Sandboxie Plus (Sbie fork)

Discussion in 'sandboxing & virtualization' started by DavidXanatos, Apr 9, 2020.

  1. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    614
    Location:
    Far East
    @DavidXanatos

    Quote

    Data protection:
    Sandboxie is great to protect the system from malicious modifications but with default configuration it does not protect user data from being accessed and exfiltrated.

    Unquote

    So you are saying currently there's no simple way(settings) to overcome this issue? Or is there anyway to overcome this now? If yes, how?

    If it's possible I would like to sandbox my browsers with SB and use Shadow Defender to protect my host system

    Thanks
     
    Last edited: Apr 13, 2020
  2. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,677
    Location:
    Nicaragua
    @NiteRanger.Thats by design and really the way it should be by default, is not an issue. Programs that run in the sandbox have to have access to files in your system, otherwise they wouldn't work. Sandboxie cant guess (and should not) what files you want to block and what to allow, that's for us users. We decide what we want to block. If this was changed, if SBIE by default blocked a bunch of files, we would hear a lot of complains about this program or that program not working or installing in the sandbox.
    Ranger, like I said above, this is not an issue. We have available Sandbox settings that you can use for blocking (or hiding) access to your personal files, sensitive files and folders. With this settings you can protect your personal files from being read or stolen. This settings are very easy to use. And can also be used for blocking system files, some people use this settings for that, but IMO, blocking system files is not needed.


    Bo
     
    Last edited: Apr 13, 2020
  3. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    614
    Location:
    Far East
    Ok, many thanks
     
  4. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    266
    Location:
    VPN city
    64 bit version of the Tor Browser can't run inside of sandboxie. 32 bit version of the Tor Browser works just fine inside of sandboxie though.
     
  5. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,690
    Location:
    Mexico
    Yep. I wish I could run 64 bit too.
     
  6. randomcc

    randomcc Registered Member

    Joined:
    Apr 22, 2020
    Posts:
    2
    Location:
    USA
    Hello, I believe the same problems exists with the 64 bit installer as well. I get the same error code when trying (repeatedly) to upgrade sandboxie from an older version. Can you check on the driver for it as well please ?
     
  7. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    472
    Location:
    Viena
    You mean the installers form here: https://www.torproject.org/download/ ?
    Forme it installs but than the installed firefox crashes with an error message being unable to load the sbidll.
     
  8. randomcc

    randomcc Registered Member

    Joined:
    Apr 22, 2020
    Posts:
    2
    Location:
    USA
    Sorry no, I wasn't clear. From sandboxie website, version 5.33.3 is the one I was talking about. The 32 bit version installed fine for my laptop that I downloaded and upgraded from 5.16, but when trying to download the 64 bit version of 5.33.3 and upgrade from 5.16 on my main tower, that's when I get the same error liba mentioned in post #4.
     
  9. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    266
    Location:
    VPN city
    So when will the next version of sandboxie be released with the "properly" signed files? Said with quotations because a digital signature is worthless for determining the safety of a file.
     
  10. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,685
    Location:
    The Netherlands
    I'm not sure if I understood you correctly. If a tool is trusted then you should have an option to enable driver loading. But it's of course a security risk, so that's why SBIE developers removed it.

    Then it's probably not a good idea, if it wasn't focused on security.
     
  11. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    472
    Location:
    Viena
    mmh... so your use case would be to use a tool without leaving much traces in the system but entirely trust it?

    Sure it was a good idea; not everything is about security, some things are about convenience or expedience.

    It really depends on what's your goal is.
     
  12. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,447
    Location:
    Land of the Light
  13. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,047
    Never the same program since ronen left it.I am very surprised people still use sandboxie when there are other options available.
    Only so long developers can continue to beat a deadhorse.Only a matter of time before this single developer will throw the towel in.

    Cheers.
     
  14. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,950
    Location:
    Under a bushel ...
    Curious to know what other options ... ReHIPS?

    Not currently too much of a Sandboxie user, but I think SandboxieDev will be well supported ...
     
  15. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    472
    Location:
    Viena
    No it will not don't worry.

    It looks as there will be at least two devs to begin with.

    Also what other alternatives?
    Shade Sandbox? useless
    ReHips very polished and more than a sandbox but the sandbox aspect appears underdeveloped, can't install programs, etc...
    Windows Sandbox? Its not a sandbox its a cheep VM.

    Sandboxie has a second to none Feature set that when working correctly allows you not only to run applications inside a protected environment but also to install them there. That is IMHO extremely useful for many reasons aside of just security.



    @Socio @MGhell
    btw: I have set up a paypal donation button as requested on my new website, see my signature
     
  16. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,047
    i was thinking more on the lines of vmware or shadow defender.I have not used windows for many years so im out of touch with the new systems.
    Just a pity there is nothing similar to sandboxie in linuxland.
     
  17. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    472
    Location:
    Viena
    Is there not? I mean I don't know...
    My attempts to befriend Linux ended with some CAD applications I need not working with wine and a Windows VM with GPU pass through approach not being compatible with my laptop.
    But anyhow back then I googled that actually and what about https://firejail.wordpress.com/ that sounds like it would be at least remotely comparable.
     
  18. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,685
    Location:
    The Netherlands
    You have to be kidding me, it has worked just fine for me even after Tzuk left. It has been developed for years by Invincea and Sophos, I only saw people complaining about that it didn't always work correctly with Chrome, but Chrome is crap anyways. I do agree that the new developer will need to get a bit of help.

    What I mean is that let's say you want to run a new version of a trusted tool like Process Explorer, you could then easily allow driver loading without any risk.
     
  19. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    266
    Location:
    VPN city
    So when will the next build come out? When can we expect the driver file to be signed so that it stops making false alarms.
    It's pretty dumb that there's still four antivirus companies that have it labeled as malware just because it doesn't have a signature.
    I can understand how that might cause suspicion in the beginning when it was 0-day, but after all this time?
     
  20. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    472
    Location:
    Viena
    Working on that, there are still issues with many MSI installers and fixing that appears quite complicated.

    Tom is looking into obtaining the appropriate certificate, its not that simple he first has to register a company to attach the certificate to.
     
  21. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    266
    Location:
    VPN city
    From what I've read in threads about sandboxie, getting MSI installers to run inside of sandboxie is way more trouble than it's worth. It's a neat idea for sure, but how would you be able to do it without opening it up to exploits?. Being able to safely install driver files inside of sandboxie would also be a huge pain.

    And again. The thing with digital signatures is such a huge pain. Yes, get that proper signature put onto the setup file and driver, but every time I hear about an antivirus program doing something based on nothing but a digital signature, I face-palm.
    Comodo came out with a new version of CIS and in the release notes they said it would prevent unsigned DLL's from being injected into comodo processes. Right away I thought to myself "Why not just all DLL's?"

    Okay the rant is done. Keep up the good work Mr Xanatos.
     
  22. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    472
    Location:
    Viena
    On older versions of windows that in fact worked fine.
    Only recently MSFT changed something that broke it.

    That thing being changes to the used inter process communication.

    Fixing that would IMHO help avoid other future problems as windows will change more and more around that area as I was tolled.
     
  23. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    266
    Location:
    VPN city
    So I've heard on a couple of other threads that that one former invincea/sophos developer got a signature made. Tom is his name, are you working with him Mr Xanatos?
     
  24. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    318
    Location:
    Canada
    By "working with", they might help each other out, but Tom's "Sandboxie" and Xanatos's "Sandboxie Plus" are two separate things. Tom's signature has nothing to do with Xanatos's side project.
     
  25. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    266
    Location:
    VPN city
    Oh...That's a little disappointing. Would be cool to have those two combine resources.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.