to trust my "trusted" programs, apps to SIMPLIFY my time around computers, make my life easier, SAFER, more PRIVATE around computers, but I have NOTHING, NOTHING against smart and dedicated people who want to IMPROVE this/that program, app, on their own.
    At this moment, the ORIGINAL SANDBOXIE is just perfect for my needs, and does not create any trouble for my other significant one.
     
  13. robert147

    robert147 Registered Member

    Joined:
    Jun 29, 2020
    Posts:
    1
    Location:
    Netherlands
    With newer Windows versions there is a high chance that Sandboxie will simply not work anymore.
    For the latest Windows 10, 2004 release I have already seen some posts about problems.

    @david, With Sectigo (formerly Comodo) an EV Code signing certificate does cost approx. $425
    https://sectigo.com/signing-certificates/code-signing
    Also with Entrust it should probably costs below $500, you only have to request a quote.
    https://www.entrustdatacard.com/products/digital-signing-certificates/code-signing-certificates
    Both are supported by Microsoft.
    https://docs.microsoft.com/en-us/windows-hardware/drivers/dashboard/get-a-code-signing-certificate

    I understand your statement about security but for most people the leaked certificate will probably not work.
    Getting the certificate is quite a bit of a hassle as the CA would need a lot of information from you and they only provide it via a hardware device/token.
    Are there any improvements on the donations maybe ?
     
  14. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,631
    hi
    are there still avaible the links to download the lastest or older sandboxie ?
    can't find anymore
    thanks
     
  15. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    14,070
    Location:
    UK
  16. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,631
  17. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    478
    Location:
    Viena
    because the old versions have multiple bugs that prevent you from starting MSI on more modern windows 10 editions

    You can try my build 5.42 which solves the MSI issues and closes some security wholes: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v0.3
    But please note that doe to me not having a EV-Certificate i head to used a leaked one that antagonized some Anti Malware fools and produces false positives.
     
  18. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,631
    hi
    well i 'm tring it right now
    i will use the portable version , is it stealth (no file and regkeys leftover ) ?
    thanks and i have read about ev-certificate
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.