Discussion in 'sandboxing & virtualization' started by ad18, Dec 16, 2013.
bye bye SBIE.
good thing a free alternative is already available, CIS Kiosk comes to mind...
You may well be correct. But for me personally, even if SBIE were abandoned tomorrow, as long as the licensing server doesn't shut down, I would not see any problem. I am running Win 7 x64 on all my new hardware, updating one lap top to win 7, so that reduces the probablity of a windows change.
I also concur that Appguard is a close replacement, and couple with NVT ERP, and a few firewall setting changes, pretty much can duplicate most if not all of the functionality.
Kiosk is nowhere near as configurable as sandboxie.
sandboxie is time tested,kiosk is relatively new.
To some extent yes, however, based on my experience an application developed by a single person has a much better chance of "survival" for a longer period than an application that has been sold to another person/company.
As Sandboxie has existed for many years as a mixture of free software and lifetime licensing, it never struck me as a viable long-term business model for any developer, individual or corporate. I'm surprised things lasted as long as they have.
Things could now go either way. It may be that Invincea see Sandboxie as filling a gap in the market, in which they may continue to develop Sandboxie as a standalone application. On the other hand, they may have bought Sandboxie with the view of incorporating its technology within their other products, and eventually discontinuing Sandboxie as a separate product.
At this point in time, it's impossible to know what the future holds, so it's a question of waiting to see which way things develop. I have a lifetime license and will continue to use Sandboxie as long as possible.
As Sandboxie combines virtualization and policy restriction within a single program, both would need to be present in any alternative approach for it to be considered a near equivalent functionally. That's not to say that other approaches not using virtualization wouldn't be just as effective though. The only requirement of any approach is the prevention of malware from running and causing harm.
Currently, I mainly use Shadow Defender for testing changes that don't require a reboot, but if Sandboxie were to be discontinued as a standalone application, I would enter Shadow Mode for normal operational use. This would provide near equivalent functionality as I already rely on AppGuard for policy restriction.
For those who don't plan to use Sandboxie anymore, you can run Firefox (and whatever else Firefox executes) entirely as a low integrity program, as described at https://www.wilderssecurity.com/showthread.php?t=357417.
Thank you, MrBrian, interesting stuff. I have absolutely no plan on abandoning SB but this is still useful info.
You're welcome . I used Sandboxie years ago, but when I moved to Windows 7 x64, I abandoned it in favor of low-integrity Firefox (+ EMET + AppLocker/SRP + standard account).
I wish BufferZone could be lighter. DW is a good option but no 64 bit.
So if I have an old lifetime license that has not yet been activated will it still be lifetime? Or fall under the rules of the new regime?
You are asking that in the wrong place. I would:
a) ask on the sandboxie forum
b) seriously consider going ahead and getting it activated.
Regarding lifetime licenses and Invincea, this is what Tzuk has to say about it:
"Invincea respects the old licensing terms for old licenses, and this explicitly applies to the life-time licenses."
with my whole respect to his work - but i dont give a ~ Snipped as per TOS ~ on this announcement nor his deal. tzuk gave up longer ago due silly expectations of users to virtualize any and all software which aint possible. starting with v4 new problems grow and were not solved. the new license model since Okt'13 was the last brick in the wall breaking down.
i think he was fighting at too many frontiers same time and is now glad to push it away to free his mind and pass the always same questions to other support.
simple to say that actual there is no option for sandboxie present, even not bufferzone nor any virtual box.
i am curious if he will finish to 4.08 and if the new owner will remove limits from the free version as they sell their own product for complete other business.
if sandboxie will stuck now i will declare it as dead.
BTW i never considered SB as a "security software" - it ever was a "box" to limit program actions - so it could limit malware, but never had any analysis function nor was sure that kernel leaks could not break through.
Interesting, That thought has never crossed my mind. I'll have to remember that when using or buying other security software.
I agree in part with you. I don't think Sandboxie is yet dead. They say on there website the free version will still be available. I think the key to whether Sandboxie lives on as a standalone product will depend on one thing. Does it generate enough revenue to justify it.
I will bet that support for some of the non security use, like virtualizing games and other software will end. Users can do it but they will be on their own.
Keeping Sandboxie as a free standalone app would be a great advertisement for Invincea (like Comodo do with their free apps), especially among security experts and enthusiasts, who are the people that friends and clients consult with when they need help on the PC.
Nice looking forum jaspion...best of luck with that.
Companies that primarily do business with the government and enterprise would not use the Comodo business model. Most of them don't give free products, or sell a product that isn't profitable.
Exactly my opinion, in fact I'm trying that very set-up out as my real time protection now.
I'm giving Invicea a chance but getting used to what I fear will be my future set-up. I just don't see a company who target the corporate environment responding to the smaller scale usability issues Tzuk dealt with everyday for us. If it also suits the corporate users it will get done, if it only suits a handful of users who mostly don't pay any-more because of the lifetime model, it will have no chance. That I fear will be the undoing of Sandboxie as a home user product.
My main hope is that, as Tzuk allowed bespoke compatibility templates, the community can help each other to get SBIE working with the latest updates etc on the multitude of products currently running in tandem with SBIE only because of the the built in templates.
Closest I'll get to what SBIE does I think is AG + SD, but it's less convenient from early use and less configurable. I'll have a few development requests for Barb_C and Tony
With Tzuk joining the ever growing list of brilliant innovative one man bands realising the fruits of their labour can only truly be delivered by 'joining' with bigger operations (and Tony's recent 'sabbatical') I'm worried we'll all eventually end up using what MS allow us to do with the OS and/or going with one of the 'big boys'.
With MS restricting how we can tweak with each iteration and the corporate BS we get from the 'main players' what a dull world it could be.
Oh yes, I forgot that important detail.
Invincea’s executive team:
We are made up of alumni from RipTech, ArcSight, Symantec, Cigital, NetWitness and RSA.
We also have backgrounds with some of the largest companies in the world
including IBM and AOL as well as the U.S. Federal Government.
Symantec to Acquire Riptech
Anytime I see the word "SYMANTEC" I think of Sygate firewall, PC Tools firewall and Threatfire
To early to tell what will happen with Sandboxie going to Invincea so will have to wait and see.
Than, please sure post these development requests (it's very welcome for both AppGuard and Shadow Defender) for both Barb C and Tony-just please don't forget to do so!
So I've been using Sandboxie full-time with internet facing apps (along with AppGuard and Outpost Firewall) for quite a few years now since I went with out a real-time AV. I prefer the idea of a "default deny" approach to securing my system and this setup has worked well for me.
Now, I do want to give Invincea a chance with Sandboxie. However, if by chance Sandboxie becomes unsuitable do you think that AppGuard set to Locked-Down with Outpost Firewall Pro (plus regular On-demand scans with MBAM and HMP) would be enough to stay protected? I'm quite a boring/low-risk user in general. The biggest risk to me would be if one of the regular sites I visit was compromised, for example. No one else uses my PC and I stay away from the dark side of the internet.
I hope it's OK asking this. It's not that I want to write off Sandboxie, but I do want to be prepared just in case. The trouble is that there's nothing else out there like it.
Regarding keeping your Windows clean, AppGuard alone at locked-down should suffice, even Outpost would probably be obsolete. Sandboxie's advantage is deeper configurability than AppGuard. Whether you need that depends on what you are trying to achieve.
AppGuard protects core areas of your Windows system from being written to by guarded applications, it blocks the launch of executables from user-space and prevents memory manipulation as well. You also have the option to put main threat-gate applications like your web browser under privacy mode, giving read-only access to designated folders or deny access to them at all.
But at locked-down there is no threat to your documents from something like cryptolocker because it cannot launch. I can only imagine one scenario. You are running an app like Word with privacy off because it wouldn't make sense to deny a document editor access to your documents. Word opens a document that contains malicious code. That code uses Word to encrypt files in your non-system areas. Locked-down wouldn't have helped you in that scenario, because there is no launch involved from an executable in user-space. Privacy mode would have been disabled.
Yet that is a very far fetched scenario and no present threat.
Separate names with a comma.