I made a small comment about this, check the post at 7:45 pm.



Specifically regarding 3.55.01, yes, that's right.



A bit over the top but I appreciate the senitment. Would appreciate if future praise could focus on the software and not the person.

As for discussion about PatchGuard, I don't want to correct you and I don't want to start another discussion about PatchGuard again, least of all in this topic.

But Tzuk, you are Sandboxie



Sorry didn't mean to open that old can of worms again, who cares about that anymore? I just meant to say that MS wouldn't have a good reason to block this approach.

So happy right now.

Exactly After addressing software compatibility in the past few sandboxie versions, I'm glad tzuk is
concentrating on tightening its security aspects (not that much needed tightening in the first place).

I've been running 3.55.01 on Win7 Ultimate 64 bit for several ours now, trying it out in all circumstances with Outpost Security Suite 7.1, Mullvad VPN, Office 2007, Truecrypt and forced Firefox 4, Roboform 7, Outlook 2007 etc and it's running fine over here, without any glitch whatsoever in the presence of the added 64bit security, so IMHO a big leap forward in this release. Thanks a lot!

Is it alright to install 3.55 over 3.54? I have a 64 bit system

I installed sandboxie 3.55.01 and working perfectly...win7 home pro 64bit the course included experimental Protection(64bit)
Thanks Mr. Ronen...you did a great job....

I did it this way.

sometimes before I was doubting tzuk love for the 64bit version

he proves that I'm wrong , and I'm glad for that

thanks for the hard work, I'm really satisfied with the product

I run XP 32 bit but I am very happy about what you doing
to make the 64 bit version stronger. It makes SBIE better
and we, who love SBIE, can recommend it to more people.

Bo

Excellent work indeed. I thought that was an April fools joke someone posted on another forum, but luckily its true!

I think that the very small differences are not a big deal at all. If its possible to know when an EndTask API call is directed to an unsandboxed process, maybe Sbie could also cancel anything that attempts to do this instead of blocking this request directly since thats not supported.

Great work, Tzuk. Great news and Great support to all of us with windows 7 64 bit

Any thoughts about how to make that happen? Would it help if a hundred Sandboxie users submitted feedback to Microsoft to draw more attention to the issue? Maybe not, but just thought I'd ask.

@Mike
No, no need to talk to Microsoft about this, they don't care and they might try to hinder progress even more. In the past I've attempted to reason with KPPInput to cooperate with Tzuk, but all I got was a generic reply saying that the requested api "does not align with Microsoft's strategy in stopping malware execution" -- whatever the hell that means. Further correspondance with them led to lame and utterly meaningless suggestions that Tzuk should go to plugfests. At that point I understood why Tzuk was frustrated with this. Unlike what some people thought, he did try but all his requests fell on deaf ears.

This reaction reveals MS' deliberate strategy of kneecapping security vendors and any effective security software out there for their own benefit ,because they have now entered this industry.


@ Harry
Terminating processes outside the sandbox presents no risk as Sandboxie's protection is enforeced through its driver component which remains untouched from this technique. Sandboxie's processes provide more functionality on behalf of the sandboxed programs. By terminating these processes malware still can't escape, the only thing this achieved is more reduced functionality for itself.
In reality I would say Sandboxie now provides the100% on x64.

I bet if your suggestion was even possible, it would have crossed Tzuk's mind by now. I don't think that this is the way EndTask works.

My admin account that I use all the time (got no other account on the computer) got no password, does this mean a virus can lock me off from my own computer by setting a password?

(I'm not using a password because I want my computer to boot faster by login in right away)

is the user left free to choose whether to use this feature or not, am i wrong?