Sandbox program Sandboxie is now freeware (soon open source)
Sandboxie, a sandbox program for Microsoft's Windows operating system, has been turned into a free application. The latest version, Sandboxie 5.31.4 was released on September 10, 2019; it is the first version of Sandboxie that is available as freeware.
Sandboxie started out as a shareware program for Windows to run applications and files in a sandbox on the running system. Created by developer Ronen Tzur, it was picked up by Invincea before Invincea itself was acquired by security company Sophos.
Sophos did not change the Sandboxie license initially when it acquired the assets. Sophos announced the license change on the official Sophos Community blog today. The company revealed plans to make Sandboxie an open source tool eventually.
The new Sandboxie version that Sophos released today does not require an activation code and does not restrict access to features that were available to paid customers only previously. In other words: all features of the premium version of Sandboxie are available for free as of today.
The paid version of Sandboxie supported several features that the free version did not support. Most notable the ability to force programs to run in the sandbox and the ability to create and use multiple sandboxes on the system, and even to run the same program in multiple sandboxes.
Sandboxie cannot be downloaded directly from the official website; Sophos added a form to the download process that users need to fill out before the download is unlocked. The company promises that the information won't be used for marketing purposes.
What about paying customers?
Sandboxie has been turned into freeware and it will become an open source program in the future. Sophos plans to hand over the program to the community. It is unclear if the community will be 100% responsible for the development or if Sophos engineers will work on Sandboxie as well.
Customers who purchased Sandboxie in the past are asked to update to the new version as well. The license terms don't change according to this FAQ for paid license holders but customer support will become community based.
Sandboxie is a handy software for Windows to quickly run programs or files in a sandbox for security purposes. While you can achieve the same using virtual machines, one of Sandboxie's appeals was that it used the underlying system for its sandbox which meant no installation of operating systems or slow startups.
Sophos would certainly have felt the wrath of the Sandboxie community if it would have stopped development. The release as freeware and later on as a community maintained open source project is a good PR move but also the best option for existing Sandboxie users and the future of the application. Who knows, maybe we will see Sandboxie creator Ronen return as a developer to the project.
Now you: have you used Sandboxie in the past? What is your take on the development?
Sandboxie hasn’t worked correctly on Windows 10 for years now, is full of exploits and bugs as well.
it’s worked fine for me, there was some breakage when 1809 first came out but that’s to be expected when MS keep changing how their API works. at present I have no troubles with it and it does exactly what I need it to do (install entire browser into sandbox and run it through a shortcut, never touching the main OS).
Please would you be kind enough to provide a link to your statement ” is full of exploits and bugs as well”.
I’m running 5.30, seems fine to me.
Do you have proof? What a stupid remark, spreading FUD without any evidence.
Yes, this Emanon is a FAH……
I’ve been using SB since 2004 when it was still freeware..’
I immediately saw the benefits compared to other choices at the time.
Never had a virus because of the protection.
Eventially -a couple of years later I bought several licenses, including family and friends
and never regretted it..
What is a FAH?
@ Peter Fah
Take the top definition
Oh well.. I was one of those who purhaced this thing long (!) time ago… well, maybe I got enough of fun with full version so no hard feelings. Let’s hope this tool evolves to something even better…
Something happened to SandBoxie last April.
The website stopped working.
There was a posting by officials on the Sophos forum website (post no longer available, maybe you need an account) saying there was a problem with the servers. The website was down for a while. Some people seemed to think something else was going on. Very mysterious.
Doesn’t Windows 1903 have a sandbox?
How do they compare?
The Windows Sandbox is like a hidden VM with automatic reversion – a scratchpad.
As such, it’s primitive both in comparison with hypervisors and Sandboxie. It achieves little for most purposes people use Sandboxie for.
I’ve used Sandboxie for years but stopped late last year. It’s great to isolate programs from the rest of the system or the internet without a full VM layer.
When Windows 10 became mainstream, Sandboxie’s development slowed down a lot to work around bugs and various incompatibilities with each semi-annual Windows “upgrade.” As such, there hasn’t been any major features or improvements while the interface and user experience still feels clunky.
Going open source sounds like a good move but we can only hope it can attract enough developers to put in the effort to make it good and competitive with other solutions like Shade Sandbox.
I fear it’s very unlikely you’ll get kernel mode driver development people to spend the requisite time, you’d have to be very selective in what you chose to maintain, I think.
Shade Sandbox is nowhere near Sandboxie in terms of its sophistication or complexity. The latter being the problem.
Cool, that’s all I can say.
Used to love Sandboxie
years ago, in my Windows days.
Simple and easy to use…
I now use Ubuntu Linux as my OS.
Anything similar to Sandboxie
for Ubuntu Linux?.
Unfortunately not. Sandboxie is one of a kind software. I use firejail in Linux to get some kind of isolation, but it is not the same thing.
Firejail and AppArmor are arguably better than Sandboxie, even if not an exact equivalence, at least it’s not reliant on tricky kernel mode drivers.
Hello, Martin – Is it correct to state that Sadboxie provides the same benefit as (Bitdefender) Safepay? i.e. can you go banking and do shopping transactions and feel equally protected? Thank you.
Good question as I was wondering what happens to the security software I currently have in place if the “sandboxed” program doesn’t allow any program in or out.
Answer: “If a browser is sandboxed, Webroot Secure Anywhere is put aside and cannot protect the browser.”
Does that mean, then, that I have to run all security software in the same sandbox to have the protection those programs offer?
If so, it doesn’t sound like much of a solution, rather a negation of what the other programs are doing.
Bitdefender SafePay is a “protected browser” according to BitDefender’s description that runs in a “sealed environment”. It seems to protect you when you are connected to unsecured Wifi networks, comes with a virtual keyboard to protect against some keyloggers, and offers some desktop protections next to that.
Sandboxie lets you run any browser in a sandboxed environment but it does not interact with Internet traffic nor does it provide local protections. You could use it to isolate the browser that you do banking with from the rest of the system but if you trust the system, that is not really necessary unless I’m overlooking something.
Sandboxie can isolate pretty much any app, not just browsers. Its mantra was “trust no program” – a worthwhile objective and one Windows has been very slow to provide effective protection for.
One of its very useful features is to allow you (not the application developer), to choose between internet access and local filesystem access, and that should not only apply to browsers although they’re the most vulnerable. So, for instance, you can allow office applications access to your filesystem but not the internet.
Browsers have been implementing their own sandboxes (as they should), which has made life harder for Sandboxie in some ways.
It’s great ap for people who download shady stuff from the internet.
Now you: have you used Sandboxie in the past?
>> 10+ years
What is your take on the development?
>> Fingers crossed
Great move by Sophos. More considering that SB was a “flawed” product to pay for compared to a true VM like VirtualBox (free and open source.) I know SB is simpler to use but still not as secure for the features listed (e.g. Application Testing, Data Protection.)
Well it’s possible to use SBIE in a VM (lots of sound reasons to do so), and also for those applications which you chose not to run that way.
If you want to run a Windows VM you need a licence for Windows to go with it…
Windows license always needed(!) – but on the retail side, you may have old Windows licenses around which allow VM operation; and enterprise licensing can allow for 5 VMs to run, I understand.
Of course, Linux VMs are preferable in many ways.
“Sandboxie cannot be downloaded directly from the official website; Sophos added a form to the download process that users need to fill out before the download is unlocked.”
No need to fill out any personal details, you can just download directly from Sophos’ site here:
Thanks for the tip.
You can also find a free mirror on a lot of other websites, e.g. Majorgeeks.com.
How did you manage to find that link?
link is now blocked
Note: one has to agree to their licence agreement and fill out a form with name company role and email in order to download I used all false information.
You don’t have to use false information.
Just check > Home User ; Company > N/A ; Department > Other
or RTFM !
*NEW* Instructions for filling out download request form
In order to download there is a new process for downloading to conform to complaince requirements based on country of request.
The information collected by the download form will not be used for any marketing purposes.
Instructions for filling out the download form:
All users fill out the First and Last name and your valid E-mail address.
For business users, enter your Job Role, Company and Industry information.
For home users, select “Home User/Student Facility” as the Job Role, then “N/A” for Company and Industry.
Download: Sandboxie Installer (See bottom section for OS support) (~2.5 MB) (md5/sha1)
Wow, never thought it would go freeware!?
I bought it way back in 2007 when it was still developed by the original author, Ronen Tzur, and I used it rigorously every day, until I switched from Windows to superior macOS around 2011-2012.
Since then, I have continued to use this program on every one of my installs of Windows, even though macOS is obviously my daily driver.
I think every install of Windows should always have Sandboxie installed, period! You do get more benefits when it’s unlocked, such as the ability to force processes to be auto-sandboxed, use multiple sandboxes at once, etc.. but now that it is freeware, everyone gets access to those features, so there is no excuse not to use it on every install of Windows now!
Sandboxes are playgrounds where your games will not affect your main OS.
Nothing related with securing your credentials on a net connection.
More like protect your computer data from malware on the web.
P.S. ” to superior macOS ” only in price, and an absolute lack of humble users.
Sandboxie’s sandboxed web browser (which opens your default browser, if not Metro Edge) blocks downloads. That has prevented many of my shops customers form getting hit with Ransomware. Two that did not use it, even though it was installed and worked, lost their files. What it does well, it does very well.
That’s good news. I have been using it for years, since XP, and it works flawless on W10 1903 on my computer.
I’ve been using sandboxie for years on my Windows installation. I mainly run Linux nowadays though, and it’s the only thing I miss. it has had its hickups but mostly worked really well. It gave a great peace of mind that you could configure your browser the way you wanted and then started it in a sandbox and let it delete everything that happened in that session when the browser was closed. I paid for a life time license but glad it now is free. Hopefully the development will continue.
Martin, a comparison with the built in sandbox in Windows 10 seems like an interesting article.
So I downloaded the 32bit and 64bit separated versions from major geeks and scanned them on VT, no detection.
However… the bundled 32bit 64bit version (https://downloads.sophos.com/inst/NPugQPrTvcM55lUN++Ad1QZD02MTAz/sandboxie/SandboxieInstall-531-4.exe) posted by
“Daffy Jones said on September 11, 2019 at 12:51 am” above got a detection by Yandex.
Sandboxie bundled 32bit + 64bit version
* Names with which the SW has been submitted:
It’s only Agnitum (Yandex) bitching about it so it’s probably a false-positive, could be something with OS version checks. WinDefender w/ latest definitions also considers this exe clean.
Yeah I would agree with you, but why isn’t Yandex bitching about the separated 32bit and 64bit versions?
Got excited until I read that it was spamware.
Sandboxie was already an abandonware in a sense so hopefully a proper open source move will breathe a new life into this tool.
I don’t want to install VirtualBox or use Windows Sandbox if I just want to run some program once or twice without it leaving its junk in the system or launch another instance of a program that can’t do that natively.
How is it abandonware, I’m running v5.30 which came out in April?
5.29 was February 2019.
the setup linked by Daffy Jones matches the md5 and sha1 hashes listed at https://www.sandboxie.com/AllVersions.
Sandboxie has always been buggy on Windows 10. It is evident that Sophos does not consider the effort to keep up with the Windows 10 releases worthwhile. They have clearly stated in their announcement: “Sandboxie has never been a significant component of Sophosâ€™ business, and we have been exploring options for its future for a while.”
Development on the kernel mode driver will be a challenge once it is made open source.
Unless Ronen Tzur or some one from Sophos gets involved, this is likely abandonware :\
I am still wondering why “Sophos who is promising that the personal information who the user has to provided won’t be used for marketing purposes”, really needs my information?
I think this is a very bad move, as it needs about two upgrades per year to keep up with Windows changes and any bugs that are found. (Note it’s had two this year.) Plus it needs a specialist skillset to do them. I suspect it’s in a bad way unless one of the current/past programmers puts some time in.
It’s great for things like installing an update you’re not sure about and if it’s bad just instantly being back at the previous version. Also for checking software installs don’t do anything “bonus” on the side (like adware).
P.S. History of changes:
Note we now have 5.31.4, but there is no info about what’s in that and 5.30 doesn’t see it as available if you check for an update. I think I might stay with 5.30 until I have an issue…
The changes for 5.31.4 are detailed on the download page. They’re just IE downloading fixes and removing the license check.
The open source plan isn’t finalized yet. The move is their justification to keep it low priority going forward. They will continue to own the product and probably do the basic Windows compatibility fixes if nobody else works on them.
What is the objection to filling out the Software Export Compliance form?
Fantastic! Assuming it does go open source and some devs pick up on it, then the future could it could become a very useful tool. Now if Microsoft would open source more of their code…
I might get some disagreements on this, but that is okay, it’s my personal opinion. Honestly, I would love to see Microsoft fork a version of this to implement into Windows 10.
Is there a portable version of Sandboxie?
> Is there a portable version of Sandboxie?
No. This is not possible because of the way how Sandboxie works. It needs to install some drivers.
“run the same program in multiple sandboxes”
How can you achieve that?
The commercial version supports that feature, see https://www.sandboxie.com/UsageTips
Been using Sandboxie for many many years – over a decade I think (It came out in 2004).
Thank you Sophos!
I’ve been using Sandboxie since 2004 on Windows XP and have a lifetime license that I bought in 2012 that has been honored so far. Since hearing about Sophos purchasing I was concerned this was the end, but this is very good news and much better outcome.
Hopefully Ronen Tzur returns once the Sandboxie code is released on GitHub.
360 Total Security (free antivirus software), has a built-in sandbox that’s super easy to use.
I’ve been using it for years with no issues.
Note that 360TS is owned by Qihoo, who is part of that Chinese consortium who bought much of Opera.
Also, 360TS gets “tech support” from PLA hackers. Those are the folks who keep winning bounties from Google for hacking Android.
In other words, if you work at the Pentagon or such, then don’t use 360 Total Security!
Otherwise, 360 Total Security is the best free software I know of.
This is good but sad as it means that it won’t be developed anymore.
After reading on the Sandboxie Forum that it does not appear to work on Windows 1909, I chose to not wait to see if it were true. After some research, I settled on free Comodo Internet Security. Both it and the Anti Virus standalone have sandbox features.The paid versions are very inexpensive.
The Comodo sandbox appears to work well, if not better than Sandboxie. I kept a couple of files and folders out of the sandbox (easy). The firewall can occasionally be a little overbearing.I had to research how to get into a PC using remote desktop and Teamviewer. I was successful (set a global rule to allow LAN access from and to the range on your local LAN.)
direct download links
I love using Sandboxie to see if my virus has any programs in it.
I went through the mills and needed to do all of these things (reverse order) to get control of Sandboxie. In particular if I open and close the browser without clearing sandbox content errors pop up. Possibly that is related to a browser extension. #1 below between browser sessions prevents that.
1) Delete content of Sandbox
2) Update browser
3) Uninstall and reinstall after shutting down AV checking
Step #1 required multiple steps so I found details on the Sandboxie site to do the job:
“C:\Program Files\Sandboxie\Start.exe” delete_sandbox
Close any sandboxed programs before running it or it will creatde an error. Deleting content via right-click sandbox icon, choose youjr box then delete content will close programs opened in the sandbox and delete content.
Try a batch file
“C:\Program Files\Sandboxie\Start.exe” /terminate
“C:\Program Files\Sandboxie\Start.exe” delete_sandbox
I paid the sandboxie long time ago, it was a one-time purchase, then they said they would make it yearly subscription and I was happy that I had purchased the one-time license and now I feel like an idiot for doing so.
Anyway, it is what it is.
“Sophos would certainly have felt the wrath of the Sandboxie community if it would have stopped development.” Hello Wrath.