What do people think of Sandboxie?

Discussion in 'privacy technology' started by lucygrl, Nov 22, 2013.

Thread Status:
Not open for further replies.
  1. lucygrl

    lucygrl Registered Member

    Joined:
    Nov 6, 2013
    Posts:
    202
    I read here a number of people mentioned Sandboxie, what do people think of it? Is it a good idea to run tor from sandboxie?
     
  2. hogndog

    hogndog Registered Member

    Joined:
    Jun 9, 2007
    Posts:
    628
    Location:
    In His Service
    It would be hard to find an application better than Sandboxie, but i see your Linux avatar and unless they've made some changes recently Sandboxie only works in Windows.. :(
     
  3. lucygrl

    lucygrl Registered Member

    Joined:
    Nov 6, 2013
    Posts:
    202
    Lol. Dont mind me, I just love the look of the penguin. With that said even though Im using Linux on some of the PC, I still have other computers running windows and sandboxie looked good and cheap to purchase. It seems good to download things and test them out first. Im just wondering if its also good to run Tor from sandboxie?
     
  4. login123

    login123 Registered Member

    Joined:
    Jul 12, 2007
    Posts:
    101
    SBIE is a great app. Worth the price.
    Wish it had not gone subscription, but worth the price, imho.

    fwiw, I'm running OperaTOR in SBIE right now.
    Works fine, bit slow but thats TOR not SBIE.

    Also just finished running the latest TOR browser in SBIE.
    Works fine, is faster but still a bit slow.

    Created a separate sandbox for each browser.
     
  5. TheCatMan

    TheCatMan Registered Member

    Joined:
    Aug 16, 2013
    Posts:
    327
    Location:
    sweden
    Sandboxie is nice It does add an extra layer of security and privacy, as long as you use ccleaner/privaZer or a decent cleaning app to delete the sandboxie contents folder.

    I still feel overall your better off using encryption and virtualbox sessions and a combination of both. And if you still wanted to you could use sandboxie as an additional layer.
     
  6. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,594
    Love Sandboxie. I use the full paid version and it rocks.

    Question, since it applies to this thread. I use Linux VM's in virtualbox and on some machines the host OS is 7 Ultimate. Those machines employ sandboxie.

    Soliciting opinions: would there be any security advantage to placing the Linux VM's inside a sandbox? Some of them are Whonix dual VM's and others are straight Linux. I think my host is clean but then one never really knows for sure. LOL!!

    I would love to hear others' experience if they have run their linux VM's confined to a sandbox.


    TheCatMan - I completely delete all contents upon closing the browser. I do that between ALL sites so its an empty sandbox before I ever click on a site. Every time no exceptions. That is my method!
     
  7. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Beware of mobs. Never talk about the negatives, unless you have the mental toughness to deal with the outcry.

    SBIE is great software, but its power can corrupt ones thinking. Evidence of that is most apparent here.
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    A solid idea, not sure about the implementation. I don't know if Tzuk has changed from using SSDT hooks, and if not, how he's gotten around race conditions with SSDT hooking, etc. I really like projects that are super open about their implementation, because it lets people understand how they're more secure, or not more secure - it would be cool to hear more on this from him.

    On 64bit I'm not sure how much userland hooking is relied on, I doubt much, I believe SSDT hooking and standard hooking are used more. That's a good thing if I'm right, since userland hooking is not useful. I think there's a minifilter driver involved, so that would make use of SSDT hooking/ everything else mentioned much better.

    Closed source, which I'm not a fan of, but I don't blame him - not many have the stability to try to go FOSS. Single developer, also not a great thing when combined with closed source, but he seems to have done a very solid job on design.

    Overally, I'd say Sandboxie is above adequate for the average user with average needs, not what I'd recommend for someone looking for a highly secure system - but I would never recommend Windows for that person either. For a "most secure" Windows, I'd probably want Sandboxie, depending on the needs.
     
    Last edited: Nov 23, 2013
  9. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Sandboxie since it's inception.

    Always. An app for all seasons :thumb: :thumb:
     
  10. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    Historian Will Durant said, "To speak ill of others is a dishonest way of praising ourselves."
    Evidence of that is most apparent here. ;)
     
  11. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Oh, maybe not for you, but that quote applies to quite a few SBIE users here. Unless of course, one of you can disprove that.

    As for what I think about Sandboxie itself, it's a special freeware that allows one to sandbox anything and configure that pretty much to your taste. There are no worthy replacements as far as I know. Don't go overboard with it though.
     
  12. RollingThunder

    RollingThunder Registered Member

    Joined:
    Nov 21, 2013
    Posts:
    187
    Location:
    https://www.eff.org/issues/anonymity
    Well, I have used Sandboxie and Shadow Defender both for different reasons. I think when it comes right down to it I prefer my entire system being virtualized as opposed to chosen apps.

     
  13. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    By all means, I encourage you to search the Sandboxie forum for Tor, for lots of thread results. :thumb:
     
  14. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I've never been a fan of sandboxing as a security policy or a primary defense. By itself, I consider it insufficient. For the average user, it's a good 2nd layer to a conventional default-permit policy enforced by AVs. In this role, it can attempt to contain any malicious code not detected by the AV.

    IMO, SandBoxie is very useful from a privacy perspective. When set to auto-delete the sandbox, it's very good a removing usage tracks and browsing records. Even with this, Windows still manages to store some activity records, but they're beyond the scope that SandBoxie was intended to cover.

    Regarding running Tor in SandBoxie, are you referring to Tor itself or the Tor Browser Bundle? If you meant Tor itself, is Tor running as a client or a relay? Assuming no operational issues, with the Tor Browser Bundle you gain the same benefits you would by sandboxing your normal browser. Given the restrictions already built into the Tor Browser Bundle, you're less likely to need that sandbox. As for Tor itself, I don't see any real advantage to sandboxing it. AFAIK, no one has managed to exploit it in a way that would result in code execution or anything similar. If Tor is running as a relay, the sandbox would be long term, weeks or months. I don't know what effect Sandboxie would have on its performance or on the overall system load with that many connections through it.
     
  15. malexous

    malexous Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    828
    Location:
    Ireland
    I think the SSDT hooking has changed. http://www.sandboxie.com/phpbb/view...&start=0&sid=f0b765fde18f2717b074a73bf4db4729.
     
  16. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Ah, Tzuk finally implemented it that way. Cool. That's the way I'd do it, so I can't really say much bad about that.

    I'm in the process of writing a program that sandboxes Java, and it works very similarly to the way Sandboxie now apparently runs - instead of having the program be responsible for denying access, have it instead only be responsible for allowing access.

    *Much* cleaner, much more secure.
     
  17. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Great quote and very true. Doing it as a selling technique, never works.

    @Lucy, I ll like to describe Sandboxie borrowing the old proverb made famous by TR, "speak softly, and carry a big stick", that's how I see SBIE and its how it behaves in my everyday use of computers and the internet.

    Bo
     
    Last edited: Nov 24, 2013
  18. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Speak softly... can't say the same for some users. Sheesh, why can't there be better people like tzuk representing SBIE instead here? It deserves better.
     
  19. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Who's selling anything? lol Now I'm lost.
     
  20. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Yes, LOL.
    http://www.bromium.com/products.html

    @J L, your personal feelings about SBIE users is off topic.

    Bo
     
  21. tomazyk

    tomazyk Guest

    I use Sandboxie for privacy reasons also and would recommend it to you. It's nice to know all local traces of internet activity are gone, once I close the browser.
    I never tried to use it together with tor, so I can't give you an answer to your second question.
     
    Last edited by a moderator: Nov 24, 2013
  22. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    He barely mentions Bromium in the presentation, but I think that conversation should stick to that topic. I thought you were trying to say JL was selling something, which was very confusing.
     
  23. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Sure I am, you're the type to stick to believing whatever you want. No point arguing that.

    Oh, the topic is what people think of Sandboxie. I am simply commenting on some of those people. If it's off-topic, why do you insist on continuing?
     
  24. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    C'mon man, is that really necessary? We're all pretty good people around here... we're all really blessed if you stop and think about it. Let's not let something like a great piece of software turn us around.

    You did kind of get things started off on the wrong foot with your "Beware of mobs" comment. Reel that sort of commentary in and I think we have a decent thread.

    I think that at the heart of the matter is that some people feel comfortable relying upon Sandboxie much more than some others do. Simple as that. Nothing worth trading barbs over.

    Am I right? ;)
     
  25. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    It's the truth when you've experienced what I have for what it is, a mob. That is not the only thread I've been attacked (nor am I the only one) for pushing alternative views. Nor is it bo elam's first nonsense claim, and he wasn't the only one. I'm not going to lie out of courtesy for this.

    Comfortable is an understatement. That is not what describes those who vehemently deny any evidence presented towards that that's not 100% true and damning. Instead, they undermine anything against their beloved software out out of obsession.

    But enough of that, my all of statements in this thread stand. I bet I've used Sandboxie before most of them and experienced the same defensiveness. You can read the same linked thread for the last days of that behaviour before reaching deeper understanding.
     
Loading...
Thread Status:
Not open for further replies.