What do people think of Sandboxie?

I read here a number of people mentioned Sandboxie, what do people think of it? Is it a good idea to run tor from sandboxie?

 

It would be hard to find an application better than Sandboxie, but i see your Linux avatar and unless they've made some changes recently Sandboxie only works in Windows..

 

Lol. Dont mind me, I just love the look of the penguin. With that said even though Im using Linux on some of the PC, I still have other computers running windows and sandboxie looked good and cheap to purchase. It seems good to download things and test them out first. Im just wondering if its also good to run Tor from sandboxie?

 

SBIE is a great app. Worth the price.
Wish it had not gone subscription, but worth the price, imho.

fwiw, I'm running OperaTOR in SBIE right now.
Works fine, bit slow but thats TOR not SBIE.

Also just finished running the latest TOR browser in SBIE.
Works fine, is faster but still a bit slow.

Created a separate sandbox for each browser.

 

Sandboxie is nice It does add an extra layer of security and privacy, as long as you use ccleaner/privaZer or a decent cleaning app to delete the sandboxie contents folder.

I still feel overall your better off using encryption and virtualbox sessions and a combination of both. And if you still wanted to you could use sandboxie as an additional layer.

 

Love Sandboxie. I use the full paid version and it rocks.

Question, since it applies to this thread. I use Linux VM's in virtualbox and on some machines the host OS is 7 Ultimate. Those machines employ sandboxie.

Soliciting opinions: would there be any security advantage to placing the Linux VM's inside a sandbox? Some of them are Whonix dual VM's and others are straight Linux. I think my host is clean but then one never really knows for sure. LOL!!

I would love to hear others' experience if they have run their linux VM's confined to a sandbox.


TheCatMan - I completely delete all contents upon closing the browser. I do that between ALL sites so its an empty sandbox before I ever click on a site. Every time no exceptions. That is my method!

 

Beware of mobs. Never talk about the negatives, unless you have the mental toughness to deal with the outcry.

SBIE is great software, but its power can corrupt ones thinking. Evidence of that is most apparent here.

 

A solid idea, not sure about the implementation. I don't know if Tzuk has changed from using SSDT hooks, and if not, how he's gotten around race conditions with SSDT hooking, etc. I really like projects that are super open about their implementation, because it lets people understand how they're more secure, or not more secure - it would be cool to hear more on this from him.

On 64bit I'm not sure how much userland hooking is relied on, I doubt much, I believe SSDT hooking and standard hooking are used more. That's a good thing if I'm right, since userland hooking is not useful. I think there's a minifilter driver involved, so that would make use of SSDT hooking/ everything else mentioned much better.

Closed source, which I'm not a fan of, but I don't blame him - not many have the stability to try to go FOSS. Single developer, also not a great thing when combined with closed source, but he seems to have done a very solid job on design.

Overally, I'd say Sandboxie is above adequate for the average user with average needs, not what I'd recommend for someone looking for a highly secure system - but I would never recommend Windows for that person either. For a "most secure" Windows, I'd probably want Sandboxie, depending on the needs.

 

Sandboxie since it's inception.

Always. An app for all seasons

 

Historian Will Durant said, "To speak ill of others is a dishonest way of praising ourselves."
Evidence of that is most apparent here.

 

Oh, maybe not for you, but that quote applies to quite a few SBIE users here. Unless of course, one of you can disprove that.

As for what I think about Sandboxie itself, it's a special freeware that allows one to sandbox anything and configure that pretty much to your taste. There are no worthy replacements as far as I know. Don't go overboard with it though.

 

Well, I have used Sandboxie and Shadow Defender both for different reasons. I think when it comes right down to it I prefer my entire system being virtualized as opposed to chosen apps.

 

By all means, I encourage you to search the Sandboxie forum for Tor, for lots of thread results.

 

I've never been a fan of sandboxing as a security policy or a primary defense. By itself, I consider it insufficient. For the average user, it's a good 2nd layer to a conventional default-permit policy enforced by AVs. In this role, it can attempt to contain any malicious code not detected by the AV.

IMO, SandBoxie is very useful from a privacy perspective. When set to auto-delete the sandbox, it's very good a removing usage tracks and browsing records. Even with this, Windows still manages to store some activity records, but they're beyond the scope that SandBoxie was intended to cover.

Regarding running Tor in SandBoxie, are you referring to Tor itself or the Tor Browser Bundle? If you meant Tor itself, is Tor running as a client or a relay? Assuming no operational issues, with the Tor Browser Bundle you gain the same benefits you would by sandboxing your normal browser. Given the restrictions already built into the Tor Browser Bundle, you're less likely to need that sandbox. As for Tor itself, I don't see any real advantage to sandboxing it. AFAIK, no one has managed to exploit it in a way that would result in code execution or anything similar. If Tor is running as a relay, the sandbox would be long term, weeks or months. I don't know what effect Sandboxie would have on its performance or on the overall system load with that many connections through it.

 

I think the SSDT hooking has changed. http://www.sandboxie.com/phpbb/view...&start=0&sid=f0b765fde18f2717b074a73bf4db4729.

 

Ah, Tzuk finally implemented it that way. Cool. That's the way I'd do it, so I can't really say much bad about that.

I'm in the process of writing a program that sandboxes Java, and it works very similarly to the way Sandboxie now apparently runs - instead of having the program be responsible for denying access, have it instead only be responsible for allowing access.

*Much* cleaner, much more secure.

 

Great quote and very true. Doing it as a selling technique, never works.

@Lucy, I ll like to describe Sandboxie borrowing the old proverb made famous by TR, "speak softly, and carry a big stick", that's how I see SBIE and its how it behaves in my everyday use of computers and the internet.

Bo

 

Speak softly... can't say the same for some users. Sheesh, why can't there be better people like tzuk representing SBIE instead here? It deserves better.

 

Who's selling anything? lol Now I'm lost.

 

Yes, LOL.
http://www.bromium.com/products.html

@J L, your personal feelings about SBIE users is off topic.

Bo

 

I use Sandboxie for privacy reasons also and would recommend it to you. It's nice to know all local traces of internet activity are gone, once I close the browser.
I never tried to use it together with tor, so I can't give you an answer to your second question.

 

He barely mentions Bromium in the presentation, but I think that conversation should stick to that topic. I thought you were trying to say JL was selling something, which was very confusing.

 

Sure I am, you're the type to stick to believing whatever you want. No point arguing that.

Oh, the topic is what people think of Sandboxie. I am simply commenting on some of those people. If it's off-topic, why do you insist on continuing?

 

C'mon man, is that really necessary? We're all pretty good people around here... we're all really blessed if you stop and think about it. Let's not let something like a great piece of software turn us around.

You did kind of get things started off on the wrong foot with your "Beware of mobs" comment. Reel that sort of commentary in and I think we have a decent thread.

I think that at the heart of the matter is that some people feel comfortable relying upon Sandboxie much more than some others do. Simple as that. Nothing worth trading barbs over.

Am I right?

 

It's the truth when you've experienced what I have for what it is, a mob. That is not the only thread I've been attacked (nor am I the only one) for pushing alternative views. Nor is it bo elam's first nonsense claim, and he wasn't the only one. I'm not going to lie out of courtesy for this.

Comfortable is an understatement. That is not what describes those who vehemently deny any evidence presented towards that that's not 100% true and damning. Instead, they undermine anything against their beloved software out out of obsession.

But enough of that, my all of statements in this thread stand. I bet I've used Sandboxie before most of them and experienced the same defensiveness. You can read the same linked thread for the last days of that behaviour before reaching deeper understanding.