Sandboxie issue.
-
@Gwen-Dragon, a simple partial workaround for Vivaldi, clearly explained, has now been posted on the Wilders website:
https://www.wilderssecurity.com/threads/sandboxie-technologies-sbie-open-source.428156/page-20It's not perfect, because it seems only to open Vivaldi in the default sandbox (although with attention to sandbox deletion, this is not a huge problem). Works for me.
Could the Vivaldi developers please get in touch with the techies posting on Wilders website and sort out what is to be done --- the simple workaround posted there seems to indicate to a non-techie like me that the issue is not too complicated. The issue now seems to be affecting all Chromium browsers as they follow Vivaldi in updating Chromium, and the workaround is reported to apply to some of them as well. It's not appropriate to avoid the issue by denigrating Sandboxie --- Vivaldi is all about giving choice and control back to the user.
-
@Gwen-Dragon, Thank you very much indeed for that warning. I am now quite out of my depth with all this, not being a techie, so could I suggest that you post your warning on the Wilders forum, where the method has been much discussed.
-
That workaround would only be temporary as the next chromium update would break it again,It is up to the sandboxie developer/s to make it compatible with chromium browsers and not the reverse,.At the moment there is a one man shop developing a sandboxie fork but as far as i am concerned sandboxie died the moment ronen left the project.
-
@Gwen-Dragon No gwen that is not strictly true as the browser would simply be running under the supervision of sandboxie so there would be no vulnerability at all as the browser would remain sandboxed.But i do think sandboxie has an uncertain future as the source code was open sourced and as far as i know only one so called developer is maintaining a fork,It was never the same program ever since tzuk left it.
-
@Qwen-Dragon: This now needs urgent attention and communication from the Vivaldi developers.
I am not a techie. I am an experienced PC user, very pleased indeed with Vivaldi. But like many others, I am growing increasingly nervous, and even frightened, about using the internet at all, given all the outrageous fraud and privacy invasion going on. For example, my credit card was seriously hacked a while ago despite my taking every care (repaid by the bank).
I use Sandboxie for security, and despite the fact that it is now an orphan (Sophos has dumped it, and no 'Sandboxie organisation' exists), it has continued to work perfectly for me up till now, along with a VPN and many other obvious things, including of course Vivaldi. I have to take advice on security because I am not a techie.
There are experienced techies on the Wilders website who seem to agree with what @Priest72 has just said, while you are saying that this is all nonsense, and the Vivaldi developers keep silence. We laymen have to rely completely on the techies --- and the Vivaldi techies are obviously excellent --- and it is now essential that there is agreement with the crowd at Wilders, or at least discussion.
Thank you for your patience --- it's not an easy issue.
-
@Montiverdi said in Sandboxie issue.:
Sandboxie, with its multiple sandboxes, is an excellent defence. It is unique amongst current software
I presume you said that within the narrow constraint of windoze? It's most certainly incorrect if you meant this as a blanket cross-platform statement. For Linux users there are several user-facing sandboxing tools available, one of which is
FireJail. -
@Gwen-Dragon until the next chromium update.
-
@Montiverdi no you are incorrect.sandboxie will not protect against a fraudulent and phishing websites And no it is not the responsibility of chromium or other browsers to accomodate sandboxie,it is up to the developer/s of sandboxie to make sure their 3rd party software works with the browser.The same principal applies to extension developers also.
-
https://www.wilderssecurity.com/threads/sandboxie-plus-sbie-fork.427755/page-25#post-2956198
It would seem the chromium developers will not fix this issue and it was not an unexpected reply.
So sandboxie to all intents and purposes only has one man at the helm(david xanatos) and he is going to have to fix his fork to work with chromium browsers.
-
Thanks, @Gwen-Dragon, for your continued attention to this issue. I don't understand the issues involved in the contrasting Sandboxie and Vivaldi sandboxes, so I won't risk using the --no-sandbox workaround detailed on the Wilders website.
The developer David Xanatos seems to be well advanced in developing a new Sandboxie fork from the open-source code that Sophos left behind, and has just announced that he has solved the problem with the new Chromium version. I will wait for his stable version, and I will use Firefox in the meantime for anything sensitive,
Do continue to look after your non-techie 'experienced PC users'. These things are very difficult for us, as I remarked above.
-
@Montiverdi what happens when he decides to throw the towel in.?
Sandboxie was a great program on windows 7 when browsers and windows had no sandboxing,but things have moved on since then and chromium has a very strong sandbox by itself.Like i have stated before sandboxie will not protect you from a phishing site or financial website .
unless david can speed up his game then every chromium update will bust sandboxie and the placebo workarounds will stop working eventually.
sandboxie has run it's course and one man resurrectionists like david will fall by the wayside.
-
@Priest72 said in Sandboxie issue.:
what happens when he decides to throw the towel in.?
unless david can speed up his game then every chromium update will bust sandboxie and the placebo workarounds will stop working eventually.
sandboxie has run it's course and one man resurrectionists like david will fall by the wayside.You seem to just wanna keep whining and making fuss.
What happens is what may happen with any freeware, it will not be updated. And what may happen with any FOSS, the source will be available to be forked.
A few years ago, Classic Shell's owner said he was gonna stop, because it had been years alrdy and that each new Win10 version was breaking something. Then somebody brought Open Shell to life.
David seems to be working on 3 FOSS projects. I guess he'd not adopt Sandboxie if he was willing to drop it a year later. In fact, he has a parallel Sandboxie Plus project where he wanna add new features and make some changes on existing ones as its GUI.
He also has a Patreon where ppl can support his work. If you wanna do anything minimally productive, why haven't you brought that and suggested anybody interested to contribute?
Sorry for feeding the troll.
-
@HikariWS Thanks for your wall of waffle but if you and your other sandboxie league of gentlemen wish to just carry on beating the dead horse then it is of course your perogative.
The windows operating system has progressed quite a bit since the windows 7 era and sandboxie is just not an essential shiny new toy anymore but is merely a rusty old relic from a bygone age.Sorry if your passionate feelings were hurt in my honest review of sandboxie and it's bleak future ,and relying on one man bands is never a good idea.
One day the toy will just break beyond repair and besides there are many viable alternatives available.
Sandboxie became irrelevant the moment tzuk left it.
-
I finished reading https://chromium.googlesource.com/chromium/src/+/master/docs/design/sandbox.md and I'm glad M$ finally implemented sandbox feature on its OS.
Sadly, it requires each software to have it implemented natively. "Legacy" apps and apps whose devs don't care remain without the security features. It also seems that most Windows Sandbox features are related to apps interacting with kernel - which of course is highly important - and little effect on the file system.
It also doesn't seem to replace Sandboxie features. In example, Windows Sandbox doesn't support relaying a file that an app writes to a sandboxed location, which later can be deleted. That's a very powerful and useful feature, as we can install and setup an app and then keep its settings/profile/etc the way it was, and revert it back as needed.
I even have a couple apps that I had installed inside a sandbox and don't exist at all on native Windows.
Chromium in example doesn't even support setting a profile's folder, we must rely on junction to move it elsewhere. FireFox on the other hand has it easily done.
Another important factor is privacy. I'd rather keep a clean profile folder and have all changed files deleted when the app closes or Windows restarts.
-
@HikariWS It also exists a fork of SandBoxie. Wondering if it helps.
About portability... yeah, it's a chromium limitation. -
@Gwen-Dragon Oh, tnx. I don't use containers too much - only Comodo Container sometimes - and didn't know SB+ was affected too.
-
Ppafflick unlocked this topic on -
Ppafflick moved this topic from Third-Party Apps on
