This release introduces several significant enhancements and fixes. It includes new features such as an automated cleanup of access and trace logs with a default retention time of 14 days, detection of missing program files in the program tree, and the ability to create custom user-defined program groups. Users can now clear individual trace logs, and clear the ignore list. A secure volume-specific access panel has been added alongside new tools like the Mount Manager Viewer and improved options in the Program Editor Window, including a browse button and icon picker.

Major changes include a complete overhaul of the access tree with a dynamic implementation better suited to user needs, reworking of NT to DOS path resolution, and enhancements to the program tree’s column display capabilities. Additionally, and the maintenance menu and program item deletion process have been refined.

Notable fixes address issues such as driver loading conflicts, consistency problems in CTreeItemModel, a crash in CTraceModel, and performance improvements in the *.dat viewer. The update also resolves issues related to service binary path changes and missing patterns for installed Win32 programs.

Download: https://github.com/xanasoft/MajorPrivacy/releases/download/v0.96.2/MajorPrivacy-v0.95.2-BETA.zip

Added

• added access tree cleanup, removed all entries refering not longer or never existing reosurces

• added option to clear individual trace logs of program items

• added option to ignore invalid resource accessa tempts (bad path syntax, etc)

• last network activity values are now saved to the programs.dat

• program item column counting all accessed files for any program item

• added autoamted Access log and trace log cleanup, default retention time is 14 days

• added detection of missing program files thay are indicated in gray in the program tree

• added clean up option to remove missing program items

• added custom user defined program groups

• added option to clear teh ignore list

• added option to run privacy agent as service

• added mount manager viewer

• added browse button to program editor window

• added icon picker to program editor window

• added secure volume specifiv access panel

Changed

• replaced the Access tree with a new dynamic implementaion more siutable for the user case

• the program tree now can display different column selections for each page

• reworked nt to dos path resolution

• improved maintenance menu

• improved program item deletion

Fixed

• improved driver loading added workarounf for outdated driver already being installed

• fixed consistency issue in CTreeItemModel

• fixed crash in CTraceModel

• fixed issue when a service changes its BinaryPath

• fixed issue not loading patterns for installed win32 programs

• fixed performance issues with *.dat viewer

We are excited to announce the latest updates to Sandboxie Plus 1.15.3, these updates introduce impactful new features, significant improvements, and critical fixes to enhance user experience, customization, and security.

For enhanced security, this release includes a mechanism to restrict access to sandbox folders to the user who created them. Users can also choose to retain or modify Access Control Lists (ACLs) on sandboxed files, providing more flexibility in access management, though this may introduce compatibility issues in some cases. Importantly, this update addresses a security vulnerability documented under CVE-2024-49360.

This release also includes the introduction of a user proxy mechanism, enabling user-specific operations, along with support for the Encrypting File System (EFS). By adding the configuration EnableEFS=y to sandbox settings, users can now utilize EFS within the sandbox environment. The new OpenWPADEndpoint=y option allows access to system proxy configuration, expanding sandbox functionality. Additionally, trace logging filtering has been enhanced, and by enabling LogMessageEvents in global settings, all Sandboxie events can now be logged directly to the Windows Event Log for better tracking and analysis.

Technical improvements in this release include refinements to the startup processes for SandboxieCrypto, ensuring smoother operations. Applications launched via drag-and-drop now consistently use their parent folder as the working directory, improving user experience. Compatibility with Windows build 27749 has been validated to ensure a seamless experience for users. Additionally, crashes affecting Firefox Nightly have been resolved, ensuring better browser compatibility.

We thank our contributors and users for their invaluable feedback and support. Update now to take advantage of the latest features, enhancements, and security improvements in Sandboxie Plus.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.3

Added

• improved ini section editor, it now supports search Ctrl+F

• added SBIE1321 to log all force process events, can be enabled with “NotifyForceProcessEnabled=y”, Improves #4113

Changed

• improved support notification

Fixed

• fixed issues with SSL on ARM64 platform, breaking updater and cert retrieval

We are pleased to announce the release of version 1.15.2 / 5.70.2, introducing significant new features, improvements, and fixes to enhance your experience.

In this release, we’ve added several new features to provide more control and customization options for users. You can now set specific MAC addresses and disk serial numbers for individual sandboxes, thanks to the contributions of Yeyixiao.

Users can now open a program in multiple sandboxes simultaneously, offering greater flexibility in managing applications. Additionally, a new “Description” field has been added to sandbox settings to help organize and document your configurations. For MSI installers, we’ve introduced the default-enabled “NotifyMsiInstaller” option to provide warnings (SBIE2194) when installers require exemptions.

Other notable additions include options to hide installed programs and the system tray icon, enhanced trace logging filtering, and the ability to monitor Sandboxie messages in the Windows Event Log. By enabling “LogMessageEvents” in the global settings, all Sandboxie events can now be logged directly to the system event log for better tracking and analysis.

This version also addresses several critical issues. We resolved a problem with signing the .tmp file during installation or updates, fixed DLL unloading issues, and corrected file and folder access behavior in resource settings. Improvements have been made to eliminate deadlocks during file renaming and to fix errors when moving files or folders. Additionally, Firefox Nightly crashes caused by Sandboxie have been resolved, ensuring smoother browser compatibility.

Finally, this release includes compatibility validation with Windows build 27749. A minor change ensures that when applications are run via drag-and-drop, their parent folder is used as the working directory for better consistency.

We thank our contributors and users for their valuable feedback and ongoing support. Update now to enjoy the latest improvements and features in Sandboxie Plus!

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.2

Added

• added “NetworkAdapterMAC=0,AA-BB-CC-DD-EE-FF” to set MAC address for each box (thanks Yeyixiao)

• added “DiskSerialNumber=DeviceName,1234-ABCD” to set Disk Serial Number for indivdal box (thanks Yeyixiao)

• added the ability to hide certificates in editbox in Global Setting (idea by Yeyixiao)

• added Opening a program in several sandboxes at once #4231

• added “Description” field inside the sandbox settings #4243

• added “NotifyMsiInstaller=y” enabled by default to display message SBIE2194 when an MSI installer is run in a box without the recommended exemptions #4330

  • SBIE2194: MSI installer requires ‘MsiInstallerExemptions=y’ option to be set in the ini to be able to work correctly, however this option weakens the isolation.

• added option to hide installed programs #4139

• added Hide Tray Icon #4075

• added improved trace logging filtering #4338

• added EventLog monitoring for SbieMessages #4113

  • add ‘LogMessageEvents=y’ to the global settings to log all sbie events to the system event log

Fixed

• fixed Sign the .tmp file that gets dropped when installing or updating Sandboxie Plus #2643 #4343

• fixed issue with DLL unloading

• fixed Files Resource Access – Browse for Folder – allows access to excluded folders #4007

• fixed “ForceDisableAdminOnly” is weird #4233

• fixed deadlock on no op condition when renaming file or folder #4304

• fixed Could not move file or folder #4329

• “Run Sandboxed” from the quick-previewer should have only one option #4339

• Sandboxie causing Firefox Nightly crashes #4183

Changed

• validated compatibility with Windows build 27749 and updated DynData

• when running via drag and drop now the apps parent folder is used as working dir #4073

The latest release of Major Privacy brings several substantial improvements to enhance user control and monitoring capabilities. Access logs are now saved to disk, offering long term, deeper insight into system operations. Additional features include auto-scrolling for trace logs, and filters within the program view, making it easier to manage and monitor activities effectively. The interface has been enhanced with new layout options and an improved, more intuitive behavior for navigating tree structures, including double-click expand/collapse functionality. Notably, a significant update to the Programs.dat format means older files won’t be compatible with this version. Alongside these new additions, several bug fixes address startup speed, driver compatibility with Windows 10, and minor cleanup issues, ensuring a smoother, faster experience. Major Privacy continues to build on its advanced privacy functions with a refined approach to access control, making it a powerful tool for users seeking robust protection of their personal data.

Download: https://github.com/xanasoft/MajorPrivacy/releases/tag/v0.96.1

Added

• access log is now saved to disk

• added option to trace registry accesses

• added dat fiel viewer

• added auto scroll to trace logs

• added fitlers to program view

• added new window layouts

Changed

• improved tree behavioure (double click to expand/colapse all sub branches)

• improved access tree behavioure a lot

• improved traffic view

• changed Programs.dat format

  • WARNING: the old file will be discarded and not impprted

Fixed

• fixed minor issue in driver post op cleanup

• fixed driver incompatybility with windows 10

• fixed issues with slow startup causing error messages

There is a new build it fixes many issues, especially the memory usage.

Download: https://github.com/xanasoft/MajorPrivacy/releases/tag/v0.96.0

Changelog:

Added

• added option to clean up all agent logs

• addes view filters and toolbars to variouse lists

Changed

• reworked volume rule handling, rules can now be stored in m p s y s file in the volume root itself

  • such rules can not be altered when the volume is not mounted adding protection against maliciouse modifications

• reworked password handoff to imbox to make it more secure

• improved mount error handling

• improved GUI

• improved access logging, allowed operations are now logged from the post op with status

  • this allows to ignore access atempts to non existing objects (see settings)

• improved finder bar

• when starting the agent now enums all loaded libraries

Fixed

• fixed issues with volume unmounting

• fixed issues with driver communication

• fixed dnscache related memory leak

• fixed a race condition in the process list

This build fixes a couple issues with 1.15.0 and updates compatibility to the latest windows insider build.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.1

Fixed

• fixed Sandboxie crypto fails to start in red boxes

• fixed issue with breakout process when using explorer.exe

Changed

• validated compatibility with Windows build 27729 and updated DynData

This build of Sandboxie Plus version 1.15.0 introduces several impactful enhancements, focusing on user-specific operations and security improvements. A notable addition is the new user proxy mechanism, which enables user-specific operations, as well as support for Encrypting File System (EFS) through the user proxy. By adding the configuration ‘EnableEFS=y’ to the sandbox, users can now leverage EFS within the sandbox environment. Furthermore, a breakout document feature has been implemented, allowing users to specify certain file paths and extensions that can escape the sandbox. However, users are warned to avoid paths terminated with wildcards as they may open up security vulnerabilities, enabling the execution of malicious scripts outside of the sandbox.

In terms of security, a new mechanism has been added to restrict access to box folders, allowing only the user who created the folder to access it by setting ‘LockBoxToUser=y’. Additionally, users now have the option to retain the original Access Control Lists (ACLs) on sandboxed files or modify them, providing more flexibility in access management, this may introduce compatibility issues though. Another new feature is the ‘OpenWPADEndpoint=y’ option, which allows to open system proxy configuration access. On the technical side, improvements have been made to the startup processes for SandboxieCrypto and Sandboxed RPCSS, as well as refinements to the user interface controls.

These updates mark a significant step forward in both the security and functionality of Sandboxie Plus.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.0

Added

• added new user proxy mechanism to enable user specific operations

• added Support for EFS using the user proxy #1980

  • to enable add ‘EnableEFS=y’ to the sandbox config

• added break out document functionality #2741

  • use a syntax like this ‘BreakoutDocument=C:path*.txt’ to specify path and extension

  • Security Warning: do not use paths terminated with a wild card like ‘BreakoutDocument=C:path*’ as thay will allow for executeion ot maliciouse scripts outside teh sandbox!!!

• added mechanism to set set box folder ACLs to allow only the creating user access ‘LockBoxToUser=y’

• added option to keep original ACLs on sandboxed files ‘UseOriginalACLs=y’

• added option ‘OpenWPADEndpoint=y’ #4292

Fixed

• fixed ImDiskApp uninstall key is always written to the registry #4282

Changed

• improved SandboxieCrypto startup

• improved Sandboxed RPCSS startup

• Set tab orders and buddies of UI controls #4300 (thanks gexgd0419)

In the latest release, version 1.5.6, several key updates and changes were made to improve overall functionality and performance. One of the notable adjustments is that Task Explorer (TE) no longer lists mounted VHD/VHDX files as disks, focusing solely on real hardware. This change aims to streamline disk management and ensure the system resources are utilized more efficiently by disregarding virtual drives. Additionally, the PHlib library has been updated to version 3.1.24258, continuing the effort to maintain compatibility with the latest technology and ensuring smooth operation.

Important Note:

This build has a unsigned driver hence it is required to enable test signign mode to use it

Download: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.5.6

In this release, we have introduced several new features and improvements that significantly enhance the user experience and provide greater flexibility in system operations. Most notably, users can now effortlessly obtain free 10-day evaluation certificates directly from the support settings page within the UI. These certificates are hardware-locked to the user’s machine and allow for up to three requests per hardware ID, making it easier to test and evaluate the system with minimal setup.

Furthermore, new options have been added to increase privacy and security, such as the ability to modify the Windows Product ID in the registry to a random value and to return random values for disk serial numbers and network adapter MAC addresses when queried by applications. These features add an extra layer of obfuscation to protect against unwanted system identification.

Other enhancements include the ability to terminate all processes when Sandman exits, a new option for configuring DropConHostIntegrity directly from the UI, and an improved shared template feature in the New Box Wizard. The number of available shared templates has increased to 10, and the template names can now be easily updated by adjusting the corresponding settings.

In terms of fixes, we have addressed several key issues, including improving the “HideDiskSerialNumber” functionality to prevent application crashes, correcting the format of encrypted proxy passwords, and resolving an issue related to the “NtQueryDirectoryObject” function to avoid easy sandbox detection. These updates contribute to a more stable and secure environment for users.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.14.7

Added

• added “RandomRegUID”(bool) which could modify Windows Product Id in the registry to a rand value

• added “HideDiskSerialNumber”(bool) return random value when applications tries to get disk serial number

• added option to get free 10 days evaluation certificates from the support settings page.

  • The evaluation certificates are node lcoked to the HwID and for each HwID up to 3 certs can be requested.

• added “TerminateWhenExit”(bool,in Sandboxie-Plus.ini) to terminate all processes when Sandman exits for #4171

• added a question box to ask for Sandbox Import Location for #4169

• added UI option to configure DropConHostIntegrity

• added “HideNetworkAdapterMAC”(bool) return random value when applications tries to get network adapter mac address

• added shared template selection to the Shared Template feature in the advanced options of the New Box Wizard #4199

  • The number of available shared templates has been increased to 10

  • To update the names displayed in the list, simply adjust the “Tmpl.Title” setting within each template

Fixed

• fixed and improved HideDiskSerialNumber option causes applications to crash #4185

• fixed encrypted proxy password was improperly formatted #4197

• fixed NtQueryDirectoryObject (should not return “STATUS_MORE_ENTRIES”) as this is a EASY Sandbox Detection #4201

This website is a work in progress it will present my Opensource tools that can be found on github:

Sandboxie Plus
Task Explorer
MajorPrivacy
DiskCryptor

You can support my work through donations, any help will be greatly appriciated.