Sandboxie Acquired by Invincea

Discussion in 'sandboxing & virtualization' started by ad18, Dec 16, 2013.

Thread Status:
Not open for further replies.
  1. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,232
    Location:
    USA
    Yes I did (every LP entry I could find in AppData).

    I've tried to do just that (really), but. obviously, without success. That's why I'm appealing (for help) to anyone who is successfully using LP within IE11 sandboxed.

    It's already ticked.

    Regards,
    Cruise
     
  2. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,985
    Location:
    Nicaragua
    Same to you, my friend. I wish I could help you more with this. You should post at the SBIE forum, perhaps someone there has a better idea on what to do. :)

    Bo
     
  3. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,995
    Location:
    .
    I was not able to Run Sandbox'd a desktop folder. I was trying to run sandbox and then AxCrypt.
     
  4. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    867
    Location:
    usa
    Bo,

    Thank you for helping me with that printer issue.
    I've tried several times to re-start/re-boot but it does not work.
    What's interesting, those computers are on different networks/different printers - at home and at work.
    If nothing works, pretty soon I will be updating those computers to Windows 10.
    Maybe it could resolve the issue automatically after the upgrade.
     
  5. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,985
    Location:
    Nicaragua
    bjm, try running explorer in a non restricted sandbox. I am not familiar with AxCrypt but it should run in a non restricted sandbox. I run explorer>desktop sandboxed all the time with no issue. Remember, if you Hide the 2205 message and AxCrypt works fine, then you can ignore the message.

    Bo
     
  6. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,995
    Location:
    .
    What's a non restricted sandbox. You mean no Drop Rights or Run As UAC Administrator..?
     
  7. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,985
    Location:
    Nicaragua
    By non restricted, I meant, try running your desktop in a sandbox with default settings for Restrictions (Sandbox settings>Restrictions).

    Bo
     
  8. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Anyone getting this error?

    screenshot.3.png
     
  9. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,985
    Location:
    Nicaragua
    Not me, Overkill. What are you running sandboxed when you get the message? Does the sandboxed program runs fine, regardless of the message?

    Bo
     
  10. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,995
    Location:
    .
    Well, maybe for one time testing. But, I want to test in my real everyday use sandbox. What definitive may I learn by non restrictive default settings testbox. Thanks
     
    Last edited: Jul 8, 2015
  11. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Just my browser. I haven't noticed any negative effects
     
  12. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,985
    Location:
    Nicaragua
    Then, you can hide it.:)

    Bo
     
  13. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
  14. RoamMaster

    RoamMaster Registered Member

    Joined:
    Oct 1, 2006
    Posts:
    50
    So has anything worthwhile been added in the last 7-8 years? My version is fairly old (2.86), pre-sub.
    I'm about to upgrade to Windows 10 and I do believe that 2.X had pretty major issues with 64 bit, as well as Vista(so probably 10 as well).

    I don't know if it's worth buying again. Especially not on a subscription model.
     
  15. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,995
    Location:
    .
  16. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    743
    Location:
    U.S. Citizen
    Salutations,

    Same problem as in post 1558! By Overkill.... Browser is K-Meleon!
     
  17. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,985
    Location:
    Nicaragua
    Hi Moose. Some of the Sandboxie messages 2205 can be hidden when the sandboxed program works fine in the sandbox. You can click Hide to get rid of it.

    Bo
     
    Last edited: Jul 11, 2015
  18. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,995
    Location:
    .
    1) Why can I view flash content from the net while also not allowing Flash Player Internet Access. Am I seeing flash content because FF net access is allowed.

    2) What's the upside by not allowing Flash Player Internet Access. Can payload still come by Firefox..?

    3) When Flash Player has un-patched hole. Does mal come by Firefox net access or Flash Player net access. I mean I'm watching flash content and there's embedded mal so does mal come by Firefox.

    4) When there's an un-patched hole in Flash Player then will mal can come by exploiting hole if I allow Flash Player net access.

    5) Suppose, I land on site with flash content and I'm not viewing flash content. Flash is Ask To Activate. Is that when not allow Flash Player net access is upside..

    TIA
     
    Last edited: Jul 13, 2015
  19. syrinx

    syrinx Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    427
    Anyone else having issues connecting to sandboxie.com? I'm suddenly getting
    Forbidden
    You don't have permission to access / on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

    When trying to access the forum it says

    General Error
    SQL ERROR [ mysqli ]

    Table './phpbb3/sbie_phpbb_sessions' is marked as crashed and should be repaired [145]

    is it just me?
     
  20. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,985
    Location:
    Nicaragua
    bjm, I ll give you my take on your questions.

    1. I don't know why some sites require the plugin to have access to the internet and others don't. But thats also what I experience. For example, I can play videos in YouTube without allowing the plugin to have internet but I cant stream live baseball or football if I don't watch the games in a sandbox where I allow the plugin to have access to the internet.

    That above makes it seen like if its live, the plugin requires internet and if its not live, it wont require it. But it doesn't work that way. I know that because in cbs sports, nothing is live and some content in that site require the plugin to have access to the internet and other content don't require it.

    2. If by upside, you mean, Do we gain anything by not giving the plugin access to the internet? I think its huge when you don't allow the plugin to have access to the internet and still play content. Why? malware can still run in your sandbox via flash player and the plugin but by not allowing it to have access to the internet, it cant phone home.

    3. bjm, I am no malware expert (and thanks to Sandboxie, I can even remember what malware looks like) but I think if Flash Player has un-patched hole and you get hit by malware that exploits it, the malware runs in your PC (contained in the sandbox), if you allow flash player and the plugin to Start and Run.

    4. I think what I wrote for 3, answers 4. bjm, one of the reasons to use Sandboxie is to take care of problems like the ones with Flash. If you watch all flash content under Sandboxie and you don't water down Sandboxies protection by using other security programs that conflict with SBIE, Sandboxie is going to contain whatever comes in the sandbox via the flash plugin. Allowing the plugin to run is what allows the malware to run, not the net.

    5. I think this one has already been answered (above).

    Bo
     
  21. syrinx

    syrinx Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    427
    1) Why can I view flash content from the net while also not allowing Flash Player Internet Access. Am I seeing flash content because FF net access is allowed.

    I've run into this as well but certain sites seem to need the flash player to have actual internet access to play trailers/videos etc.. yahoo, imdb and others. Not sure how this works, haven't investigated it myself.

    2) What's the upside by not allowing Flash Player Internet Access. Can payload still come by Firefox..?

    If flash is operational through the plugin manager I can't think of any case where denying internet access to it would help once it's exploited but I'm not going to say that it won't require it. It depends how the exploit is built. Chances are if flash is running the downloaded stuff be it directly or through the browser it's already too late without some type of anti exploit being active to catch it.

    3) When Flash Player has un-patched hole. Does mal come by Firefox net access or Flash Player net access. I mean I'm watching flash content and there's embedded mal so does mal come by Firefox.

    A flash exploit comes through and requires flash (which is loaded by the browser), so if flash is allowed to run content on that page and it encounters an exploit the rest is likely moot. Flash is the critical point.

    4) When there's an un-patched hole in Flash Player then will mal can come by exploiting hole if I allow Flash Player net access.

    If flash is allowed to run, it can be exploited either way. I can't think of a case where allowing only access through the browser would hinder a flash exploit once flash has already loaded it and the exploit encountered.

    5) Suppose, I land on site with flash content and I'm not viewing flash content. Flash is Ask To Activate. Is that when not allow Flash Player net access is upside..

    If it's set to ask, it isn't running so network access won't matter as the content isn't being loaded/handled.

    Flash exploits require--- FLASH! If it isn't running, it can't make use of a quirk in code that isn't there. Once the content and code is running a channel of communication has previously been established via some channel so unless you have anti-exploit software / hips or something else that interferes with it and/or the payload I can't think of a single case where the rest matters.

    I won't say it can't matter, just that I can't think of a case where it would. I know I sound like a broken record above but I'm not an expert on exploits so I'm only going off of my basic understanding of asm, the windows os and how my browser works. Maybe someone a bit more qualified will chime in but that's my opinion. My answers don't involve sandboxie containment but tbh your questions didn't seem to take that into account either.

    Might be a good question for MBAE/Pedro in fact!
     
    Last edited: Jul 13, 2015
  22. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,985
    Location:
    Nicaragua
    I am getting that. It has happened before.

    Bo
     
  23. syrinx

    syrinx Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    427
    Thanks, wanted to be sure it wasn't *just* me. Guess I don't get my sandboxie forum reading done tonight =(
     
  24. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590

    BJM relax. The answer to all your questions is it's irelevant. Let flash access the internet. I know your running both Appguard, and HMPA, so you are protected even without Sandboxie, and Sandboxie will also protect you.
     
  25. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,995
    Location:
    .
    Yeah, mal escape, exploit and such. I figured Sanboxie had my back. I didn't realize different content may require net for plugin. I've observed as you and recall your sage advice regarding plugin net access. eg: if I can get by wo net access = do. So, I got curious by recent publicized holes. I got curious as how I was even viewing flash wo plugin net access. I guess plugin runs along with parent.
    Aha, yes..
    Aha, yes..

    As to watering down and programs that conflict. Yeah, I hear ya'. Thanks for bumping my concern in that regard. :thumb:
     
    Last edited: Jul 14, 2015
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.