REHIPS is not Sandboxie, and will not be.

Started by Umbra, June 14, 2016, 08:25:47 AM

Previous topic - Next topic

Umbra

Hello fellow users and testers.

Of course we are all used to Sandboxie because it is older and widely used, but don't make the mistake believing ReHIPS will work like Sandboxie.
ReHIPS is indeed a sandboxing application with an HIPS on top, so don't expect to run an application isolated by both ReHIPS and Sandboxie.
Don't misunderstand the HIPS denomination in ReHIPS, here it is used as the broad general term not as the feature (like the one in Comodo or others), in ReHIPS it is more an Application Control.
Be aware that ReHIPS isn't Sandboxie, however if some of the principles of ReHIPS and Sandboxie may be close or similar, they work differently.

1- ReHIPS and Sandboxie uses low-box token but each implemented it differently; Sandboxie does use hooks while ReHIPS doesnt.
2- Sandboxie uses a common isolating container (C:\Sandbox) for all users and applications, all isolation is shown on real desktop (via the colored border); ReHIPS isolate via "users profiles" materialized by Virtual Desktops accessible from the widget (browsers are however ran in real desktops).
3- ReHIPS allow you to creates rules on the fly via its HIPS hence allows you to allow/block/isolate processes/programs; Sandboxie just isolate, it doesn't allow/block programs on the fly (however it can be made to block processes via the settings).
4- Sandboxie allows quick recovery of sandboxed files to the real system; ReHIPS doesn't because recovering isolated files too easily is a security risk, the devs want to avoid that.
5- For the moment, unlike Sandboxie, ReHIPS doesn't isolate folders, but i expect this to be implemented in the future.
6- For the moment ReHIPS doesn't autodelete items in isolated environment (you have to manually delete the IE) but it is on the todo list.

There is other differences but those mentioned above are the basics to differentiate both programs.



Mr Cryptor

Quote from: umbrapolaris on June 14, 2016, 08:25:47 AM
ReHIPS is indeed a sandboxing application with an HIPS on top
What does HIPS stand for?

Quote from: umbrapolaris on June 14, 2016, 08:25:47 AM
6- For the moment ReHIPS doesn't autodelete items in isolated environment, but it is on the to do list.
What happens to those items? Is there a need to delete those items them manually? If not,
then why not?

Thank you for your post.

aDVll

Quote from: Mr Cryptor on June 15, 2016, 04:17:17 PM
Quote from: umbrapolaris on June 14, 2016, 08:25:47 AM
ReHIPS is indeed a sandboxing application with an HIPS on top
What does HIPS stand for?

Quote from: umbrapolaris on June 14, 2016, 08:25:47 AM
6- For the moment ReHIPS doesn't autodelete items in isolated environment, but it is on the to do list.
What happens to those items? Is there a need to delete those items them manually? If not,
then why not?

Thank you for your post.
Host Intrusion Prevention System = HIPS
Nothing happens to those items. They stay in rehips profile until you delete them.

Mr Cryptor

Quote from: aDVll on June 15, 2016, 04:31:35 PM
Nothing happens to those items. They stay in rehips profile until you delete them.
How can I go about deleting them?

aDVll

Quote from: Mr Cryptor on June 15, 2016, 04:40:39 PM
Quote from: aDVll on June 15, 2016, 04:31:35 PM
Nothing happens to those items. They stay in rehips profile until you delete them.
How can I go about deleting them?
Easier is to delete the whole application group in rehips profile and then reinstall the rules assuming it's not rules you have to recreate manually. You can also browse to the rehips profile and delete them.

Mr Cryptor

#5
Quote from: umbrapolaris on June 14, 2016, 08:25:47 AM
Hello fellow users and testers.
Hi there umbrapolaris.

Quote from: umbrapolaris on June 14, 2016, 08:25:47 AM
ReHIPS is indeed a sandboxing application with an HIPS on top, so don't expect to run an application isolated by both ReHIPS and Sandboxie.
Does this mean:
'Decide which of the two you want to deploy with Firefox? Cause ReHIPS won't let you
use SBIE again once it deploys with Firefox?'

I noticed that when I tried to sandbox Firefox with SBIE it wouldn't work, since
installing and deploying ReHIPS for Firefox. It seems ReHIPS preference here.

Actually I prefer to not to use ReHIPS with Firefox but rather use ReHIPS for another browser
on the same machine. How do I going about allowing solely SBIE to take care of Firefox and ReHIPS take care of other browser?
I need to do this ASAP. Should I start a new thread for this?

aDVll

Already told you how to run Firefox in sandboxie and stop it from being isolated by rehips. You need to read all the replies you got in the topics you made because you are asking the same thing again and again.
https://forum.re-crypt.com/index.php?topic=2427.msg4555#msg4555

Mr Cryptor

Quote from: aDVll on June 15, 2016, 04:43:58 PM
Easier is to delete the whole application group in rehips profile
ReHIPS profile in C drive\User\ Programs?

Quote from: aDVll on June 15, 2016, 04:43:58 PM
and then reinstall the rules assuming it's not rules you have to recreate manually.
From within the ReHIPS Control Panel? Where exactly is that done?

Quote from: aDVll on June 15, 2016, 04:43:58 PM
You can also browse to the rehips profile and delete them.
By profile you mean ReHIPS Control Panel?

aDVll

Quote from: Mr Cryptor on June 15, 2016, 05:07:18 PM
Quote from: aDVll on June 15, 2016, 04:43:58 PM
Easier is to delete the whole application group in rehips profile
ReHIPS profile in C drive\User\ Programs?
From rehips gui.
Quote from: aDVll on June 15, 2016, 04:43:58 PM
and then reinstall the rules assuming it's not rules you have to recreate manually.
From within the ReHIPS Control Panel? Where exactly is that done?
On the main page of rehips gui it has a install rules button to the left

Quote from: aDVll on June 15, 2016, 04:43:58 PM
You can also browse to the rehips profile and delete them.
By profile you mean ReHIPS Control Panel?
No i mean C:\Users\ReHIPSUserNumber

fixer

#9
Each isolated environment has a ReHIPS user associated with it. Each ReHIPS user is a standard Windows user with its own user profile folder in C:\Users\ReHIPSUser<X>. When you delete isolated environment (in Settings, Programs tab) its ReHIPS user is also deleted with its user profile folder (if it's enabled in Settings-Protection tab-Remove Isolated Environment, by default enabled).
You can Install rules by clicking button of the same name on the main ReHIPS Control Center window.

Mr Cryptor

Quote from: fixer on June 15, 2016, 08:13:10 PM
When you delete isolated environment (in Settings, Programs tab) its ReHIPS user is also deleted with its user profile folder
Once deleted its never retrievable regardless which method you use to attempt retrieve?

Umbra

Quote from: Mr Cryptor on June 16, 2016, 05:15:36 AM
Quote from: fixer on June 15, 2016, 08:13:10 PM
When you delete isolated environment (in Settings, Programs tab) its ReHIPS user is also deleted with its user profile folder
Once deleted its never retrievable regardless which method you use to attempt retrieve?

which methods? when you delete the IE , all related stuff are also deleted, (the rules, the user and its profile)

Mr.X

#12
QuoteREHIPS is not Sandboxie, and will not be.
Pretty obvious and I agree looking the underlying mechanisms they both use. But I don't agree ReHIPS can't mimic or copy to bring some useful features and incorporate to ReHIPS, so it could work in a similar way to Sandboxie.

My sole reason to trial ReHIPS:

ReHIPS utilizes Windows built-in mechanisms only, no hooks. Therefore I visualized it as a good alternative to use on Windows 10 to get stabilization and less conflicts for sandboxed processes, therefore a good replacement for Sandboxie. Everyone knows Sandboxie is having hard times on Windows 10.

But, again, I want ReHIPS to bring neat and well tested Sandboxie's functionalities, if possible of course.

Umbra

#13
Quote from: Mr.X on June 16, 2016, 06:58:02 PM
QuoteREHIPS is not Sandboxie, and will not be.
ReHIPS utilizes Windows built-in mechanisms only, no hooks. Therefore I visualized it as a good alternative to use on Windows 10 to get stabilization and less conflicts for sandboxed processes, therefore a good replacement for Sandboxie. Everyone knows Sandboxie is having hard times on Windows 10.

yes especially with the continuous fixes.

QuoteBut, again, I want ReHIPS to bring neat and well tested Sandboxie's functionalities, if possible of course.

From the very beginning, we have suggested features that a decent sandbox should have , some of them are similar to Sandboxie's ones.
My point is that some users  shouldn't use sandboxie as a basis to use ReHIPS. it is not because Sandboxie behave in a certain way that ReHIPS should behave similarly.

fixer

Quote from: Mr Cryptor on June 16, 2016, 05:15:36 AM
Once deleted its never retrievable regardless which method you use to attempt retrieve?
These files are deleted in usual manner like any other files/folders. You can try to restore them with some special software, like I accidentally deleted my files and want them back.