Sandboxie Acquired by Invincea

Discussion in 'sandboxing & virtualization' started by ad18, Dec 16, 2013.

Thread Status:
Not open for further replies.
  1. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,796
    Location:
    .
    So it seems, what do you think?
     
  2. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    I don't know, someone should contact Curt from Invincea and copy the Metaouph's post and my question on Sandboxie forums to ask this-if anyone is interested, go ahead, right now I don't have time, or otherwise I would be the one to ask Curt about this problem-so what do you think?
    And can you find some time to ask Curt about this security/protection problem/issue?
     
  3. meatouph

    meatouph Guest

    Yes, my thoughts exactly. I'm not sure if old (SBIE <4.0) versions would work flawlessly on Win7 and up-to-date web browsers etc.
    And my reply:
    please whine on SBIE forums :D http://forums.sandboxie.com/phpBB3/viewtopic.php?p=113828#p113828
     
  4. roady

    roady Registered Member

    Joined:
    Mar 27, 2005
    Posts:
    262
  5. syrinx

    syrinx Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    427
    I just posted as well, his response was less than satisfactory for me...I would have been fine if AllowSpoolerPrintToFile=n prevented it but from the lack of a direct answer to my query and from the wording of his response to you that doesn't seem to be the case. Let's hope they listen and make it configurable again - I don't care if it's in the gui, but they only hurt themselves if they don't make it available in the gui....eg more support tickets.....which apparently prompted this latest silly move. =( I didn't complain before because I figured it would block it, good thing you brought it up or I would have let it slide by without ever questioning if it did.
     
  6. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    My opinion about this printing thing. As most of you guys probably remember, not long ago there was a vulnerability (when printing using a sandboxed application) found and reported by a SBIE user. Many users complained about it and were constantly asking when was the hole going to get closed. After the hole was closed in a newer version of SBIE, some users had problems printing. To solve this new problem, Invincea made this latest change.

    I would a rather nothing regarding printing was ever changed, even after the vulnerability was reported. Myself, I never have had a problem printing sandboxed as things are now or how they were in the past. I prefer not to pressure Invincea in the way they balance usability and security. I trust they know what they doing and dont believe they would open a hole that can easily be abused by malware.

    Bo
     
  7. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    @meatoup/Dun. In Curts reply to your post, he said "If there are a lot of users that have an issue here, I can reconsider this change". Think well what you ask cause this is definitively a "You cant eat the cake and save it too" kind of situation.

    If you ask me what I ll prefer. I rather go back to how printing was ....a year ago. But cant have it both ways, cant close the vulnerability and things work as they did a year ago. A choice has to be made.:)

    Bo
     
  8. roady

    roady Registered Member

    Joined:
    Mar 27, 2005
    Posts:
    262
    IMHO,no printing tasks should automaticly be allowed from within the sandbox......it defeats the whole purpose of a safe enviroment...
     
  9. meatouph

    meatouph Guest

    Thanks guys :)
    bo@: It is up to them. As previously said I can accept it if they want to allow something to avoid printing issues, even as default. Just give me an option to disable it in SBIE settings
     
    Last edited by a moderator: Sep 26, 2015
  10. sm1

    sm1 Registered Member

    Joined:
    Jan 1, 2011
    Posts:
    570
    I am using stable 5.04. I can't open firefox or chrome sandboxed. I keep getting these messages:
    For firefox:
    SBIE2205 Service not implemented: Win32Init.6 (000000AA)
    For chrome (64 bit):
    SBIE2101 Object name not found: , error OpenProcess (C0000022)
    access=001FFFFF initialized=1
    SBIE2314 Canceling process chrome.exe [1012/9]

    OS is windows 8.1 pro 64bit with media center and Kaspersky Internet Security 2016.
     
  11. roady

    roady Registered Member

    Joined:
    Mar 27, 2005
    Posts:
    262
    That's a Kaspersky issue....try to solve it by excluding SandBoxie's folders and .exe's from Kaspersky's scanning paths.
     
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Same over here. :thumb:
     
  13. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I didn't even know about this setting, to be honest I don't understand what this feature is about. It did solve the problem, but for some reason XnView still doesn't run really smoothly, when switching to the thumbnail browser.
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
  15. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Invincea plainly states Kaspersky and SBIE are not compatible. You have to chose.
     
  16. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I have with Steam, but it's not worth the effort, as steam always updates. I protect it with Appguard, and ShadowDefender
     
  17. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    I am not familiar with XnView but basically what the setting does is eliminate the message. And, after ticking the setting, you should still be able to use the program as you normally do when you run it in the sandbox, except when message 2102 would have been triggered.

    If you are getting 2102 when you run some very large pictures then for those pictures, you still be able to run then sandboxed but you wont be able to make changes (like rotate to the right) to them within the sandbox.

    The reason for the size limit of files that can be copied to the sandbox, I understand is time. Before you can make changes within the sandbox to sandboxed files, SBIE has to copy the file into the sandbox. So, very large files would take a long time to be copied. If you don't increase the size. Sandboxie only reads the real file and don't copy it into the sandbox, that allows you to run the file sandboxed but you can not make changes to it within the sandbox.

    Bo
     
  18. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Question re Internet Access.
    Seems like with every program download I get the following message.
    SBIE1307 Program cannot access the Internet due to restrictions - dllhost.exe [Firefox]
    SBIE2221 To add the program to Internet Access Restrictions, please double-click on this message line
    I don't mind the message. I've come to expect it as part of any download. I'm aware I can add dllhost to Internet Access. Only Internet Access in this box is Firefox.
    I am curious though... what do programs do at download that they want net access. I simply click close the message without any ding to the program. Curious, are programs just trying to call home. "Hey, I've arrived okay" or what...?
    Google tells me >
    The dllhost.exe process goes by the name COM Surrogate and the only time you're likely even to notice its existence is when it crashes and you get the message COM Surrogate has stopped working. The COM Surrogate is a fancy name for Sacrificial process for a COM object that is run outside of the process that requested it.
    Um, so something wants to run and was denied by lack of Net Access.
    Any idea what wants to run at every download...?
    Thanks
     
  19. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    bjm, dllhost tries to run in my computers when, for example, I want to upload a file at Virus total or upload a picture to Tiny pic. In that type of situation, in a highly restricted sandbox, I get the SBIE message saying that dllhost is attempting to run. Regardless, whether I allow dllhost to run or not, I can always finish what I am doing.

    I don't remember ever seeing dllhost trying to run when I download something or ever having to allow it to connect to the internet either. My systems are W7 and XP, perhaps in W8.1, things don't work the same. If I was you, I would either hide the messages or for convenience, allow dllhost to run. But I don't think is necessary for anything important for you to allow that process to have access to the internet.

    Bo
     
  20. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Hmm, uploads to VirusTotal are quiet. Of course my sandbox is probably not as restrictive as yours.
    Yeah, doesn't seem to be anything important. Just curiously consistent.
    Thanks
     
  21. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    bjm, I figured out why dllhost attempts to run when you download. I tested what I am going to tell you in Firefox, my everyday browser. My thinking is that you have your browser set to Ask you where you want downloads to be saved. If I set Firefox that way, as soon as I move around using File explorer for navigating to where I want the download to be saved, I get the dllhost message.

    So, if you set downloads to be saved to an specific location (thats what I do and the reason I dont get the message when I download something), it is likely you wont see the SBIE message about dllhost anymore.

    Bo
     
  22. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    To reproduce, create a new sandbox, only allow Firefox to run and connect. You ll probably get the dllhost message as you upload a file.

    BO
     
  23. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    BINGO! Yes, set to Ask. So, curiously consistent is not so curious. :D
    COOL :thumb:
     
  24. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    BINGO2! ... Yes, I have dllhost with Start/Run in my Firefox sandbox.
    So, only allow Firefox to run and connect as test.
    COOL2 :thumb:
     
  25. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Opening File explorer in the sandbox and navigating with it is what triggers dllhosts to run and the SBIE message.

    Bo
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.