Sandboxie v2.0 - Problem.

Discussion in 'other security issues & news' started by ErikAlbert, Sep 2, 2005.

Thread Status:
Not open for further replies.
  1. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Sandboxie v2.0 - freeware - winXP and win2000 ONLY.
    http://www.sandboxie.com/

    My first contact with Sandboxie was in this thread :
    https://www.wilderssecurity.com/showthread.php?t=95672 (1st post written by dear member SDS909)
    But this thread is about "AV Recomendation" (= AV Recommendation).
    So I thought it was better to start a new thread, to keep the other thread clean.
    I heard about sandboxes in the past, but I never understood the meaning of it (kids play in sandboxes :) ) and I don't have that much time and my problem with English makes me much slower/more stupid and there are so many things about computer.
    So sandboxes didn't catch my attention until now and now I know what it is, I'm quite surprised that I hardly read about sandboxes in security forums.
    Everybody is talking about AV/AS/AT/AK/... scanners, which are all definition-based softwares, while a sandbox protects you against ANY malware (old and NEW) and that's ALOT BETTER than definition-based scanners.
    I really wonder why sandboxes don't get that much attention, because this is a PREVENTING software, while you are browsing through the internet that is full of infected websites.
    BUT I have a problem with Sandboxie and I like to solve this problem first, before we start discussing sandboxes.

    -------------------------------------

    I have win2000proSP4.
    The installation of Sandboxie wasn't smooth and I'm telling this to inform other members.
    Apparently something was missing in the file "advapi32.dll".

    So I checked first if this file was on my harddisk and yes it was even two times :
    C:\WINNT\ServicePackFiles\i386\advapi32.dll - 392KB
    C:\WINNT\system32\advapi32.dll - 392KB

    Because something was missing, I searched for another advapi32.dll on the net and I downloaded that one.
    I replaced the first one with the new one, but I couldn't replace the second one, which was probably in use.
    So my harddisk looks now like this :
    C:\WINNT\ServicePackFiles\i386\advapi32.dll - 603KB
    C:\WINNT\system32\advapi32.dll - 392KB
    Note that the volume of the new .dll-file is much bigger.

    To install Sandboxie you need apparently Administrator privileges.
    So I logged off/on as an Administrator and this time the installation worked. Sigh of relief.

    My LEGAL original installation CD of win2000pro is more than 3 years old.
    So my "Windows Update" is quite extensive, but what I don't understand is that after installing SP4 and the many patches, I still have an OLD advapi32.dll of 392KB and not 603KB o_O

    I ran MSIE6 under Sandboxie, which is also my default browser and that worked without problems.
    BUT I'm more interested in running Firefox v1.0.6 under Sandboxie and that did NOT work : error message.
    I use Firefox for surfing and searching, so the risks of getting infected is bigger.

    My question is : what's the problem with Firefox. Any ideas ?

    My actual configuration is :
    ----------------------------------------------------------------------------
    # Sandboxie Configuration File
    # Automatically generated whenever the configuration changes.
    # Set ConfigLevel to 99 to prevent the overwriting of this file.

    [GlobalSettings]
    ConfigLevel=1
    BoxRootFolder=%AppData%
    CopyLimitKb=32768


    [DefaultBox]
    Enabled=yes
    OpenFilePath=msimn.exe,%Local AppData%\Identities
    OpenKeyPath=msimn.exe,HKEY_CURRENT_USER\Identities
    OpenKeyPath=msimn.exe,HKEY_CURRENT_USER\Software\Microsoft\Outlook Express

    AutoCleanWhen=SandboxieCloses

    RecoverFolder=%Favorites%
    RecoverFolder=%Personal%
    ----------------------------------------------------------------------------
    I'm not a programmer, but I'm sure that some members are able to read this.
    Maybe I have to add a line in this file to make working with Firefox possible. Which line ?

    TIA.
     
    Last edited: Sep 2, 2005
  2. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Sorry can't help with your prob as I have only been using this prog for a week or so.May I be at liberty to post a coupla things.

    I have Firefox set as default and have no probs running either browser.When people start hearing more of this software and they try it out they will be amazed at it's simplicity and security. :cool:

    I deleted shortcut icons for firefox and IE and made shortcuts on desktop to "Run internet explorer under sandboxie" and "Run default browser under sandboxie",renamed them to IE and Fire and changed the icons to Internet Explorer and Firefox defaults.

    This way I have no probs remembering to start them through Sandboxie.

    Sandboxie has a help forum and the author pops in every coupla days to post answers.Not that busy as yet but I'm sure that will change in the near future.

    Configuration:
    # Sandboxie Configuration File
    # Automatically generated whenever the configuration changes.
    # Set ConfigLevel to 99 to prevent the overwriting of this file.

    [GlobalSettings]
    ConfigLevel=1
    BoxRootFolder=%AppData%
    CopyLimitKb=32768


    [DefaultBox]
    Enabled=yes
    OpenFilePath=msimn.exe,%Local AppData%\Identities
    OpenKeyPath=msimn.exe,HKEY_CURRENT_USER\Identities
    OpenKeyPath=msimn.exe,HKEY_CURRENT_USER\Software\Microsoft\Outlook Express


    RecoverFolder=%Favorites%
    RecoverFolder=%Personal%
     
    Last edited: Sep 5, 2005
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Franklin,
    I understand why you can't help me. I have been visiting the forum, you are talking about and even the author of Sandboxie hasn't the right answers.
    My intuition tells me that the author has developped Sandboxie in his OWN environment.
    Each time somebody uses Sandboxie and he has troubles, he has to find some kind of workaround to solve his problem on his own.

    Some of the Sandboxie users are very proud to have fixed their problems with Sandboxie, they uninstalled ZoneAlarm and installed Kerio and suddenly all their problems with Sandboxie disappeared.
    One user had trouble with Office 2003 and Sandboxie and the answer of the author was "Sorry I don't have Office 2003".
    Sorry but I call that bungling. I expect from Sandboxie that it works without any problem, no matter what the configuration is and I'm not going to find out why I can't use Firefox in Sandboxie. That's not my problem, that's the author's problem and I'm not the right person to help the author.

    No wonder his software is free and has a forum, because that's the best way to find out how good the software is and what kind of troubles the software is causing. I would do the same thing.

    The philosophy behind Sandboxie is great, I don't have any doubts about that, otherwise I wouldn't be interested in Sandboxie, but technically there is something wrong with Sandboxie.
    I ditched Sandboxie for now and I will keep an eye on it, because I respect the author and his idea.
    Maybe the next versions of Sandboxie will be better.
    If Sandboxie and Firefox, weren't a problem on my computer, I would have used it already.
     
  4. ----

    ---- Guest

    What a brillant observation! How did you manage to rule out the possibility that he developed sandboxie in an environment that WASN'T HIS ? :)

    You are an application analyst according to your profile, if you can't help him, who else? All the poor IGNORANT users?
     
  5. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I don't know the author, do you ? Anything is possible.
    I just read text, black on white, I don't even know what kind of job he does and in which environment he works.

    I guess you don't know what an application analyst is.
    In my job, I don't have to know anything about computers, but I need to know as much as possible about what happens within a company and what everybody does in that company in order to create a good application.
    I design the databases, the user interface and the output documents with pencil on paper and that doesn't require any computer knowledge.
    My problems are totally different from the problems of a programmer.
    Once my job is finished I talk to computer people and they take care about the programming, etc.

    Of course the job analyst/programmer also exists, but that is a very bad combination, most of them are a good analyst OR a good programmer, but seldom both, that's why we separated both jobs at work.

    All what I know about computers is second hand information and because I have a home computer.
    If I want to help the author of Sandboxie, I need to know alot more about computers/internet and I don't have that knowledge.
    In fact, I can't do anything with my knowledge in the security world, because my applications have nothing to do with security.
    I'm working in a computer department of a company, that is specialized in all kinds of transportation : vessels, trucks, trains, containers, ... so all my applications have something to do with transportation or accountancy.
     
  6. ----

    ---- Guest

     
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    You still don't understand what an application analyst is. I have a WHOLE computer department full of computer people, that take care about technical problems : programming, communication, whatever.
    I just tell the computer department, what I want and they make it possible.
    I can't do their job and they can't do my job.

    I work for applications on mainframes and sometimes personal computers and don't compare applications with security. Applications are always a collection of many programs, while most security softwares have only one program.
    We don't have $30 applications, like security softwares, our applications cost alot more and do alot more than just one job.

    IMO you are confusing analyzing with programming.
    Analyzing happens BEFORE the programming, not during or after the programming.
     
  8. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Erik,I use ZAP here and it did pop up warnings that Sandboxie was trying to execute Firefox and IE which I allowed.Have had no probs.

    Maybe people are installing without shutting down ZAP first?

    With many softwares there are bound to be issues,both new and old.I must be one of the lucky ones as the newest ZAP installed and ran without a glitch also where quite a few people are having issues.

    Damn shame your having probs and have uninstalled.

    XP pro all updates
    P4,3ghz,1gram
    Running programs,ZAP,Vet AV,Winpatrol,Sandboxie
    On demand,Ewido,A2,Giant
     
  9. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hi,
    I have tried Sandboxie on an XP Pro sp2 platform and had some compatibility problems. The CPU usage would go to 100% and programs would not load or with errors. Eventually, I decided to ditch. I don't like compatibility problems.
    Mrk

    P.S. But I'll try again on another comp, to see what happens . . .
     
  10. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    @Franklin,
    Thanks for trying to help me out.
    I've closed ZA Free (not ZAP), I even uninstalled ZA Free, but without results.

    Sandboxie works fine with MSIE, but not with Firefox.
    Sandboxie and Firefox should work together according the homepage, but not on my computer.

    After reading several problems at Sandboxie Forum and the way they solved it, I ditched Sandboxie.
    Fooling around with my system and trying everything out to make Sandboxie work properly, is not my style.
    Sandboxie is the problem, not my computer.

    I have Sandboxie on CD and I keep an eye on the website of Sandboxie, because I'm interested in softwares, that work preventive and Sandboxie is a very special one.
    Sandboxie doesn't allow any change on your harddisk, just like ShadowUser and that kind of protection is alot more foolproof than any Definition/Heuristic-based shield.

    I don't use ShadowUser yet. I prefer to wait for other miracles like ShadowUser.
    IMO definition/heuristic-based solutions don't have a future, but I'm not going to explain why, because this thread is about Sandboxie.


    @Mrkvonic,
    Thanks for mentioning your problem with Sandboxie and your post certainly proves that I'm not the only one.
     
  11. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
  12. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
  13. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hi,
    Erik, I think you're missing out not using xp.
    I have a win2000 at my work (along with another 2 comps with xp), plus 4 machines at home running winxps (home and pro) and I can tell you xp is much more convenient. The machines work faster and lighter, especially older ones.
    Mrk
     
  14. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Mrkvonic,
    I believe you, but my wife spends all my money on clothes, ... and I can't use my savings without her knowledge.
    I don't really care about that, because I use mainly MS Office 2000 (Word, Excel).
    I could marry another woman of course, but I still love this one and she takes good care of me.
    Sometimes I have to make a decisive choice between two softwares : wife or winXP. :cool:
     
  15. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hi,
    Don't tell me you don't control the budget!
    Oh, man, you've been hacked! By your own lady!
    Mrk
     
Loading...
Thread Status:
Not open for further replies.