Sandboxie beta 3.55 released

Discussion in 'sandboxing & virtualization' started by Gobbler, Apr 1, 2011.

Thread Status:
Not open for further replies.
  1. Carbonyl

    Carbonyl Registered Member

    Joined:
    May 19, 2009
    Posts:
    256
    Good on tzuk for getting these experimental security features into the 64 bit version! Things feel safer already.

    Everyone should be aware, though, of what tzuk has said regarding the implementation: If Microsoft ever alters PatchGuard in the future (which they do silently, according to them, to make it a 'moving target') then you WILL start seeing BSODs afterward.
     
  2. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543

    They'll alter it, I assure you. And, I'm betting we will have to wait no longer than until Windows 8 to see it.
     
  3. Carbonyl

    Carbonyl Registered Member

    Joined:
    May 19, 2009
    Posts:
    256
    Huh. I thought they were constantly poking at PatchGuard for security reasons, but apparently you're right. According to wikipedia, Microsoft has only every modified it twice since its inception in 2005.

     
  4. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543

    I doubt they want anyone to mess with it, security companies included. I'd also be willing to bet that after enough changes, security companies will give up and stop trying to get around it. Vendors like Sandboxie and Defensewall were already hesitant, it took a bit to get them to try. But I bet they won't keep doing it. Luckily, it's very likely by the time that enough changes have been made to make them give up, that security as a whole will have changed a good deal. Hmm, perhaps I shouldn't say "lucikly" just yet. Security very well may change for the absolute worst by that point.
     
  5. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    3.55.03 is up and running

    and also microsoft is ready to have another kernel patch

    -http://www.pcworld.com/article/224797/microsoft_readies_patch_tuesday_deluge.html-
     
  6. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,220
    Location:
    Pennsylvania.

    Oh great Microsoft will kill SBIE right after it comes out. Super >_<
     
  7. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    They wouldn't kill it, likely worst case scenario we're back to where we were pre-3.55. That being said, I don't know this, I'm sure it completely depends on what exactly MS is doing to fix the kernel in the upcoming batch. I don't know if it is just a "standard" patching, you know, something small, or if they are going after KPP itself. If they're going after the actual patch guard, there might be trouble. I have no clue, so I'm not going to keep yapping about it. My opinion is that Tzuk probably knows that eventually MS will mess up these tweaks that allow things like 3.55 to happen.
     
  8. Carbonyl

    Carbonyl Registered Member

    Joined:
    May 19, 2009
    Posts:
    256
    In the event that KPP is patched while one is running the latest version of Sandboxie with the new protections active, what recourse is there to restore the system?

    Presumably after applying the Windows update in such a situation, booting will result in a BSOD a la KPP's design. I suppose one could boot into safe mode, but is there any way to undo the damage at that point? Since the new Sandboxie protection measures require a reboot of the system, I'm assuming it's not going to be as simple as editing the Sandboxie.ini file.

    At the same time, one would hope there would be an easy way out of this mess without having to, say, reinstall the OS.
     
  9. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,411
    Location:
    Outer space
    They are saying that they are patching the kernel, they aren't saying they are patching the kernel patch protection ;)
     
  10. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    Agree
    I've updated and the new windows update didn't cause BSOD while using SBIE 3.55.03. :D
     
  11. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    I love the fact that you no longer need to run with 'Drop my Rights' on x64 systems. This makes me able to install software safely in my 'install and try'-sandbox and test them! I still use Drop my Rights, on all other sandboxed applications though.

    On a side note, if you're running without 'Drop my rights', be sure to have a password on your user account, as malware can change it. That's the only drawback I see with this new Exprimental protection for x64 when running without Drop My Rights.
     
  12. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,220
    Location:
    Pennsylvania.
    I wonder when the full version will be released.
     
  13. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,479
    I really have to try Sandboxie. Looking for something new to learn, and for additional protection.
     
  14. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,166
    Location:
    Milan and Seoul
    The beta is actually up to 3.55.04

    I've just noticed that I get the following prompt from Sandboxie when opening Chrome sandboxed:

    "SBIE2205 Service not implemented: ConnectPort (19/C0000022)"

    It doesn't seem to have any consequences so far, but if anyone has any ideas before I post at the SB forum, I'm all ears.

    Vista64 Ultimate + Sandboxie beta 3.55.04
     
    Last edited: Apr 27, 2011
  15. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,348
    Same thing here!
     
  16. Hexaguano

    Hexaguano Registered Member

    Joined:
    Jan 4, 2005
    Posts:
    100
    Looks like there is a thread here on the Sandboxie forums regarding this issue.
     
  17. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,765
    Location:
    Nicaragua
    Being able to try programs sandboxed on 64 bit systems was a big miss
    before this new version made it possible. I don't run 64 bit but it makes
    me very happy that its possible now.

    Bo
     
  18. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,166
    Location:
    Milan and Seoul
    Thanks, it is similar but not the same alert and beta version. It is odd but I couldn't open a new thread on the sub forum "beta version 3.55", only administrators are allowed to.
     
  19. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,166
    Location:
    Milan and Seoul
    Version 3.55.05 is available, and it corrects the error message reported in post #39. Tzuk is really very active and quick.
     
  20. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,152
    Location:
    UK / Pakistan
    Any SBIE user: I have a Q!

    Is there an option in SBIE to auto-sandbox all unknown applications?

    Thanks
     
  21. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,220
    Location:
    Pennsylvania.
    3.54 is still showing up on the site.
     
  22. Dave53

    Dave53 Registered Member

    Joined:
    Feb 23, 2009
    Posts:
    114
    You need to go to the Beta 3.55 section on the forum area of the Sandboxie website.

    Dave
     
  23. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,220
    Location:
    Pennsylvania.
    Oops misread OSaban's post and thought the full version came out. :p My bad
     
  24. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,765
    Location:
    Nicaragua
    Hi aigle, there is no option for that but if you force your browsers,
    email client, USB drives, CD and DVD drive, anything known or
    unknown will be, in a way, auto-sandboxed and will remain sandboxed
    until you delete the contents of the sandbox.
    Sandboxie is not like DefenseWall were files that come through via
    a untrusted application, would remain untrusted. Thats why when
    using SBIE, its perfect to use one folder for all downloads, having that
    folder forced.

    I don't know how much I can help you figure out SBIE but its my
    pleasure answering your post. To me, you are a very knowledgeable
    gentleman and a very nice human being.

    Bo
     
  25. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,152
    Location:
    UK / Pakistan
    Oh...thanks for the reply and so many thanks for the praise. I wish I could be like that what you think of me. :)

    Back to the topic. I am not using SBIE but I have used it long ago for some time and even now occasionally I run it for testing.

    I asked this question as I wanted to post a feature request on their forums. A feature like comodo sandbox ( ? probably also in BuferZone). The developer can add a white list in SBIE with an option to run all unknown applications sandboxed. When an unknown application is sandbxed, an alert should come from the tray. Also this feature shuould be disabled by default but any one if interested can enable it.

    Thanks
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.