Sandboxie technical tests and other technical topics discussion thread

Discussion in 'sandboxing & virtualization' started by MrBrian, Oct 17, 2014.

  1. meatouph

    meatouph Guest

    I actually came back to previous configuration. Not sandboxed Thunderbird but if attachment smell bad I open it inside sandbox using context menu
     
  2. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,986
    Location:
    Nicaragua
    Hi meatouph, to me, all attachments smell bad. I don't trust any.:)

    Bo
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,629
    Location:
    The Netherlands
    Yes, I guess I now will have to take a look at Libre. I was turned off by the big size, but I ain't feel like paying for MS Office 2013, so I've got no choice.
     
  4. syrinx

    syrinx Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    427
    I only ever used Word so I've been a happy user of Kingsoft Office which I happened to try after finding it on a giveaway site and it has played perfectly fine w sandboxie and has a reasonable size to boot. If you rely on other Office programs, it may not work as well, idk...
     
  5. meatouph

    meatouph Guest

  6. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,832
    Location:
    UK
    Zero days which attack preview viewers. There have been such in the past, and doubtless will be again. And probably stuff which can attack Outlook plugins.

    I also sandbox anything which accesses the internet - including email clients - from being able to see my real data file stores (using Restrictions on the File access). I do not want ANY internet facing program to be able to see my data uncontrolled, in bulk, which is what the default situation is with most browsers and email clients.
     
  7. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,985
    Location:
    Mexico
    I agree. In addition, don't forget that every piece of software in the computer is potentially an attack surface which could be exploited just like deBoetie said: "stuff which can attack Outlook plugins".
    I believe we are going to witness in the near future very sophisticated attacks beyond imagination so sandboxing with Sandboxie of course the most you can, I think is a good idea.
    As a side note a system-wide protection based on light virtualization is advisable: Shadow Defender.
     
  8. meatouph

    meatouph Guest

    I have firefox sandbox and nothing but FF can run here. Similar situation for other sandboxed programs - 1 sandbox 1 *.exe. In Thunderbord case:
    * it's too much hassle to go to links using copy-paste method
    * browser mess - if I allow firefox to open in TB sandbox then new window will pop-up every time I click on any link in TB (window separate from firefox in FF sandbox)
    * I do not want to use any unofficial sandboxie reflectors and stuff like this
    * I don't have any plugins in TB
    Conclusion: running TB out of sandbox is just more comfortable for me ;)
     
  9. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,986
    Location:
    Nicaragua
    To me, the way this works is how it should work. What is in one sandbox, stays in that sandbox. Makes sense to me that that is how it works out. I agree about not using addons for SBIE. But that utility was created to do exactly what you want. But I dont know if it works with newer SBIE versions.:)

    Bo
     
    Last edited: May 27, 2015
  10. meatouph

    meatouph Guest

    Yes. Sometimes "You can't have your cake and eat it (too)"
     
  11. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,629
    Location:
    The Netherlands
    I found this stuff, perhaps a bit too technical, but it describes how tools like SBIE work. It's really mind boggling to read just how complex this stuff really is.

    http://www.kerneldrivers.com/kernel-blog/
     
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,629
    Location:
    The Netherlands
    BTW, I've done a System Refresh on my Win 8 system, and to my surprise it didn't remove most of my sandboxes, it did however remove almost all .exe file inside the sandbox folders. So after reinstalling SBIE, I only needed to add the same sandboxes (with the same name) via Sandboxie's Control, and I updated the configuration file, so I didn't need to configure everything all over again, pretty sweet. Does anyone know where I can find the icon that SBIE uses for all sandbox folders?
     
  13. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,985
    Location:
    Mexico
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,629
    Location:
    The Netherlands
    Thanks for the icon, and I totally forgot about Resource Hacker, I did use it back in the day. :thumb:

    To clarify, some of my old sandbox folders had lost this icon, so that's why I needed it.
     
  15. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,985
    Location:
    Mexico
    I made a copy of "C:\Program Files\Sandboxie\SbieCtrl.exe" to Desktop and pointed Resource Hacker to it and you have plenty of icons there.
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,629
    Location:
    The Netherlands
    Yes of course, totally forgot about this.
     
  17. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,985
    Location:
    Mexico
    How to disable a global template for a specific sandbox?

    I want to disable a global template for a specific sandbox. This template is in Sandboxie.ini under Global Settings.
     
  18. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  19. meatouph

    meatouph Guest

  20. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,985
    Location:
    Mexico
    There's an opened thread at Sandboxie forums due to the last bypass encountered. What caught my attention was a post from BUCKAROO and quote:
    http://forums.sandboxie.com/phpBB3/viewtopic.php?f=17&t=21562#p111937

    Could anyone explain to me why these internal changes? Because I've seen performance in v4.x > has decreased a lot compared to v3.76.
     
  21. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,986
    Location:
    Nicaragua
    On 1. Thats the way that has always worked as far as I can remember. Personally, I think it is good that it works that way. I prefer it works that way, but thats me. On 2. Test not allowing direct access to anything in Applications>Web browser>Firefox, other than bookmarks. I think doing that will take care of number 2 for you.

    Bo
     
  22. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,986
    Location:
    Nicaragua
    Maybe things were closer to perfection in V3. But to get Sandboxie to work in W8 and future versions of Windows, changes had to be done. So, balancing the positives and negatives, I think in the end, as users, we are bettter off with version 4. Otherwise, we could not use SBIE after W7. Thats my take on this.

    I lost a little bit of usability in one program and one program only for using Version 4 and now 5, instead of how things worked in Version 3. I still can use that program in a sandbox and all is well but to get my dedicated sandbox to open and close fast, I disable Drop rights for that specific sandbox. Other than that, I cant tell any difference for any other program in either computer, XP or W7, of how things were before and how they are now.

    Bo
     
  23. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,985
    Location:
    Mexico
    Exactly, things were closer to perfection in many ways. I don't think and don't feel all users are happy/better off with v.4.x/5.x, at least not me.
    Is there only one way to make SBIE to work with post Win7 operative systems?
    Is there only one software engineering conceivable to produce Sandboxie?
    I don't think so.
    Moreover, why there is not any Sandboxie's competitors in the market? We need more people willing to write wonderful and efficient in many ways sandboxing programs.
    I've tried by all means to see positive sides of this wonderful program to make me "believe" and "feel" happy and secure, but not anymore, I can't.
     
  24. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,986
    Location:
    Nicaragua
    Mr X, perhaps, just for a while, go back to W8.1. Windows 10 is a baby and Sandboxie as most third party software is not totally ready for it. And even better, go to W7. All software that I run under SBIE, runs well. I don't install or run games or complicated and huge programs but basically, all I want to do using Sandboxie, I can.

    About the engineering. For that, for someone to come up with something exactly like Sandboxie. You need a Tzuk clone, brother. No one is going to think and develop something exactly like SBIE. There are many great developers that are capable to do it but the way Sandboxie handle files and programs and what it does and what it doesn't do with them, it would require someone to think exactly as Tzuk.
    If you cant, you cant. Dont force yourself to like something you cant like it anymore. Take a Sandboxie break. I tell you a secret. I once did. It lasted about 48 hours. But I took off SBIE for a couple of days. My reason for doing it was because I was bored. Nothing breaking the sandbox can be boring. No excitement. Thankfully, a couple of days after uninstalling SBIE, my good senses came back.

    Saludos, hermanito

    Bo
     
  25. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,629
    Location:
    The Netherlands
    LOL, seems that by running SBIE, you can block certain exploits, because they simply will refuse to run:

    "When the user arrived on the landing page, the exploit kit checked the user’s computer for driver files associated with particular security software, controlled application environments (such as Sandboxie), and traffic-capturing tools. To avoid detection, the EK didn’t drop exploits if any of these products were present".

    http://www.symantec.com/connect/blo...-adds-internet-explorer-exploit-any-other-kit
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.