May 2019 update of Windows 10 includes Microsoft's version of Sandbox [1]. Requires pro or enterprise version. This is based on the Hyper-V virtualization.
They also have "Defender application guard" [2] which allows launching websites to Edge running in Sandbox. There should be extensions available for also Firefox and Chrome for launching the sandboxed browser, but the browser running in the sandbox is anyways Edge.
Sandboxie is far better (or different - for its use case it is better). It doesnt use virtualization but rather hooks the APIs and redirects them to "in folder structure" where copy-on-write is used to keep local copy of registry, file system,... Far better and much less resource consuming aproach, its resource consumption is just a slight (I am talking about % or two) worse than native software, doing trampoline hook overhead is not worth mentioning, games will run at same speed. Imagine docker. You delete programs sandbox directory and all its traces are gone. I was its user for years (untill I have switched to linux due to some insane microsoft architectural decisions, like manifests and com junk within kernel32.dll) and was installing all the software into sandboxie, my base os was clean as "just installed". Give it a try, it is worth it. And now it is free :)
(Disclaimer: 20+ years development in low level windows world, from DRM to reversing malware and writting drivers. Dumped the windows completely and continuing on linux (didnt switch due to linux beeing any better, just windows got worse) and freebsd.)
Windows Sandbox doesn't replace Sandboxie. It's not a comparable product (yet).
Windows Sandbox launches an isolated, empty VM on every launch. This allows you to install and test software, but the contents are wiped after you close Windows Sandbox.
Sandboxie allows running arbitrary executable in it's own proprietary sandbox, with it's state being stored (and examineable) between runs.
There is at least one advantage I believe for using Sandboxie instead of Windows Sandbox: performance.
Using Win Sandbox, Edge sandbox, Defender application guard or Docker for Windows enables Hyper-V system wide and makes your current host Windows runs inside a special VM which incur obviously a small performance impact.
New Windows installations are already run inside Hyper-V, due to new security features like Memory Integrity:
> Memory integrity is a powerful system mitigation that leverages hardware virtualization and the Windows Hyper-V hypervisor to protect Windows kernel-mode processes against the injection and execution of malicious or unverified code. Code integrity validation is performed in a secure environment that is resistant to attack from malicious software, and page permissions for kernel mode are set and maintained by the Hyper-V hypervisor.
Unless your VM solution is a VMWare technonoly, in which case hyper-v gets turned right back off because VMWare has its own hypervisor that needs to run as low as possible.
Just announced that the next version of VMware workstation will be able to use hyper-v for compatibility with these security features (and more pressingly for their user base, WSLv2).
Just announced that the next version of VMware workstation will be able to use hyper-v for compatibility with these security features (and more pressingly for their user base, WSLv2).
Why? It's not the same as sandboxie in the slightest, it's a way to bootstrap a "clean slate" VM at boot, with everything you did in it getting destroyed when you reboot. That's the opposite of useful to home users (but perfect for entreprise).
The Windows Sandbox is just an auto-resetting, pre-activated Hyper-V VM. Nothing you couldn't do with your own off-the-shelf installation of Windows 10 in Hyper-V, and its probably a better idea so you get snapshots, advanced control over networking, and the ability to persist data for prolonged testing.
Sadly not having any means to add programs to Windows sandbox makes it unusable for me. Every time I reopen it to do something it’s in a bare install state with a bad version of Edge that slams me with just incredible amounts of advertising and pop ups.
The website takes me back to a certain era of computing -- the explanation of how sandboxing works is paired to a bunch of icons mostly of their time, and the illustration itself looks inspired by the Windows disk defragmenter utility.
"Download" is literally the eighth word on the page, and fourth word on the navigation bar. If a person can't see that, they're destined for a Darwin award.
The text is too small and spans most of the screen. Difficult to read on big monitors. Reading that grey block on mobile is also really straining. I actually just gave up and came to read the comments instead.
The word 'download' is exactly the same font as everything else. So it's hard to find. Why not have a button that stands out? There are 2 links called 'click here'. So you have the read the surrounding text before knowing where you want to click. I can't think of a good reason not to have a clear call to action button that stands out from the rest of the page.
Compared to almost any modern site, this is really bad.
I think you’re overrating modern web design. For example recently I have been frustrated at the amount of web sites I have been on which “respond” to the geometry of the browser by completely removing essential navigational elements of the site and giving the user no indication that anything is missing. This makes for example using the site in a web browser tiled to half the screen width on a laptop impossible.
This site even works perfectly on mobile, because it doesn’t change to simplify itself to the point of being unusable, like many modern web sites do, often even refusing to stop doing so when choosing “request desktop site” in the mobile browser.
You cut out the important part of what you're replying to. They'll only download it if they know what it is. For that, the page is poorly designed. It wasn't until I got down to the very bottom that I understood the user value proposition, which is explained in the review quote: "[...] Sandboxie, which lets you run programs independent of the rest of your system. That way they can't infect, access, or otherwise interfere with your Windows installation [...]"
I don't get it. The people who made the website clearly decided that an announcement that primarily affects the existing user base was more important than explaining them what sandboxie is for the ten millionth time.
Sorry, are we ignoring the fact that the primary nav, which any person familiar with "web sites" since the 90's knows to look at, has both "help & faq" _and_ "how it works" as options?
Are we talking about people who don't understand that if you want the actual details rather than the summary, that's not going to be on the landing page, but on their own dedicated pages?
We're not "ignoring" that. It's just that some of us are familiar with how fickle users are. Anybody making a product they actually want people to use should have a home page that explains early on the user problem and how the product solves that problem, and then makes it easy for people to get the product.
As an example, take this Android tool I just downloaded:
Very early on, the copy says: "Lockito allows you to make your phone follow a fake itinerary, with total control over the speed, altitude and GPS signal accuracy. You can also simulate a static location. This is the must-have tool for any Android developers who needs to test geofencing-based apps or just test his app on different locations."
It's a clear, concise description of what the tool does, who needs it, and why.
If you don't have that, will some people still rummage around and download your thing regardless? Sure. But fewer of them. And here, for a product that people may not know they need, it could be a lot fewer.
Now, click on the eighth word and try to figure out how to actually download. I'll wait. (And compare it to a modern site, say, firefox.com or chrome.com.)
I guarantee you this design would confuse a lot of people. Imagine you're not the computer savviest person around, how you'd read this.
- The large, bolded "Click to download" text isn't clickable, like pretty much every other "Click to..." prompt you've seen.
- After a moment of confusion you think oh okay, there'll be a list of links to places I can download it from then. But there isn't. There's just the product logo. Download the product from itself, maybe? But why is it written like there's supposed to be a list? Hm.
- Oh wait, after "Download the latest version" there's a separate section called "Downloads", that's where the downloads must be.
- Okay, down there after a while there's bold text that says "Download", but that's not clickable, nor is the text next to it that says "Sandboxie Installer." Keep reading.
- Ah, okay, here's a table with a single row for some reason, with a nice link "Download from this site."
- Wait, why did "Download from this site" take me to a completely different site? The address in the bar is totally different, the design is totally different, I've never heard of this new site before and it wants me to give them my job title, full name, company name, and zip code. Is this a popup ad? Is this a scam? I thought I was downloading it from that site I was just on.
Incidentally it doesn't matter as the form doesn't understand my country's zip code system and won't accept it.
Reading through your comment and looking back at the Download page, I think you're right. The linkified image is especially poor design (although, I think the intention becomes more obvious when there are multiple linkified images to common software-download destinations, e.g. SourceForge or FileHippo, as (IIRC) was previously the case).
I suppose it may just boil down to a fundamental difference of opinion; I don't really think it's necessary for every website to try to accommodate entirely non-tech savvy users — especially a site offering software that already assumes existing technical ability (if you can't negotiate an antiquated download page, you're probably going to struggle to use a lot of software of that era, including Sandboxie).
The topic of this thread is whether the website at question is “fast-loading, simple, information-dense and distinctively-styled yet still very readable” compared to today’s mainstream/recommended designs. My take is that information sprinkled in walls of text of dubious value instead of elements that naturally stand out is not readable or actionable at all. If your argument is tech-savvy people should be made to jump through hurdles to download this specific tool, then (1) I don’t agree with this pointless gatekeeping, time wasted is time wasted; (2) you’re not refuting my point.
Also, I can find the download link in maybe 5 seconds, but I bet my father who happens to be an aging software engineer, savvy enough to use this but getting slower, definitely can’t.
You're making the wrong assumption that getting as many users on board for an aging non-profitable non-core project is actually a goal.
I personally have a project that is in it's early stages and the worst thing that could happen right now is that it goes viral and then I won't be able to work on it at my own pace anymore. Having a user base of 3 people is already tiring enough as it is.
It feels like you're ignoring the fact that the people who will actually download sandboxie are quite a bit smarter, and quite a bit more familiar with "finding a download link" than the people you're describing?
A giant "download" button is perfect if your general audience is "everyone". Sandboxie is _nowhere near that level of popular_ nor could it be. Heck, that's literally why it's going open source right now: it's so niche, with such a narrow demographic, that there's isn't even any appreciable amount of money to be made from the people that DO use it.
I could get behind not calling users stupid just because they don't fit our assumptions.
And I hope you never lose half of your family to cancer within a 2 year period, like I dod. But, should that happen, you might appreciate what that word means. But I wouldn't call you "stupid" just because you don't get it. I'd say that we have different life experiences and assumptions.
I like this webpage. There are no ads, no popups, did not ask for my email, did not try to send me notifications, did not ask me to register, did not autoplay a video, did not hijack my scroll behavior, on parallax BS, no images of an open office in the background. In short NO NON-SENSE. It loaded in under 1s (for me), has all the important stuff right there at the top.
I do not want any product page to do anything more than this. Please.
From the same (only) page that asks for email, company, etc.
> Due to requirements of the U.S. government, export compliance is now mandatory when downloading our software. Complete the form to proceed with your download.
Not great. But I haven't seen a better page designed in 2019.
It is not hard to figure out what it is, apart from the news announcement and a download link it says it right there with one sentence.
Want to know how it works. Press "How it works". Want do download it? Press "Download".
Contrast that with today where you have to figure out which filter bubble the author of the page is in. Such niche questions such as: Which OS does this work on? Which language is this library for? Can be quite tiresome to find out...
Does the average person really want to download a tool that helps them sandbox windows applications? I mean, maybe they should want to, but do they want to?
Fun fact: you can have pages of useless text and it'll still load faster than a single jpeg. This page might look like it's from another era, but it also has the benefits of that era:
- it actually loads fast
- it works without scripts.
- it has no ads.
- it has no tracking beyond page analytics.
If those are the benefits, then please, give me more shitty looking websites like this for all the other essential software that should be found on any sane professional's machine, and any "taking personal responsibility" home user's machine.
Half of the content on the page is literally titled "What We Do" with a download link above it.
You're clearly disliking the design to the point that your criticism doesn't even make sense, if that's your complaint then say it outright instead of hiding it behind a lie.
how were they fast on 56kbps modem connections? i clearly remember having to leave my pc on all night to download a single mp3. for websites i would usually grab a book and read a few pages while the site loaded.
I have begrudgingly been pulled into SPAs as a developer, and at first I was very skeptical.
Now that I see what things like Angular can do, with lazy-loaded components, and only downloading JSON data and letting the client render the DOM, my pages are actually much faster and the UX is vastly better.
Yes, you need to download the Angular libs, but so many pages use them now they are likely cached, and are negligible in size for a fast connection.
After that, it's client-side routing and downloading mostly just downloading JSON from a REST API. You don't need to server to push a 5,000 row table with all the mark-up, you just grab that data and have the browser construct your table.
And yes, you can still copy/paste the URL. And save the page as HTML. And everything else you can do with a "non-SPA" page.
The times have changed. This website now needs pinch to zoom to be readable on smaller screens. Also the text is centered across the entire page, reducing legibility.
What I remember from that era is Flash, living through the shit show that was browser quirks and dealing with a front-end stack with no foundation in computer science.
Its pretty refreshing not needing to scroll past a full page logo. I'd argue that this spartan design speaks volumes to their potential clients. Fully pragmatic engineering with no frills.
For example, I'd like an easy way to run Firefox in a sandbox under Linux, without the overhead of running a full VM (which is just too resource intensive on my old, slow laptop), I'd like to be able to pull out files that Firefox downloads from the sandbox, and then delete the sandbox when I'm done. Also, Sandboxie can force particular apps to start sandboxed. All that is pretty easy to do from Sandboxie and is 99% of what I use Sandboxie for.
Firejail is probably what you want. I'd be wary of considering Docker as a jail - it does some isolation, but I've yet to see any serious effort or analysis of "safely run arbitrary code as root in docker and avoid escape" (the scenario being at least a full compromise of the app, with potentially an elevation to root in the container). Docker is "(shipping) container first" not "(CIA black site) container first".
Firejail isn't perfect - but it's at least designed to be a jail/sandbox.
There's also the possibility to use lxc via lxd - if you're running xorg you can forward x11 over ssh to the container (or vm). However access to xorg is problematic (eg shared clipboard, window/screen access).
Wayland supposedly does "everything x does" - but I don't know how you connect displays via the network.
But in the end (even though you requested "not vm") - I'd probably have a look at qubes os: https://www.qubes-os.org/
Afaik it mitigates the "shared xorg server" via using x-in-x nested servers (eg xephyr).
Also came across this, which appears to be a little better than "just" docker - but I'd probably still go with firejail or qubes os:
CentOS / RHEL has UID and GID mapping backported from the 4.x Linux kernel which podman supports. You can run as root in the container and still be remapped to a non-root user outside of it. If you want a locked desktop combine that with Guacamole docker images.
as already mentioned, Firejail https://firejail.wordpress.com/ is easy to use and was made at first to run Firefox in a sandbox. It has pretty neat options and can isolate the FS, make use of a temporary home etc.
LXC and LXD are system containers, which are similar to VMs but using Linux container facilities.
There is an entry-level guide at https://blog.simos.info/how-to-easily-run-graphics-accelerat... that describes how to setup a LXD container so that the GUI applications in the container appear on the host. Here, the GUI applications in the container are using the same X11 server as the host, therefore there is no effort for security isolation.
It is possible for those that are interested, to use features from `x11docker` (second X server, xpra, Xephyr) to provide security isolation with LXD containers.
For the Firefox use-case that you describe, you can setup Firefox and then take a snapshot of the container (`lxc snapshot ...`). Every time that you want to run Firefox, you can switch the container back to the snapshot state and start Firefox.
It's designed to be granular and programmable, so it's probably too low-level if you're looking for something like Sandboxie. I wonder if someone has published a set of rules that "just work", though…
Bubblewrap (https://github.com/containers/bubblewrap) on Wayland. You might have to make a chroot sort of environment for it for it to be convenient enough to use in practice unless you’re okay with exposing the (read-only) contents of /usr, for example, to the sandbox.
If you don't need a GUI then you can use Docker for basic sandboxing. It isn't a foolproof solution, but it's about as close as you are going to get without full virtualization.
As a long time user of Sandboxie, I'm excited to see this announcement and am looking forward to the open source release and what the community might be able to do with it.
Sandboxie's technology works extremely well for securely isolating all kinds of interactive Windows GUI apps, and might thus be be an interesting alternative to Microsoft's own Windows Container technology which is more focussed on servers and can't really do GUI's.
I'd love to see some experiments using Sandboxie sandboxes as Docker-style images/containers. Packaging a complete GUI app including dependencies and making it easy to run on another Windows machine without polluting it, without noticeable overhead, neatly integrating like you'd expect of a Windows app with things like window management or the clipboard, and all that while being securely isolated from the rest of the machine.
I use it as a dev tool. Mostly to test installers.
For example: Start with a clean slate, install the software, check that it works correctly, check what it actually installed and what it did to the registry, uninstall, check that everything is gone. It something goes wrong, scrap the sandbox and try again. Do it again with an older version installed in another sandbox, etc...
Maybe I can do it with a VM, but Sandboxie is very convenient and lightweight.
It’s great news that the source is being released, but I get the impression this essentially means the company will end active development and put the onus on the OS community for future updates.
> Which is much better than just declaring end of life and no further updates.
Undoubtably true, although I would add that it hardly promotes free software as a "generally good thing" if the landscape is full of zombie projects like this, devoid of any community that makes open source what it is.
> So you would prefer an Utopia where nobody pays for other people's work but they still make it available for free and work on it forever?
That's not what GP said, and I'm not sure how you got there from them pointing out this was likely the end of development. From the community guidelines:
> Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith.
Thank you for your comment, perhaps I was too harsh. Must be shell-shock from other commercial/open-source products.
onus is a formal word for responsibility or obligation. Until recently, the authors only had a responsibility to their paying customers. Open-sourcing the product instead of abandoning it is also a responsible choice.
How far must somebody take repressibility? Lifetime of unpaid updates seems a bit much.
It would be awesome if Tzuk came back around and maintained it. He/she could afford to donate some time after the windfall... *well deserved windfall, especially after the transitiin to x64 difficulties.
To think I have forgotten about this for so long, it is unique for web browsing and web development. It's useful to run untrusted binaries files that may create lots of garbage and easier to simply wipe temporary data in an isolated environment.
I have a few hundred Citrix VDI users, many of whom need to occasionally download a WebExLongHash123.exe file. Is there any way to use Sandboxie to auto-run these downloaded files in the sandbox so that if they are actual malware, it won't affect the rest of the system?
Sandboxie seems to have been a good product with bad pricing and bad marketing. I remember paying for Sandboxie around 2011 and not realizing it was a yearly subscription. When the year ran out, that was the end of Sandboxie for me- I didn't want to repay for the same functionality for a home computer. For corporate use however, an annual fee makes more sense.
I don't know how long ago that was but I used it about 10 years ago and I remember having to wait 5(?) seconds to launch a program because you had to pay to remove that restriction.
Came here to say that. Though I vaguely remember them trying some paid options even before Sophos. I recall using Sandboxie on Windows XP and Vista, back then it was incredibly useful to have such a tool.
It was definitely paid software when I started using it back around 2012. There was a lot of uncertainly earlier this year when they stopped accepting orders without notice. Existing users could not renew their licenses and people were worried that the program may just be discontinued for good. Is quite fortunate that things turns out for the better.
How? Is it running in the kernel, or is it some sort of debugger trick where any sort of system call gets trapped and handled by a sandboxing coprocess? Or is it an in-process library? (!!)
Statically linked binaries aren’t exactly a “thing” on Windows... https://reverseengineering.stackexchange.com/questions/2070/... It appears to patch the SSDT table to intercept system calls to the kernel, and based on forum thread titles, has been caught by PatchGuard in Windows before, but I haven’t investigated myself.
From what I can tell, once a privileged process like a kernel driver, starts messing with memory it doesn’t own, like SSDT tables and loaded user-land DLLs, well, game’s over as far as system integrity’s concerned. PatchGuard does integrity checking, but I presume given how common it is, there are known ways to fool it or disable it, perhaps by poisoning whatever it uses to check the SSDT memory.
I'm really curious how Sandboxie defends against simply bypassing all DLLs altogether (including ntdll.dll), and performing direct Windows kernel syscalls?
Is there something a linux user should take note of? Or is it Sandboxie an attempt to reproduce features like kvm/qemu to windows world? Looks like a cool tool but currently not sure what I would do with it besides of what I do with Linux already.
They also have "Defender application guard" [2] which allows launching websites to Edge running in Sandbox. There should be extensions available for also Firefox and Chrome for launching the sandboxed browser, but the browser running in the sandbox is anyways Edge.
[1] https://techcommunity.microsoft.com/t5/Windows-Kernel-Intern...
[2] https://docs.microsoft.com/en-us/windows/security/threat-pro...