SBIE 4.x+ & MBAE |It is time...

Discussion in 'sandboxing & virtualization' started by syrinx, Aug 26, 2016.

  1. syrinx

    syrinx Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    334
    I fully expect to continue talking to myself but here it goes anyway.

    If you've ever wanted to use these two solutions [SBIE & MBAE] together (or if you already use the template)
    Please check these threads and then let your opinion be heard. [or as my spell check said, your onion! muahahah]

    http://forums.sandboxie.com/phpBB3/viewtopic.php?f=17&t=19132&start=60#p122975
    https://forums.malwarebytes.org/topic/187485-sbie-mbae

    Two great (IMO) products that don't exactly work well together by default. It is time for change...

    :p
     
    Last edited: Aug 26, 2016
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    So you're saying that SBIE v 4 and 5 is not compatible anymore with the latest MBAE? But yes I agree, the developers should do something about it. I have stopped using MBAE, because I rely on SBIE and EXE Radar for exploit blocking. If MBAE was compatible, then I would probably start using it again, because it's a good product.
     
  3. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    2,176
    Location:
    in a remote land :)
    i stopped using Sandboxie because all those incompatibilities generating silly weekly updates.
     
  4. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    I don't find the updates are a big deal even with 3 computers. But I do note the developers, ERP,HMPA EIS to name a few had to make a bit off effort to gain compatibility. Users just need to give MBAE a kick in the butt.
     
  5. syrinx

    syrinx Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    334
    As it was your suggestion that prompted my spur to action I suppose I owe you another thanks for elaborating here, I wasn't actually aware of the issues other products had in gaining compatibility w SBIE. I've updated my MBAE thread as a result....



    That said, I'm going to follow up by saying lots of super duper (non-SBIE/MBAE related) mean stuff..
    Here we go:

    01) You hurt my feelings.
    02) It's my party
    03) and I'll cry if I want to.
    04) I'll cry until my pity party is in place.
    05) Yeah my grudge is old and mostly 'just because' not because...
    06) You can be rude at times!
    07) I guess I am as well...welp there goes number 6!
    08 ) I'm still not letting go :p
    09) /wink
    10) /Insert truly mean comment here!
    11) I need more beer....mmmhm

    12) Visit the MBAE thread to see what drunken posts I can't edit look like... /note-to-self, preview moor

    13) Where's the drunk translation engine?
     
    Last edited: Aug 28, 2016
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    I forgot to ask this, but can you name some of the tools that it's not always compatible with? I personally never had problems, but that's probably because I only force a couple of apps to be sandboxed.

    I suppose you are talking about Chrome? It's probably best to run Chrome non-sandboxed, since it's already quite secure. I do sometimes wish that more apps could install correctly inside the sandbox, but that's a question of less security versus better compatibility.
     
  7. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    2,176
    Location:
    in a remote land :)
    just read the changelogs since win8, you will see all the sandboxie's fixes needed to run them properly; MS Office, Chrome, MBAE, etc...

    you are pointing to a endless thread lol ;)

    When i used Sbie , i never really tried this feature (even in ReHIPS which also have dedicated feature for it) , i only use Rollback RX for testing suspicious apps.
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Yes, I suppose it can be a bit frustrating when you use Office and Chrome, luckily I don't.

    For quickly checking out apps, it's quite handy. The thing is, SBIE is quite restrictive so certain apps simply can't run correctly, same goes for malware. But I don't try to test malware, a VM is needed for that.
     
  9. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    That kind of sound like its difficult to run Office files in the sandboxed environment when its not. Every Office file that runs in my computers, runs sandboxed every time. No exception. And is done comfortably, without hassle. I am not in W10 and its a little less convenient to do it in W10 but if the user follows the right procedure for running Office sandboxed in W10, then it can be easy as well.

    And Chrome. I dont use Chrome but have installed it many times for testing how it interacts with Sandboxie. I done it when I read someone reporting something. To this day, every time I done so, sandboxing Chrome has work out perfectly well.

    For Chrome users, to avoid getting SBIE messages or problems my best advice is to use a separate sandbox for Chrome and tailor it with convenience as the North. Make it as restricted as possible but without losing convenience. It can be done. For example, if you are using one of those computers where you get the Bits message all the time, then don't tick Drop Rights. And forget about it.

    Bo
     
  10. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    I don't bother running Excel or Access in SBIE, but I have been able to beat the problem of running Outlook 2010 in the latest SBIE versions.
     
  11. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Same over here, but I don't update Chrome. And I think people complain about MS Office, not about Libre or WPS.
     
  12. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    About Chrome. If sandboxed Chrome wants to check for updates, let the browser do it. Thats what I would do if I was a Chrome user. If Chrome wants to run nacl64.exe or something else, let it run. People using both programs experience issues and get messages when they want a highly restricted sandbox for Chrome. And in some computers you cant do that. If you are going to run Chrome in a sandbox don't try using Sandboxie to block Chrome (IMO, looking from the side, thats really the key) cause its not going to work. And then the user thinks SBIE is the problem when actually he is setting the sandbox wrong (my opinion).

    Office. I use Libre in W7 and MS Office in XP. Both programs in both computers work well. I think Office is working fine sandboxed in most computers. But there have been many issues to get the C2R version running smoothly. I know a recent Windows update introduced a new issue, I believe Invincea has the fix already figured out and should be applied soon. Getting the new versions of Office in the newer systems running sandboxed is tough. Thats not an easy one for sure.

    About MBAE and SBIE. I think you guys that use or have used both programs at the same time ought to tip your hat to Syrinx/btm. He has done so much to get both programs getting along that I tip my hat to him even though I don't use MBAE. I read the post from the MBAE developer about the issue, sound encouraging. Hopefully it fixes compatibility without opening holes in SBIE or weakening MBAE protection.

    Bo
     
  13. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Good to know, Pete. :cool:

    Bo
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    I think MS Office and Chrome updates may break compatibility with SBIE, and apparently that's what people complain about. It might also depend on which version and OS you're using. And yes, MBAE should work like HMPA who can easily inject code into sandboxed processes. On the other hand, it's not a big deal to me since I use EXE Radar which monitors process execution inside the sandbox.
     
  15. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Thats correct. But isn't maintaining compatibility between software's an on going thing that applies to all software? I mean, for example, Microsoft made changes in W10 when they released update 1607, this changes are going to have an effect in the way Sandboxie interacts with software in that system and it may break something. And then SBIE developers react to those changes by releasing a new version. Thats the way it should be and how it is.

    I know there's one guy here who complains about Sandboxie updates who wishes Sandboxie remains static and still work with the 26 other security programs he uses when this other programs make their own updates. Thats not going to happen.

    When Invincea took over Sandboxie all I wished is that they maintain Sandboxie, and they done that. Complaining about the maintenance that's required for Sandboxie to continue working properly is pretty dumb.

    Bo
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Yes I agree, it's probably best to run tools that don't seem to break, like Libre, WPS Office and Firefox. If Vivaldi might have future compatibility problems with SBIE, I'm probably going to sandbox it with SpyShelter, which is probably a bit less robust but will still do the job.

    And to get back on topic, perhaps it better to use anti-exe instead of anti-exploit who might cause compatibility problems with SBIE, because they need to inject code and hook into sandboxed processes. On my system, HMPA broke SBIE's protection.
     
  17. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    2,176
    Location:
    in a remote land :)
    Those two a very very widely used programs. So people shouldn't have issues with them. About the OS , every security softs is affected by major changes, so we can't put the fault on Sandboxie in that case.

    Unfortunately lot of people use Chrome and many companies use MS Office (and i don't see those users shifting to other apps to fit Sandboxie, Sandboxie have to adapt) so Invincea should find a better way to handle those softwares.
    Sandboxie has a particular protection mechanism concept which had been made during the WinXP/7 era (when the OS didn't change much); now since Win8, MS (and other apps) change (and keep changing) lot of stuff; and that hamper the compatibility of Sbie (and some others) every time.

    My point is SBie is a sufficient alone to protect a system, and if a user is using 26 other security softs and have issues, it is not Sbie problem; however if Sbie have hard time to handle important apps especially Chrome-based browsers (which is the main advertisement point and reason of using Sbie), this is a problem in my opinion. I remember in the past when Chrome released a major version , we had to wait several days before a fix was made; this can't happen anymore especially when simply surfing is a risk by itself.

    Of course if you just use Sbie on XP/7 and barely install anything else you can say Sbie works perfectly, but it is not the case of other people. To some (like me) , those weekly updates are annoying (especially those that are made just for one soft) , because ,in my case , i have my own way of maintaining and securing my system, i don't like frequent installations. It is the reason i stopped using Sandboxie since i found a better alternative at the moment. Doesn't mean i asked Invincea to change their method, i just don't like , so i quit.
     
    Last edited: Sep 4, 2016
  18. syrinx

    syrinx Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    334
    I'm tempted to argue with you but you do bring up some potentially valid points and I can certainly understand the aggravation of betas and updates. Ideally everything would be working perfectly together as well. Either way, thanks for making your voice heard! If it's any consolation, after this week I won't be bugging anyone for a long while :p I have some things that I actually find important to do this month...it'll be interesting for quite a few members here I think... just ignore me tho, that's the best bet...
     
    Last edited: Sep 5, 2016
  19. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    2,176
    Location:
    in a remote land :)
    no problemo, i prefer a good virile debate that help and teach/explain something to someone than a bare fruitless silence; so don't mind expressing your feelings/opinion.
     
  20. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Yes I agree with this. If they claim to support these tools, they should be on top. I wonder if Invincea X has the same level as problems, because in a business environment, people don't have the time to deal with this. And it will also stop some people from choosing SBIE as their main protection tool. But for me personally it's not a big deal. MS Office and Chrome both suck big time, if you ask me.
     
  21. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Sorry, but I don't agree. The solution for solving messages when running Chrome sandboxed is up to the user. Most of this messages are information messages in which Sandboxie tells the user about processes called upon by Chrome that are attempting to run. You have to let this processes run.

    Here is a typical case of a Chrome user who was being bombarded with SBIE messages when sandboxing Chrome. See how easy he solved the messages. By the way, what I wrote at the end of the thread I am linking, I quoted myself from a post I wrote here in this thread a few days ago.

    http://forums.sandboxie.com/phpBB3/viewtopic.php?f=17&t=23337&p=123042#p123011

    Bo
     
  22. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    To clarify, I really don't know what exactly people are complaining about, but on my system I've seen Vivaldi and MS Office not being able to run sandboxed at all, it wasn't about annoying messages. And Chrome works just fine, but I never update it.
     
  23. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    The link I posted is a good example of what people complain about. Most complains about Chrome running in the sandbox are similar to what that user posted. IMO, it is a non issue. Why? Because all the user had to do was allow Chrome to run freely. If you try blocking Chrome with Sandboxie you will have problems. You have to let the browser run.

    Others complains are like yours, cant run Chrome/Vivaldi in the sandbox. Usually one of this two things create that situation. 1. Another security program you are using is interfering with SBIE. You might see vivaldi.exe or chrome.exe running in Sandboxie control, but the browser doesn't pop up open, and 2. Settings. You have set the sandbox wrong.

    Anyway, I just tried Vivaldi in both of my computers. In my XP, I installed it in the real system (in Shadow mode). All went well. Browser runs nice.

    xp.JPG

    And then I tried it also in my W7. This time I ran the installer in a sandbox. All looked good, cant be any better. :)

    I know I told you before, you are using a program that interferes with SBIE.

    W7.jpg

    Bo
     
  24. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    18
    Location:
    Philippines
    I'm assuming those having problems with SBIE and Chrome uses Win10?!
     
  25. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    2,176
    Location:
    in a remote land :)
    Surely, because MS changed lot of things in Win8/10 , and Sbie has sometimes difficulties to adjust.

    As i said earlier, Sbie's concept was created during winXP/7 era so of course you won't have much issues if you use those OS.

    i highly suggest @bo elam to install Win10 AU on as a real system (not VM) , he may then gives accurate advices and help...instead of mentioning his WinXP/7 system while some users has issues on Win8/10.