Two Questions about Sandboxie

I was talking to a friend who is thinking about getting a new computer, and I told my friend to let me install Sandboxie on their computer before they used it. However, they told me that a computer repairman that this person talked to about Sandboxie said that it is not really needed anymore with the newer computers. Therefore, my first question is: Is Sandboxie or any virtual software program still needed if you have a new computer? (Also, I see so many people on this forum who seem more like advanced users having a lot of converstaions about Sandboxie and virtual software.)

And my second question is: Why does Sandboxie seem like they have new updates around once a week or once every two weeks? And thank you in advance for any answers that anyone may have.

 

That is not new. Since the beginning of Sandboxie, there has been people saying what the repairmen told your friends. Usually the people who say it don't know Sandboxie (perhaps not heard about it before, or even used it for a day). So, they don't know and assume Sandboxie is just one out of the hundreds of security programs that have existed. Is very likely most computer repairman have never heard about Sandboxie.

In a way, to be one of the few who have heard about Sandboxie, you have to be lucky. You, Capricornia are lucky. I have always felt like that. When I discovered Sandboxie in early 2009, I was looking for something that would protect me, I had gotten tired of getting infected twice a year every year and had made up my mind to do something about it. At the time, I had already figured out that antiviruses did not cut it, they did not do the job, they were always behind, and depending on them was futile.

So I knew I needed something better than AV, the problem now was what to choose. What program or technology to use. Making the decision harder was the fact that there were hundreds of programs claiming to be the greatest. After trying one HIPS program, I knew HIPS was not for me. I wanted something that works without loosing convenience and usability. So decided to try isolation and Sandboxie came in front of my eyes. Sandboxie did not claim to be the greatest but something about it clicked with me. And after trying it, and realizing that you can use the computer as if you were not using SBIE, but you are secure, I decided to try it for 6 months and see what happens. To make it short, I haven't had any infection since the day I installed SBIE.

I don't use AV, don't waste time doing scans or use anything else for security other than SBIE. I always say that I was lucky to discover SBIE but deciding to use it was a wise decision.

Another thing that some non Sandboxie users (usually haters) used to say a lot was that anytime now, in just a matter of time, viruses will escape the sandbox. Sandboxie's sandbox is the weakest. The program is weak, etc. Capricornia, the years have gone by, the SBIE attackers have come and go, and Sandboxie's sandbox is still as powerful as ever. At this time, the attacks on Sandboxie have pretty much ceased.

Let me point out something to you that I think proves that isolation do not belong to the past. Just a couple of years ago, Microsoft introduced the Windows sandbox and kind of tried to enthuse people into using it. IMO, that is proof that sandboxing isolation is alive and well. MS told us that when they created their own sandbox.

Is up to you. You were lucky to discover the product. You discovered a couple of years ago, I think. Two yeas is plenty time for you to know the answer. You shouldn't have to ask this question. The results from you using SBIE for 2 years should help you decide on what to do. But yeah, to really know if SBIE works, you have to use it all the time. If you use it part time, you really won't know how effective Sandboxie is.

Sandboxie updates usually are to fix compatibilities with Windows (after a Windows update that breaks compatibility) or programs that are run under SBIE and don't work anymore because of an update by the program. So, they need a fix, and sometimes the SBIE developer can help and implement the fix via an update. Also, updates fix holes in the sandbox after they are discovered. Now days, with David, he introduces new features to Sandboxie. This changes become part of SBIE via SBIE updates.

Bo

 

@Capricornia All previous, new, and future computers by nature will be a target for compromise. C'est la vie.

 

Vive Sandboxie !!

 

What you need depends on your security strategy and risk model. Sandboxie can be a very useful tool against browser exploits. Yes it's true that browsers like Chrome, Edge, Firefox and others already have a built-in sandbox, but Sandboxie actually ads virtualization on top.

You don't actually have to update Sandboxie as long as your browser works correctly.

 

Thanks much, Bo. I have sent the information in this thread to my friend, and now it's up to her to decide if she wants to use it. Also, one of the misgivings that my friend has with me installing Sandboxie on a new computer if she gets one is that she has stated that a while back ago when I once installed some security programs on one of her previous computers, her computer slowed down and eventually got all these pop-ups on it. However, I assured her that it couldn't have been from the security programs that I installed because I have those same programs on my computer and they don't detrimentally affect my computer. Although, I did kind of recalled that I may have installed CCleaner on her old computer and that CCleaner had been infected, and I told her that CCleaner could have caused those problems. Also, we discussed how older computers with low RAM and hard drive storage could start to have speed problems if you put too many programs on them. Plus, more recently, I installed SuperAntiSpyware, Malware free, and I think Emsisoft Emergency Kit on another friend's computer and she claimed that those programs slowed down her computer, even though I know that none of those programs are known to cause problems on computers.

 

Thank you for that, StillBorn.

 

What do you mean by that, Rasheed?

Thank you for that, Rasheed.

Thanks.

 

What I mean is that some people on this forum might tell you that all you need is Win Defender, but I would never rely on only one security tool for protection against malware. In my book, a little bit of extra security is always useful. The risk of encountering browser exploits for home users is quite small nowadays (unless you are targeted), but you never know when disaster will strike, and that's where tools like Sandboxie come into play. But there are also other tools to protect against exploits, like OSArmor, Malwarebytes Anti-Exploit and HitmanPro.Alert, so Sandboxie is only one option.

 

complete BS. if a browser is vulnerable (in most times outdated) there exist NO fix to make it secure.
but you can lower the impact in fact you can prevent the outbreak of sandboxie to the host system, but you can NOT prevent the browser to read and send out sensitive data. to prevent this you need to reduce access to such sensitive data - which is most of the system.

what i read here so often here that any browser has issues within sandboxie, in most cases its cause by system itself and the installed security software. i never had issues when using firefox, chrome, edge and others in sandboxie, but i do not use any additional or replacement security software to windows defender. so the most problems are caused by user, not software.

for some cases i have "shadow defender" installed, and for some rare cases VirtualBox (VBox, Oracle, free).

i had no malware since > 25 years now, close to my beginning with windows. so i think i had done all right although i had my best times with gulli board.

for me i use sandboxie to try out new software or other investigative work. but such users are the minority, the most of the try to get anything to work in sandbox, pointless or not.

ccleaner, you should not recommend this or similar software to new or unexperienced users. try "cleanmgr" (windows tool) first, maybe cleanmgr+ (third party). but ccleaner with its default settings is able to destroy important or vital data, in special for browsers you should not use it. the advantage of ccleaner is soo small. i do not use it.

 

I hate to ask what I think is a stupid question here, but I've looked for the answer and am a little confused.

Sandboxie is a big part of my security and safety setup. I use an email notifier sandboxed which allows me to view, respond to and delete messages while they are on the server. Emails are a big entry point for malware and this stops that.

My browser sandboxed is self explanatory, also a big entry point for malware.

It's the third entry point I'm wondering about - inserted CD/DVD/USB files from a drive.

Is there a way to open them in a sandbox and view the contents safely before any action ?

 

If your primary drive is C:, force all other drive letters in sandboxie.ini
to open in the box that you want e.g DefaultBox. Example code:

Spoiler: add to sandboxie.ini

Code:

[DefaultBox}
.
.
ForceFolder=B:\
ForceFolder=A:\
ForceFolder=Z:\
ForceFolder=Y:\
ForceFolder=X:\
ForceFolder=W:\
ForceFolder=V:\
ForceFolder=U:\
ForceFolder=T:\
ForceFolder=S:\
ForceFolder=R:\
ForceFolder=Q:\
ForceFolder=P:\
ForceFolder=O:\
ForceFolder=N:\
ForceFolder=M:\
ForceFolder=L:\
ForceFolder=K:\
ForceFolder=J:\
ForceFolder=I:\
ForceFolder=H:\
ForceFolder=G:\
ForceFolder=F:\
ForceFolder=E:\
ForceFolder=D:\
.
.

 

You can force your CD/DVD/USB drives to run sandboxed via Forced folder (this does the same as copying the setting with the letter that applies to your case from soccerfan's post and paste it in the correct place in Sandbox settings). I suggest you create a new sandbox for USB and another for CD/DVD or at least use one for this two functions, separate from the sandbox were you run browsers, etc. Doing so allows you to set up running USB dives better. For example, if you use a separate sandbox for this functions, you can forbid all programs that run in the sandbox from connecting to the internet. This is something you couldn't do if you decide to run your USB drives in the same sandbox were you run browsers.

Something I found after moving to David's Sandboxie is that forcing USB drives works differently now than how it did before. Before, when we plugged in a USB drive, a sandboxed version of File explorer ran sandboxed. That is as secure as it can be. If anything ran, on its own, it would run sandboxed, no matter what it was.

Now, forcing USB drives, works the same as forcing any folder (it does not use File explorer anymore). So, now that you know this, if you know how to restrict folders in a way in which you won't lose usability but be as secure as it can be, that is how you should proceed. You try to strike a balance between security and usability. Basically what I am saying is that now, restrictions are more needed than before when forcing your USB drives, specially so if you share flash drives or plug other people's flash drives (something I don't do or think is OK to do).

Bo

.

 

Thanks for the replies guys, appreciate it.

 

So it's not BS, since that's exactly what Sandboxie is meant for, to isolate and perhaps even block malware from running, so that's what I mean when I say it's useful against exploits. And don't forget that you can also configure Sandboxie in a way that it will block process execution and block outgoing connections from untrusted apps. But personally I like to use other tools for this.

 

i have a lot of doubt about people who install and use a lot of pointless security software crap to reduce impacts where not possible. https://www.wilderssecurity.com/posts/3085903/

ofc sandboxie can prevent intrusion, but not on a current browser version. this was told you more than once. and fact is that it need a (very rare) combination to have an impact on chrome*, egde or firefox.
i always read announcements or google-zero results.
*vivaldi is only a chromium clone with some extras, there are no stats about vivaldi, its one of "others" with a very low number in stats

your attitude towards exploits in browsers need urgent update!+
thats why "BS".

 

For a new computer, software like Sandboxie, Shadow Defender, Deep Freeze is something I'd highly recommend.

I'm a Sandboxie user (used mostly for web browsing) but I'd never recommend a new user to use Sandboxie, Shadow Defender, Deep Freeze etc......You might be wondering why as those three pieces of software are great, however I've been "Mr FixIt" for people in the past regarding computer software and recommending such software (or any software in general) comes back and bites you on the **** (ie multiple phone calls of software not working or something I've done has caused something else to mess up on their computer etc).

Tell your friend that you don't know much about computers or software. Less grief.

 

@ bo elam I have a question for you bo. Do you have Sandboxie Service in Services ?

 

Yes, mine looks like yours.

Bo

 

Agree, none of those programs is viable for a new computer user. Look at the problems we can all experience whenever Microsoft or Google make a change.

 

Seems like you haven't got a clue what you're talking about. Sandboxie can still protect browsers against exploits till this day, it doesn't matter that browsers have their own built-in sandbox, because Sandboxie adds a virtualization layer on top. So in case malware manages to run and bypass Chrome's sandbox, it will most likely still virtualize for example ransomware. So it will only be able to encrypt files inside the sandbox, assuming that you didn't give Sandboxie direct access to certain folders. And NeuShield is far from pointless, the only thing that is pointless is you acting like you know it all, but you clearly don't, so stop the BS and educate yourself, that's my advice to you!

 

LOL, good one. But it really depends on the user and how he/she uses the computer. I have secured quite a few computers for noobs with the help of Sandboxie. But for other people, other solutions might be better.

 

When the evidence supports the argument, as it clearly does...

 

Numerous public libraries and other institutions using Faronics Deep Freeze to protect hundreds of thousands of dollars worth of computer assets would disagree. It's the bone headed tinkering of 'a new computer user' on their paid for in earnest systems they fear the most.

 

Shadow Defender AND Deep Freeze? why? Please explain to me. i use SD and DF is same for me, maybe more sophisticated. DF is little more expensive to SD ($40 <> $50, DF Standard).
SD seems no longer developed, ok, on win10 it works. i got paid and giveaway license

from my view and experience - keep it simple. the more you install the more user is forced to pay attention about this or that - and to expect the unexpected (issue).

and another is to create regular backups. not with windows tools, other. i am using acronis true image ISO (!), this means images offline. (installation is bloated). or Aomei (the pro is currently offered as giveaway, over a year now), or Macrium Reflect free. try out which one is best for you or user.

Backups are recommend, in special when you try out other antivirus as defender. those "other" integrate so deeply into system that a removing tool is necessary. or other try-outs.

sandboxie has features for passive protection, like forced folders, or forced programs. but i repeat, keep it simple. sandboxie can do favors for you, but it could be tricky at least and can create more questions that results.