This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Major Sandboxie News: Sandboxie is now a free tool with plans to transition it to an open source tool

Sophos is excited to announce that we are making Sandboxie a free tool, with plans to transition it to an open source tool.

This new evolution of Sandboxie is one we are enthusiastic about, but that does not mean this was an easy decision to make.  Sandboxie has never been a significant component of Sophos’ business, and we have been exploring options for its future for a while. 

Frankly, the easiest and least costly decision for Sophos would have been to simply end of life Sandboxie. However, we love the technology too much to see it fade away.  More importantly, we love the Sandboxie community too much to do that. The Sandboxie user base represents some of the most passionate, forward thinking, and knowledgeable members of the security community and we didn’t want to let you down.

After thoughtful consideration we decided that the best way to keep Sandboxie going was to give it back to its users – transitioning it to an open source tool.  We will release more information about the open source project as we continue to work on the details.

Until the open source transition is completed we have decided to make Sandboxie completely free.  We have included a FAQ below with more information. We will continue to update this post as additional details become available. 

 

Sandboxie FAQ

 

How do I get a free license?  What features are included?

Sandboxie currently uses a license key to activate and grant access to premium features only available to paid customers (as opposed to those using a free version).  We have modified the code and have released an updated free version that does not restrict any features.  In other words, the new free license will have access to all the features previously only available to paid customers.

 

What if I have time left on my current Sandboxie license?

Regardless of how much time might be left on your existing Sandboxie license, in order to receive the latest updates customers with currently valid license keys will also need to install the latest unrestricted free version .  This will ensure you have access to all Sandboxie features and are using the most up-to-date version of the product.

 

What if I currently do not have a Sandboxie license?

Simply download the unrestricted, free version. No current or previous license is required.

 

When will Sandboxie be released as open source?

We are investigating making Sandboxie open source, however we are still working through the details and timeline. We will update this FAQ when we know more.

 

What license agreement will apply to my existing, paid licenses?  Will the same agreement apply to the unrestricted, free version that will be made available?

The license agreement under which you originally obtained the paid licenses to Sandboxie will continue to apply to those paid licenses until the expiration of the applicable license term.   A new license agreement will apply to licenses of the new unrestricted, free version of Sandboxie made available for download. 

An update EULA can be found here: https://www.sandboxie.com/EndUserLicenseAgreement

 

Will customer support still be available?

As part of our transition to a free and potentially open source product, Sandboxie support will become community based.  The community will include developers directly involved with Sandboxie.




[locked by: Akhilesh@Sophos at 9:23 PM (GMT -7) on 24 Mar 2020]
Parents
  • Thank you for making Sandboxie open source, or at least for announcing you will. I guess if you won't maintain it anymore this is the best solution.

    About the new update, is it just to remove the paid limitations or is there any other fix?

  • Vivaldo Sagese said:

    About the new update, is it just to remove the paid limitations or is there any other fix?

     

     
  • Unknown said:
    Do you know the abilities required to update a tool like Sandboxie? Do you think any average coder will be able to keep it up to date when a Windows update breaks something or a software stops working sandboxed?

    Guys able to do such work earn lot of money and I doubt (I hope I'm wrong) anyone will want to do it for free.

    Let's face it, if Sophos thought it was worth continuing to develop Sandboxie, they wouldn't have discontinued it. Yes, this is the end of Sandboxie, but I'm still happy to know that knowledge won't be lost, whatever the code is actually worth. Even though right now it's just an announcement.

    Said that, people do much more impressive things for free, like entire OSes, not to mention that most of the web runs on open source software. It doesn't have to be for free though, I'm willing to pay again for a product like Sandboxie.

  • Vivaldo Sagese said:
    Said that, people do much more impressive things for free, like entire OSes, not to mention that most of the web runs on open source software. It doesn't have to be for free though, I'm willing to pay again for a product like Sandboxie.

    And how many time take those impressive things for free to be done? Years!

    Are you going to wait patiently for months when a software you use stop working?

    Ronen (one person) used to create bug fixes in a matter of days or weeks. When the software was acquired by a company, what happened? Things went better or worst? Now imagine the software being developed by people that don't have any urgence to get things fixed.

  • Unknown said:

    All of you who think that Sandboxie goes open source are good news have considered who is going to continue developing it?

    I doubt any Sophos team will do any work on it. If that happens... then what?

    Do you know the abilities required to update a tool like Sandboxie? Do you think any average coder will be able to keep it up to date when a Windows update breaks something or a software stops working sandboxed?

    Guys able to do such work earn lot of money and I doubt (I hope I'm wrong) anyone will want to do it for free.

    So this announcement is, and again I hope to be wrong, the end of Sandboxie.

     

    If Sandboxie had made money, Sophos would not be dumping it. This explains why there has been such poor support and little development for the last 3 years. So now the community is supposed to fix their own bugs. And yes, it will require experts. They will need to be kernel developers, know much windows internals, have the proper Microsoft driver signing tools, willing to work for free, a website for posting releases, etc. And it breaks every time a new Windows 10 build is released.

    Perhaps these future Sandboxie developers will chime in on this thread and tell us of their plans to continue Sandboxie.

  • Bite Me1 said:
    They will need to be kernel developers, know much windows internals, have the proper Microsoft driver signing tools, willing to work for free

    Exactly, and you don't find that kind of people on every corner.

    Not to mention the amount of time required to study and understand all the ins and outs of Sandboxie's code.

    Sandboxie going open source have almost all chances to be the end of the software.

  • Unknown said:
    Sandboxie going open source have almost all chances to be the end of the software.

    Sandboxie is already dead. Going open source might be its only chance to survive.

  • I wonder if tzuk would like to come back maybe we can crowdfund once it goes open source? Anyone know how to contact him?

  • It might be the end of THIS edition, if focus slows down, but think of all the forks that can come out of this. Some company bigger than Sophos, or more focused on Sandboxie stuff, is surely going to take a look at Sandboxie code and see what they can borrow to make their own version (fork) or to add to their existing product, so in that way, it's never dead. Even Microsoft might be taking a peak at it to see, because they are working on similar things.

  • apalm123 said:
    It might be the end of THIS edition, if focus slows down, but think of all the forks that can come out of this. Some company bigger than Sophos, or more focused on Sandboxie stuff, is surely going to take a look at Sandboxie code and see what they can borrow to make their own version (fork) or to add to their existing product, so in that way, it's never dead. Even Microsoft might be taking a peak at it to see, because they are working on similar things.

    For me it's completely useless if a company takes the useful parts from Sandboxie code to improve, let's say, their web browser.

    The reality punch some of you are going to receive will be epic.

  • Actually I am professional C++ developer and I am looking forward to it being open source. Will for sure take a look at it and I think many others will take too. I think you underestimate the skills available in the OpenSource community. Of cause it can go both ways but who knows maybe somebody drives a nice open source team and you will see interesting new sandboxie versions and also sepecialized sandboxie forks. 

  • I remember the very good cryptographic program TrueCrypt, which were dropped from its developers. In the first moment all people thought, that this will be the end of this software. But then the community created good forks of it, because the source code was available before the stop of development. And now i am using VeraCrypt, which is a fork of TrueCrypt, and it is getting regularly updates. And TrueCrypt / VeraCrypt also was a very complicated program, because the developers have to understand the cryptographic things, so not everyone was able to continue its development. But nevertheless the development continues. So i also think (and hope), that the wonderful Sandboxie will find some good developers, which are enthusiastic enough to update and develop it.

Reply
  • I remember the very good cryptographic program TrueCrypt, which were dropped from its developers. In the first moment all people thought, that this will be the end of this software. But then the community created good forks of it, because the source code was available before the stop of development. And now i am using VeraCrypt, which is a fork of TrueCrypt, and it is getting regularly updates. And TrueCrypt / VeraCrypt also was a very complicated program, because the developers have to understand the cryptographic things, so not everyone was able to continue its development. But nevertheless the development continues. So i also think (and hope), that the wonderful Sandboxie will find some good developers, which are enthusiastic enough to update and develop it.

Children
  • Ha!  So it did turn out to be an attempt to release to opensource.  This was my guess and my hope after reading all of the discussions.

    I am CAUTIOUSLY optimistic.

    Why cautiously?

    In a previous post some weeks ago I recited the story of an experience I had in the 90s with another (completely different category) program developed by another developer coincidentally about the same size as Sophos.  It was a "cult" program with an extremely loyal user group some of whom, such as myself, are still actively participating in user groups and related projects with it to this day -- 22 years after all development ceased.

    Like Sandboxie it is a kind of geeky program, and like Sandboxie it was at the very top of its game just before the developer decided to take it off the market.  Like Sandboxie that developer acquired the program from the original developer, treated it as a second string offering and felt it did not fit in with its business plan.  And like Sandboxie, Microsoft just coincidentally came out with its own similar program at the same time this other developer decided to stop marketing theirs.  The similarities between Sandboxie and my unnamed program in terms of circumstances is so striking that it made me suspect that Sandboxie might be going through the same thing as I experienced with that program in the 90s.  And that's why I made that prediction.

    The developer of program "X" announced they would be releasing the program to opensource right at the time of the intersection between the same exact circumstances.

    Now for the reason that I am only cautiously optimistic....

    After waiting for months...maybe even a year or more, they never released it.  The very day they promised to be ready to release it, they suddenly went dark and never said another word about it.  It was never released and never made opensource.  It was just buried.

    There were many rumors about what happened, but it wasn't until years later that the definitive reason was confirmed.  But sorry folks I'm going to have to leave you hanging.  I don't want to jinx this effort and I've got my fingers crossed that Sophos will do a better job with this project than that other developer did with theirs.  I want this to succeed.

    I am encouraged by the decision Sophos seems to have made.  But I'm still a bit rattled by the experience that happened in the 90s to this day and I hope it is not being ungrateful that I hold my thank yous until it is released.  I'll be glad to coat those thank yous in chocolate and put sprinkles on them when it actually comes to pass.

  • I will say now however, that I thank Sophos and the Sandboxie team for their efforts and for generously releasing the cost free Sandboxie version (which has already been done).  And for the considerable effort I know you have to go through to release it to opensource.

    I would recommend that now that you have made the decision to devote the resources necessary to release Sandboxie to opensource that you make every effort to follow through.  On the one hand it would create much goodwill for Sophos if it is released, and on the other probably create much displeasure if it is not.

    Think of the costs as a brand marketing expense to create goodwill for the Sophos brand.

    I wish you all good luck and thank you for your consideration and effort.

  • "But sorry folks I'm going to have to leave you hanging.  I don't want to jinx this effort and I've got my fingers crossed that Sophos will do a better job with this project than that other developer did with theirs.  I want this to succeed."

     

    Ha!  Forever the tease you are, Ryan!

    I say that good-naturedly.  The myriad concerns, thoughts and issues that you've expressed on this forum concerning Sandboxie/Sophos mirror mine.  I appreciate your posts.  [Y]