Advice Request Sandboxie and Spyshelter Firewall

[n8chavez]

Recently, I've been testing out the combination of Sandbox (5.49.5) and SpyShelter Firewall. I have a lifetime license for SSF, so I thought it might be worth a look. I've having an issue though; I cannot use Firefox running inside sandboxie with keystroke encryption enabled. If I try to the text is just garbled and random. (Keystroke encryption is supposed to prevent 3rd party spying, and should work fine in the intended app.) If I launch firefox out of a sandbox it works fine. Is there a sandboxie setting, or template, I need to apply to get Firefox to function correctly in a sandbox while also using SSF?

Thanks

 

[The_King]

I am using Sandboxie Plus 0.73 there is a Software compatibility section under the settings menu.
I believe 5.49.5 should have a similar section or you may have to edit the ini file.

 

[n8chavez]

I am using Sandboxie Plus 0.73 there is a Software compatibility section under the settings menu.
I believe 5.49.5 should have a similar section or you may have to edit the ini file.

Thanks. I know there is a software compatibity section, but I don't see anything listed there that has anything to do with spyshelter. Do you know of any specific exclusion and/or template that I need to add?

 

[ichito]

I think that Sbie is the parrental process for Firefox (check it in some process manager). If yes, probably you should exclude Sbie process from keystroke encryption in option...defaulty you will open list of excluded so just add needed process.

 

[n8chavez]

I could do that, and I might have to. But I'd prefer to have keystroke encryption present in firefox. In fact that's pretty much the only application I use that I could see the value in keystroke encryption. If that's not possible, I'll have to add it.

 

[The_King]

I could do that, and I might have to. But I'd prefer to have keystroke encryption present in firefox. In fact that's pretty much the only application I use that I could see the value in keystroke encryption. If that's not possible, I'll have to add it.

An update to Sandboxie has been released 5.49.7 with several fixes.

Release Release v0.7.4 / 5.49.7 · sandboxie-plus/Sandboxie

This build fixes many issues and improves on two important core mechanics. Additionally it solves the signature issue with windows 7 the provisionally signed driver shouldn't be longer needed. If y...

github.com

 

[n8chavez]

An update to Sandboxie has been released 5.49.7 with several fixes.

Release Release v0.7.4 / 5.49.7 · sandboxie-plus/Sandboxie

This build fixes many issues and improves on two important core mechanics. Additionally it solves the signature issue with windows 7 the provisionally signed driver shouldn't be longer needed. If y...

github.com

Funny...I was just reading that when I got the notification to your message. Thanks! I will install, then post here whether or not it worked.

-EDIT-

Unfortunately, nothing changed. Keystroke encryption still has to be disabled in order to read anything typed in firefox. I even deleted all my SSF rules, on the off-chance that I blocked some needed function, but allowing everything when I was prompted did not solve the issue either.3

 

[ichito]

SS in 12.5 version brings some changes of encryption engine. Maybe that's the source of issue so it could be worth to check 12.4 build. The second thing can be an option of Sbie to proyect against keylogging. I'm not using Sbie but I think you could check that and maybe is it possible to disable it for Firefox.

 

[n8chavez]

Well this sucks. It turns out that the issue is not restricted to Firefox; Brave, Chrome and Vivaldi are have the same incompatibility with Sandboxie and SSF. That tells me that the issue has to be related to hooks, and could be either one of the two apps at fault. It's not just a simple sbie config/template issue. The real confusing thing is that the issue is not present in other things that are run in an sbie sandbox with ssf keystroke encryption enable, such as my chat client (Miranda NG). That works perfectly fine.

 

[n8chavez]

Over a year later and there's still no fix for this? Has anyone gotten keystroke encryption to work om anything inside sandboxie?

 

[silversurfer]

My user experience, it's very difficult to report an issue to support of SpyShelter, in most cases has not a real chance due to low priority from developers point of view

 

[ichito]

There are different types of sandbox and sometimes is just physically isolated area on disk (like in Comodo and Qihoo...please correct if I was wrong) but sometimes just specifically restricted user account. Some time ago I've read on some security forum that Sandboxie's "sandbox" is in fact special hidden user account so maybe used restriction has something common to job of SpyShelter even if we think we made proper settings in Sbie.

 

[n8chavez]

There are different types of sandbox and sometimes is just physically isolated area on disk (like in Comodo and Qihoo...please correct if I was wrong) but sometimes just specifically restricted user account. Some time ago I've read on some security forum that Sandboxie's "sandbox" is in fact special hidden user account so maybe used restriction has something common to job of SpyShelter even if we think we made proper settings in Sbie.

I'm not sure where you read that about Sandboxie but it's wrong. Sandboxie has nothing to do with any type of user account, but it is not like Comodo's; a special isolated part of the disk. Or, in my case, a RAM disk.

 

[n8chavez]

My user experience, it's very difficult to report an issue to support of SpyShelter, in most cases has not a real chance due to low priority from developers point of view

And that's a shame. I'm clearly not the only one to have this problem. And, if I'm being forced to chose between the two, SpyShelter loses.

 

[JoeN]

Unfortunately other apps (like KeyScrambler, GhostPress) with keyboard encryption have similar problems with Sandboxie ...

 

[broughie]

Key Scrambler works fine with Sandboxie (version) 5.55.10 on my pc and with previous versions , in browsers Edge, Brave and Chrome .(tested)

 

[ichito]

I'm not sure where you read that about Sandboxie but it's wrong. Sandboxie has nothing to do with any type of user account, but it is not like Comodo's; a special isolated part of the disk. Or, in my case, a RAM disk.

It was link to some chinese forum in English location/translation (?) and for sure there was screenshot from disk with folder and some libraries and discuss about particular user account.