Sandboxie...wtf!

[v3n0m]

I have been reading many posts in several forums around the internet, particularly Sophos but a few others, about Sandboxie . People are getting nothing but silence from Sophos and Barb@Invincia/Sophos when asking questions like:

 

Is Sanboxie being discontinued soon?

Will Sandboxie ever be sold again?

and @Barb still denies that the website was hacked and source code for Sandboxie was compromised. But no further response, just a NO.

 

I have noticed that posts were deleted on Sandboxie/Sophos temp forums. The particular posts were from people who advised to keep old copies of Sandboxie at their disposal, particularly v5.28. These people also had misgivings about v5.30, the reasons behind dropping support for all other versions, the inability to purchase Sandboxie and the reason for the site/forums to be "taken down". 

 

 

 

 

EDIT: some threads on Sophos forums now locked. Seems people are asking valid questions that @Barb and Sophos do not want to answer, or cant, not sure which scenario is worse, but both not good.

 

 

[steven36]

I never used Sandboxie  . now days Chrome  , Firefox  and Windows  have it own sandbox/isolation schemes also Linux have FireJail  witch is open source .  Most people never even heard about Sandboxie and the only reason  i know about is because  it always  was a cracking  target on warez forums .  It's overkill and a false sense of security  because i used cracks and things  for  over 18 years and was just fine without it, It's  just paranoia to think you really need it.

[mp68terr]

Not about security but sandboxie was a convenient way to unpack apps before uniextract.

[Sharelol]

 

[steven36]

18 minutes ago, mp68terr said:

Not about security but sandboxie was a convenient way to unpack apps before uniextract.

Universal Extractor and other tools to unpack software has been around for years

 here is a article  from 2007 on it

https://www.ghacks.net/2007/02/21/universal-extractor/

 

Witch i use to use a lot back when i used windows  a lot unlike sandboxie. Sandboxie had a lot controversy around it that  the x64  version never really worked right when the x64 version  1st came out and they never had no proofs they ever really fixed it..  you got hackers out there  that there life's work is getting around sandboxes  it can be bypassed .

 

 

 

[Karlston]

Moved from Security & Privacy News.

 

(Interesting discussion, but not really News. Better here)

[mp68terr]

25 minutes ago, steven36 said:

Universal Extractor and other tools to unpack software has been around for years...

Maybe I was aware of sandboxie before beeing aware of the extractors for apps then. Forgot when it was, years ago for sure, and very likely before 2007 😉

Now the extractors are working fine.

[v3n0m]

Ive read you guys posts and can see where you are coming from. For me though Sandboxie has always been a great security tool. Since discovering Sandboxie many many years ago I have never been pwned. Ive ran boxes side by side, one with and one with out Sandboxie, click on a few undesirable links and BAM, box without Sandboxie is pwned, box with Sandboxie is fine. It works so well, if properly configured, that I found many years ago that I didnt need an AV solution at all. Anyways to each his own.

 

But something fishy is going on, secrecy and silence speak louder than words sometimes.

[steven36]

58 minutes ago, mp68terr said:

Maybe I was aware of sandboxie before beeing aware of the extractors for apps then. Forgot when it was, years ago for sure, and very likely before 2007 😉

Now the extractors are working fine.

At lest sandboxie was easy to activate back then  and it was still  real sandboxie by Ronen Tzu .  It's about like McAfee it  has  had too many owners  but even back when  he owned here are some of the reasons i never used it .

 

There are various criticisms of sandboxing:

• it lures users into a false and complacent sense of security while it doesn't stop malware distribution (using exploits or social engineering)
• it makes life more difficult for beginner users while not stopping qualified hackers and errors of developers
• an owner of data is not free in treating them at his will;
• it stifles innovation
• it is senseless for realization in a separate platform
• it diverts attention of the problem in the wrong direction (from being, in essence, criminal and social to a technical one)

 

Now i use Linux most of my system is sanboxed  because it's just the way Linux is and Linux  can be hacked  if someone exploits it and gets Root some how , the same with Mac OS . Sandboxing don't replace good security hygiene it gives people a false sense of security were people think there safe when Microsoft and others have paid big rewards for sandbox escape  exploits.  Most hacking now days is just social engineering were they trick you into doing something stupid  were  sandboxing want help  at all .  And most people get there info stole because they store there info  on other peoples servers in the cloud .

[Ragdd]

That's very bad news, I use Sandboxie since a very long time and bought a lifetime official license.

It was handy to open files from unknow origins or email attachment that were doggy.

Even to surf to website that are not reliable.

Sophos is taken over all the good security software like Hitman Alert and Hitman Pro, is this a good thing?

[straycat19]

Interesting to read all the non professional, idiotic comments on a very professional piece of security software that has served a legitimate purpose for years.  It has been vetted by some of the most security conscious government entities and has been used by them for years.  I have used it for years on my home systems.  Before the use of virtual machines, it was the safest way to work with any download from the internet.  That is not to say that it is the only piece of security software you need, but that it is a valid tool in your toolbox.  I have some acquaintances in Sophos that I attended some malware and security classes with a few years ago in Chicago.  I will contact them and see if I can find out what is going on with the program.

[nsan3]

4 hours ago, straycat19 said:

Interesting to read all the non professional, idiotic comments on a very professional piece of security software that has served a legitimate purpose for years.  It has been vetted by some of the most security conscious government entities and has been used by them for years.  I have used it for years on my home systems.  Before the use of virtual machines, it was the safest way to work with any download from the internet.  That is not to say that it is the only piece of security software you need, but that it is a valid tool in your toolbox.  I have some acquaintances in Sophos that I attended some malware and security classes with a few years ago in Chicago.  I will contact them and see if I can find out what is going on with the program.

Thanks a ton @straycat19 , that would really help out the community. Cheers mate 

[pc71520]

On 5/19/2019 at 11:15 PM, straycat19 said:

Interesting to read all the non professional, idiotic comments

on a very professional piece of security software that has served a legitimate purpose for years. 

Amen. 

[dhjohns]

Now we have Windows Sandbox which is actually very nice.  It can be installed offline or online on many versions of Windows.  I am using it on Professional Workstation, and I integrated it to the install.wim before I intalled Windows.  It works very well.

[Radpop]

On 5/19/2019 at 11:15 PM, straycat19 said:

I have some acquaintances in Sophos that I attended some malware and security classes with a few years ago in Chicago.  I will contact them and see if I can find out what is going on with the program.

 

Two months gone: Can U tell us everything?