Sandboxie Support

Could reply the same if monami opened this topic?

What you are doing is named "ad hominem".

An ad hominem (Latin for "to the man" or "to the person"[1]), short for argumentum ad hominem, means responding to arguments by attacking a person's character, rather than to the content of their arguments.

When you run out of arguments, you attack the person, as Ronen did.

Is necessary to remember why I was banned? Ok, let´s go with it... I was banned because I wanted to know about the security implications of using "OpenWinClass=*" and Ronen did not want to explain them, so I insisted to get information from him.

The developer of a security product avoiding to answer about the security implications of the usage of one feature!!!!!!!!!!

And I was banned because I wanted to know about that!!!!

Blame me for doing that.



I did not think we would reach such level of pathetism again but I was wrong.

Hi Buster,

I will answer your questions, unofficially of course, as I am not affiliated with Invincea, but I think I'm right (somebody correct me if I'm wrong please):

1. Why is the main developer giving forum support? Why are not you full time dedicated to development?

Because it wouldn't pay off for the Invincea company to put other enployees into Sandboxie support. And also because Curt knows the most about Sandboxie's internals.


2. Who else is working on Sandboxie and what are their functions?

A couple of other guys but they do that in their left-over time as they have other, more important functions to do in the company.


3. Why a team can not give the same support just one person used to give?

Becouse the team does other, more important things as well. Invincea's world doesn't revolve around Sandboxie as Ronen Tzur's world did.


And by the way, I too would like to know how exactly "OpenWinClass=*" impacts Sandboxie's security. I had to enable that feature on a tablet computer to be able to make Sandboxie work with Windows 8.1 on it and I sadly still don't know the answer that would satisfy me.

Bellzemos wrote: I too would like to know how exactly "OpenWinClass=*" impacts Sandboxie's security.

It is right in the support pages
http://www.sandboxie.com/index.php?OpenWinClass
"OpenWinClass=* allows full communication with all windows outside the sandbox, but may interfere with some drag-and-drop operations."
The page also notes that
"OpenWinClass=# does not allow communication with any windows outside the sandbox, and may interfere with some drag-and-drop operations."

What more can be said? It is right there and has been for a long time. What more?
What is the impact on security? Obviously that answer is going to be setup and user and program dependent. Have you had any issues since adding the setting? Well then the answer is that in your case, the impact on security has been zero. You even have a choice - allow or disallow.

You could also use the search Authur Tzuk OpenWinClass=* and start at the oldest posts
http://forums.sandboxie.com/phpBB3/view ... 0&+#p18830
Posted 7 years ago...........
And at some point after that Tzuk invented OpenWinClass=#

I think I remember tzuk stating that this feature should only be used with "the programs you can trust" but was never really explained further.

"OpenWinClass=* allows full communication with all windows outside the sandbox, but may interfere with some drag-and-drop operations." - that sounds pretty vague to me. What does "full communication with all windows" mean?

I've had no issues since I only had the tablet for a month or so but from that "full communication" statement and tzuk's "only for programs that you can trust" statement I don't think I should be trusting Firefox running in a sandbox with that * feature enabled. But to make it work I have to. So that's one thing I'm not happy about.

Sorry for the off-topic.

Try switching that setting to OpenWinClass=# and see if whatever problem you have remains resolved.
Joe

Bellzemos wrote:I think I remember tzuk stating that this feature should only be used with "the programs you can trust" but was never really explained further.

Exactly!

I started asking about "OpenWinClass=*" just after Ronen´s comment where he said feature should only be used with programs you can trust. Messages are in the forum and this can be verified.

So I was banned because I wanted to know about the security implications and I would not let Ronen go without a clear answer. Just crazy considering Sandboxie is a security product using "Trust No Program" as slogan!!!!!

And now my ban, unfair without any doubt, is being used as excuse to ignore me. Crazy again!!!!

Bellzemos wrote:this feature should only be used with "the programs you can trust" but was never really explained further.

There is nothing to explain. It is the same with any open setting, such as openfilepath.

"the programs you can trust" = the setting for the program that the setting replies to.
OpenWinClass=* Applies to all programs
OpenWinClass=firefox.exe,* - Applies to only firefox

If you feel that firefox is "a program you can trust"

What OpenWinClass opens up exactly? What Sandboxie "leaks" out with the feature enabled? Files? I guess not. Registriy changes? Probably not? What then? What is permitted to "go out/escape the sanbox" with the * feature enabled? What can get changed in "the real system" when the * feature is enabled? I'd like a clarification on that, that's all.

I don't have the tablet at hand at the moment but I will try the # instead of *. But still, there is no real explanation what the # setting does either. I'm also guessing it won't work with the # but I'll try when I get to the tablet again.

And a little side-note for everyone: I don't think it's necessary to get on a personal level with the name-calling and such, I think things should be solved in a civlilised manner on this forum. Thanx for reading.

This is a good place to start to learn about Windows messages https://msdn.microsoft.com/en-us/librar ... S.85).aspx. The WM messages are the most important.

Of course, applications can define their own messages which most likely are not documented anywhere.

I went through some of the info about Windows Messages on the linked site but am not tech savvy enought to be able to tell what could potentially be exploited "in the real world" when having the OpenWinClass=* feature enabled. As I understand programs are sending "behavioural messages" to windows and the * feature lets those messages out of the sandbox, into the real system?

So a malicious program running in the sandbox could, for example, close a program window that is running outside of a sandbox - something along those lines? What else could happen (could you describe the worst case scenario maybe)? Or would you say it's mostly harmless (or even totally harmless) having the OpenWinClass=* feature enabled when surfing the web/being exposed to malicious code?

Thank you!

It is only limited by the malware writer's imagination. That is why it is a difficult question to answer. Malware in the sandbox could close windows, read/change their contents. open windows, activate menus, send keystrokes to windows, theoretically they could completely control an unsandboxed browser or other application (explorer, control-panel, etc.).

I would not recommend using OpenWinClass=* except when trying to diagnose problems.

Read this article on "Shatter Attacks" http://web.archive.org/web/200601151746 ... atter.html

Thank you for shining some light on the matter, I finnaly understand the risk now, at least to a certain degree. I don't really want to use the * solution since it's not too safe. The only reason why I'm using OpenWinClass=* is this:
http://forums.sandboxie.com/phpBB3/view ... 11&t=20859

Do you know what the OpenWinClass=# would do in terms of lessening Sandboxie's security compared to OpenWinClass=*? I'll try with the # instead of * when I get the tablet back in my hands again and see if it works.

Can you think of any other workaround to make Sandboxie work properly on a 32-bit Windows 8.1 tablet computer? I'd like to have as much security when browsing the web with a sandboxed Firefox as I have on my regular laptop (working without a problem, 64-bit Windows 7).

Thank you for the help!

It is ironic to suggest to use a feature only with trusted programs in a software which has as slogan "Trust No Program".

Buster wrote:It is ironic to suggest to use a feature only with trusted programs in a software which has as slogan "Trust No Program".

Buster, ¿qué pasó amigo? ¿Ya comienzas otra vez?
Yo te respeto y mucha gente lo hace pero ya esto se te fue de las manos amigo. Ya no es un simple reclamo por lo que ya sabemos, sino que te gusta ser irónico e insidioso con cualquier cosa que se comente. Nadie es perfecto pues la perfección no existe. Quizás el slogan sea un poco exagerado o no cubra bien todos los escenarios pero ya se necesita tranquilidad de tu parte. Sea lo que sea que haya pasado todos merecemos respeto en este foro. Take it easy man. Saludos.

Buster wrote:It is ironic to suggest to use a feature only with trusted programs in a software which has as slogan "Trust No Program".

It is completely irrational to waste so much of your life on a product that obviously makes you so miserable.

1 more complaint from Buster, and he will return to his pre-Invincea banned status. You are doing nothing but wasting a lot of people's time, irritating people, and damaging Invincea and Sandboxie as much as you can. Invincea does not provide this forum for you to trash. We have given you enough space to vent your spleen. ENOUGH!