Sandboxie Plus (open source fork of Sandboxie)

[harlan4096]

Release Notes - New Features and Enhancements

Sandboxie-Plus 1.11.x comes with a new component ImBox.exe which in combination with new service and driver mechanisms enables exciting new functionality.

The ImBox.exe is a block device proxy for the ImDisk driver (which can be installed using the add-on manager introduced in 1.10.x) and is capable of creating dynamic RAMDisks as well as mounting Encrypted Box Images using DiskCryptor's robust and reliable AES-XTS implementation.

• The RAMDisks integration is available to all project supporters with a valid supporter certificate, it allows for seamless RAMDisk usage once configured on the add-on options settings page and enabled for selected sandboxes. The RAMDisk can be mounted without a drive letter providing a seamless experience, the appropriate Folders on the shared RAMDisk are linked to the default box root folder locations. The RAMDisk is NOT persistent this means that all data stored on the RAMDisk vanish once the system is rebooted, making such a sand box ideal to store transient confidential data.
  
  
• The Encrypted Box Image feature uses encrypted container files to store a boxes root directory (containing all files and the boxes registry hive) the mounted encrypted volume is by default guarded by the driver such that only processes runnign within the sandbox (and essential sbie+ components) can access the files stored on that volume. In combination with the "ConfidentialBox=y" option, host process read access to sandboxed processes memory is effectively blocked, ensuring no rogue process on the host can access confidential data in RAM belonging to sandboxed processes. The combination of this mechanisms creates secure enclaves, which ensure data processed within an enclave can not leak to the host (except for user configured OpenFilePath locations) and is protected even when the host would to be compromised (only adversaries which obtained kernel level privileges can bypass these mechanisms).
  

Note: As the new Box Encryption feature opens up a completely new branch of use-cases, which would merit being a separate product on its own, it requires a separate advanced encryption option which must be obtained in addition to a valid supporter certificate, except for the following certificate types: Contributor, Patreon, Huge and Large, all others need to be upgraded using a upgrade key which can be obtained on the web store and has to be entered on the support page.

Also for more clarity the available certificate scheme was restructured Small was renamed to Subscription, Medium to just Personal, Large was removed and a Family Pack subscription was added.

For a full list of changes and fixes please review the full Changelog.

Download: Release v1.11.2 / 5.66.2 · sandboxie-plus/Sandboxie

Source