This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Major Sandboxie News: Sandboxie is now a free tool with plans to transition it to an open source tool

Sophos is excited to announce that we are making Sandboxie a free tool, with plans to transition it to an open source tool.

This new evolution of Sandboxie is one we are enthusiastic about, but that does not mean this was an easy decision to make.  Sandboxie has never been a significant component of Sophos’ business, and we have been exploring options for its future for a while. 

Frankly, the easiest and least costly decision for Sophos would have been to simply end of life Sandboxie. However, we love the technology too much to see it fade away.  More importantly, we love the Sandboxie community too much to do that. The Sandboxie user base represents some of the most passionate, forward thinking, and knowledgeable members of the security community and we didn’t want to let you down.

After thoughtful consideration we decided that the best way to keep Sandboxie going was to give it back to its users – transitioning it to an open source tool.  We will release more information about the open source project as we continue to work on the details.

Until the open source transition is completed we have decided to make Sandboxie completely free.  We have included a FAQ below with more information. We will continue to update this post as additional details become available. 

 

Sandboxie FAQ

 

How do I get a free license?  What features are included?

Sandboxie currently uses a license key to activate and grant access to premium features only available to paid customers (as opposed to those using a free version).  We have modified the code and have released an updated free version that does not restrict any features.  In other words, the new free license will have access to all the features previously only available to paid customers.

 

What if I have time left on my current Sandboxie license?

Regardless of how much time might be left on your existing Sandboxie license, in order to receive the latest updates customers with currently valid license keys will also need to install the latest unrestricted free version .  This will ensure you have access to all Sandboxie features and are using the most up-to-date version of the product.

 

What if I currently do not have a Sandboxie license?

Simply download the unrestricted, free version. No current or previous license is required.

 

When will Sandboxie be released as open source?

We are investigating making Sandboxie open source, however we are still working through the details and timeline. We will update this FAQ when we know more.

 

What license agreement will apply to my existing, paid licenses?  Will the same agreement apply to the unrestricted, free version that will be made available?

The license agreement under which you originally obtained the paid licenses to Sandboxie will continue to apply to those paid licenses until the expiration of the applicable license term.   A new license agreement will apply to licenses of the new unrestricted, free version of Sandboxie made available for download. 

An update EULA can be found here: https://www.sandboxie.com/EndUserLicenseAgreement

 

Will customer support still be available?

As part of our transition to a free and potentially open source product, Sandboxie support will become community based.  The community will include developers directly involved with Sandboxie.




[locked by: Akhilesh@Sophos at 9:23 PM (GMT -7) on 24 Mar 2020]
  • apalm123 said:
    It might be the end of THIS edition, if focus slows down, but think of all the forks that can come out of this. Some company bigger than Sophos, or more focused on Sandboxie stuff, is surely going to take a look at Sandboxie code and see what they can borrow to make their own version (fork) or to add to their existing product, so in that way, it's never dead. Even Microsoft might be taking a peak at it to see, because they are working on similar things.

    For me it's completely useless if a company takes the useful parts from Sandboxie code to improve, let's say, their web browser.

    The reality punch some of you are going to receive will be epic.

  • Actually I am professional C++ developer and I am looking forward to it being open source. Will for sure take a look at it and I think many others will take too. I think you underestimate the skills available in the OpenSource community. Of cause it can go both ways but who knows maybe somebody drives a nice open source team and you will see interesting new sandboxie versions and also sepecialized sandboxie forks. 

  • This is really awesome news the best news I got in month, I'm so happy!

     

    Cheers

    David X.

  • I remember the very good cryptographic program TrueCrypt, which were dropped from its developers. In the first moment all people thought, that this will be the end of this software. But then the community created good forks of it, because the source code was available before the stop of development. And now i am using VeraCrypt, which is a fork of TrueCrypt, and it is getting regularly updates. And TrueCrypt / VeraCrypt also was a very complicated program, because the developers have to understand the cryptographic things, so not everyone was able to continue its development. But nevertheless the development continues. So i also think (and hope), that the wonderful Sandboxie will find some good developers, which are enthusiastic enough to update and develop it.

  • People code entire operating systems and guess what, a lot more told them they wouldn't be able too, and now there are hundreds, and for free.

    When you look at something like "Cheat Engine" or "Process Hacker" these are some examples of open source projects that do "kernel" work and these are not highly payed professional devs owned by Google and MS.

    Thousands of other devs that don't touch "kernel" stuff continues to support their apps even with its continuous W10 updates, so don't lose hope.

    And lastly, Windows kernel changes don't happen that often (there will be none for 1909 for example), and when they do it's not always enough for things to break because of it. And finally, 98% of the changes needed for Sandboxie to "make work again" (example. Chrome updated something) are simply template changes that the "community" and notepad can easily figure out and fix.

    Oh and where was it said that Sophos will be providing literally no more support for it once it goes open source? They don't need to have a full time dev team working on it around the clock, but once every 6-12 months when/if Windows 10 has a major update and something breaks because of it, I'm sure one of their "kernel experts" will dish out a quick fix.

  • Ha!  So it did turn out to be an attempt to release to opensource.  This was my guess and my hope after reading all of the discussions.

    I am CAUTIOUSLY optimistic.

    Why cautiously?

    In a previous post some weeks ago I recited the story of an experience I had in the 90s with another (completely different category) program developed by another developer coincidentally about the same size as Sophos.  It was a "cult" program with an extremely loyal user group some of whom, such as myself, are still actively participating in user groups and related projects with it to this day -- 22 years after all development ceased.

    Like Sandboxie it is a kind of geeky program, and like Sandboxie it was at the very top of its game just before the developer decided to take it off the market.  Like Sandboxie that developer acquired the program from the original developer, treated it as a second string offering and felt it did not fit in with its business plan.  And like Sandboxie, Microsoft just coincidentally came out with its own similar program at the same time this other developer decided to stop marketing theirs.  The similarities between Sandboxie and my unnamed program in terms of circumstances is so striking that it made me suspect that Sandboxie might be going through the same thing as I experienced with that program in the 90s.  And that's why I made that prediction.

    The developer of program "X" announced they would be releasing the program to opensource right at the time of the intersection between the same exact circumstances.

    Now for the reason that I am only cautiously optimistic....

    After waiting for months...maybe even a year or more, they never released it.  The very day they promised to be ready to release it, they suddenly went dark and never said another word about it.  It was never released and never made opensource.  It was just buried.

    There were many rumors about what happened, but it wasn't until years later that the definitive reason was confirmed.  But sorry folks I'm going to have to leave you hanging.  I don't want to jinx this effort and I've got my fingers crossed that Sophos will do a better job with this project than that other developer did with theirs.  I want this to succeed.

    I am encouraged by the decision Sophos seems to have made.  But I'm still a bit rattled by the experience that happened in the 90s to this day and I hope it is not being ungrateful that I hold my thank yous until it is released.  I'll be glad to coat those thank yous in chocolate and put sprinkles on them when it actually comes to pass.

  • I will say now however, that I thank Sophos and the Sandboxie team for their efforts and for generously releasing the cost free Sandboxie version (which has already been done).  And for the considerable effort I know you have to go through to release it to opensource.

    I would recommend that now that you have made the decision to devote the resources necessary to release Sandboxie to opensource that you make every effort to follow through.  On the one hand it would create much goodwill for Sophos if it is released, and on the other probably create much displeasure if it is not.

    Think of the costs as a brand marketing expense to create goodwill for the Sophos brand.

    I wish you all good luck and thank you for your consideration and effort.

  • "But sorry folks I'm going to have to leave you hanging.  I don't want to jinx this effort and I've got my fingers crossed that Sophos will do a better job with this project than that other developer did with theirs.  I want this to succeed."

     

    Ha!  Forever the tease you are, Ryan!

    I say that good-naturedly.  The myriad concerns, thoughts and issues that you've expressed on this forum concerning Sandboxie/Sophos mirror mine.  I appreciate your posts.  [Y]

  • Redacted said:
    Oh and where was it said that Sophos will be providing literally no more support for it once it goes open source? They don't need to have a full time dev team working on it around the clock, but once every 6-12 months when/if Windows 10 has a major update and something breaks because of it, I'm sure one of their "kernel experts" will dish out a quick fix.

    The new EULA says that they won't provide support for the free version of Sandboxie, which is not the same thing, but it makes me think they won't work on it anymore. Right now they barely provide support for only for three web browsers and MS Office.

  • So what if they don't provide support anymore, there are enough skilled users out there that can fill in that role.

     

    Besides I'm more excited about that tools people can come up based on SB sources that are not sandboxes but other things, I already have a few nice ideas.

     

    An other important aspect to keep in mind is that Sandboxie being so deeply intertwined with the windows kernel would be a great resource/reference to windows kernel development. I'm sure one could learn a lot by studying SB's sources, a lot of students will benefit a lot from using the source as a educational resource for themselves.

     

    lets hope for a fast release.

     

    cheers

    David X.