Author Topic: Sandboxie, or SandboxIE  (Read 304 times)

Offline Cobra951

  • Gold Member
  • *
  • Posts: 8,921
Sandboxie, or SandboxIE
« on: Friday, September 21, 2018, 11:33:53 AM »
Never too old to learn something new.  I did know about virtual machines, and how they insulate your real system from anything that happens inside of them.  But a sandbox is something else entirely.  It's sort of similar to a VM, in that it isolates what runs inside of it from your system, but it's not nearly as much of a pain to use and set up, and it only works on what you decide to put inside it.  In fact, this Sandboxie was cake to install and use.  Performance hit comes up front, as stuff gets mirrored from your system into the sandbox environment.  To run Firefox sandboxed for about a month without deleting the sandbox contents ate up just shy of 10 GB.

A bit of history:  Something happened to Windows Defender over the past few months.  Before, its real-time protection component was hardly intrusive, and seemed to know what it had already scanned and branded safe.  Now it has massive impacts on the simplest of tasks, like opening an explorer window on a folder full of program icons.  Near as I can figure, it's scanning every single folder the shortcuts point to.  Similarly, web browsing gets major holdups, and even booting the PC in the morning became slow.  I can't have that.  So I've been enabling and disabling the RT component depending on what I'm doing.  Not ideal by any stretch, and it motivated me to find alternatives.  I did not want yet another intrusive antivirus program, and perhaps even have to pay for it.  I happened on Sandboxie, and gave it a try.

Back to the present.  So, yeah, after a month or so, I don't know how I ever lived without this.  I had been running Firefox locked way down with both Adblock and Noscript.  The latter requires me to whitelist not only every single site I need enough to allow scripting, but also every single domain each such site in turn invokes to do its thing.  It's a massive pain, but in combination with a whitelisting firewall kept me critter-free through 2016 in Windows XP, and has been keeping me clean in Windows 10 since.  The sandbox obviates the need to be so anal about it all.  I've been enabling scripting on a lot more sites in the sandboxed browser, and I have the RT component of Windows Defender disabled most of the time.  It makes daily browsing much less of a chore.  I even visited some seedy sites and let them do their thing, which didn't take long to infect the sandbox.  Terminate all programs, delete contents, relauch sandboxed web browser, back to where I was.  Only caveat is that any new tabs I've opened, or any new bookmarks are gone too.  So it's something to keep in mind.  You can always launch the web browser outside the sandbox, and update your bookmarks or whatever. 

Another feature is that you can set some folders up to automatically recover downloaded files.  I always like to confirm before allowing copies of files from the SB environment into my real folders.  You can run many programs sandboxed too, not just the web browser.  That includes Windows Explorer, which lets you navigate your SB environment.  You can also copy a link from the SB browser into the clipboard, and then paste it into the address bar of the unboxed browser.  For example, the print spooler does not like SB, or perhaps vice-versa.  To print something, I need to go outside the sandbox.  It's probably also a good idea to do things like online banking outside the box, just in case something has infected the box without obvious symptoms.

There's a "free" version, which is what I'm using.  After 30 days, it puts up a 5-second nag window, then you click to continue.  Not ideal, but this is just too good to let that scare me off.  Registering I think involves a yearly fee, which I personally don't ever want to do, with any software.  (That's why I've left Office behind in favor of Libre Office.)  They're here.


Edit:
Quote
================================================================
For a trial reset remove the binary value under:

Windows Registry Editor Version 5.00

HKEY_CLASSES_ROOT\CLSID\{98E6BD24-2D93-41A5-BC6D-CB7C1507318B}


after that reboot. :)

After I started getting the nag box, I searched for a way to circumvent it, and found this.  I didn't post it until now because I had to verify it, but was afraid of tinkering with the Sandboxie install on my main PC.  So I installed it on my laptop, and waited over a month for it to start nagging me there.  (I didn't want to do anything different from the main PC, to be sure; so I didn't try any tricks with the system clock.)  Tried the registry hack, and it worked.

The reboot step is important.  Shutting down at the end of the day and powering on the next morning did not work, because I have fast boot enabled.  A restart is the only true reboot.

I also investigated buying the software, but as I initially thought, that is not possible since they were acquired somewhere along the way (Sophos or Invincea).  Now registered users must pay a yearly fee, which I won't accept from any software that isn't truly a service (e.g., a VPN).
« Last Edit: Saturday, November 03, 2018, 08:08:58 AM by Cobra951 »