Shade Sandbox: New Sandboxing App


shade-folderI’m always interested in new programs that help users stay safe online. I’ve been a great advocate for Sandboxie over the years and still firmly believe that it, or something very similar, should be mandatory on all systems. These types of security programs work by isolating data/files in a virtual environment, or sandbox, completely separate from the system. The end result is that nothing; no malware infections, PUPs, inadvertent installs, nor anything else, gets anywhere near the system and so can’t cause any harm.

So, I was pretty excited when I recently came across a new sandboxing software called “Shade Sandbox“, and decided to take it for a test drive. Shade Sandbox comes to us from Cybergenic Corporation, a US based company, and, at the time of writing this article, the software is free – although, a license key is required to activate the software (more on that later).

Shade Sandbox Download & Usage

Download is a 14.3MB executable which scans 100% clean through Virus Total. The installation process is also clean, with no bundled extras or nasty surprises to worry about. Something which did come as a bit of a surprise occurred early on in the installation process, when I was asked to input my full name and email address so they could send me an activation code:

shade-registration

The Cybergenic Corporation also provides an “Enterprise” edition for companies at a cost, so I’m guessing the exact same software is distributed to all users with the only distinction being between personal and business use. Under those circumstances, the simplest system is probably for everyone to require a license key to activate – personal users get their key for free, business users have to pay.

In my case, an email from Cybergenic arrived within seconds informing me of my license key, and also including the following instructions for activation:


1) open Shade user interface by clicking Shade icon in your system tray;
2) click Cybergenic Shade button in the upper left corner of the window;
3) click Activate button and enter your license key into corresponding field.

Once installed you’ll see a new icon in the system tray which you’ll need to right click in order to access the program’s interface. The first thing you’ll need to do is activate the software as per the instructions above. Shortly after activation you should receive a popup message which you can click to automatically add your browser(s) into Shade’s protection – in my Windows 10 system, Shade automatically added Firefox, Chrome, and Internet Explorer but not Edge. You can also add any browser or application manually by simply dragging and dropping the shortcut or executable into Shade’s interface. From there on, it’s just a simple matter of starting the application as per normal and it will automatically run under Shade’s protection:

shade-interface

As you can see from the above screenshot, the interface is very minimal. There are no settings/preferences as such, just a list of programs under Shade’s protection and a number of function buttons at the bottom where you can remove an application or clean out Shade’s virtual folder (aka the sandbox) which is contained in the root of the system drive, usually “C” drive. And for any files you’ve downloaded and may want to keep, Shade automatically offers an option to move the files into the “real” file system for you.

Whenever a browser or application is running under Shade’s protection, you’ll see Shade’s icon displayed at the left of the associated Taskbar button:

shade-browser protection

Shade protecting Firefox

Once browsers/applications have been added into Shade they will then automatically run in the sandbox and there is no simple option to switch the protection on and off per application. To disable Shade’s protection and run a browser/program normally, you’ll need to highlight the item in Shade’s list of protected applications and then click the “Remove an application from Shade” button. Then, when you want to run the browser/program again under Shade’s protection, you’ll need to drag and drop the shortcut back into the interface. A tad clumsy but it works just fine, and I can appreciate the logic that this type of automatic protection is definitely preferable from a security point of view.

When you’ve finished whatever you were doing under Shade’s protection and closed the application, simply click the “Clean up Shade” button to delete all data. There is one aspect to this which I don’t quite understand – when the “Clean up Shade” button is clicked, a popup appears notifying the user that a reboot may be required:


shade-reboot message

To be honest, I’m not sure what the “Files currently in use” might be. Surely once the sandboxed application is closed, there are no files in use. That said, after running several browser sessions in Shade and then then clicking the “Clean up Shade” button, the virtual folder was empty each time, without requiring a reboot.

Shade Sandbox – Startup

Shade Sandbox is set to automatically start with Windows by default and there is no option to change this behavior. Which, I’m assuming, is a deliberate move by the developers to ensure that protection is always on. Personally, I wouldn’t recommend changing the default behavior. However, if they’d prefer, users can easily disable autostart via msconfig > Startup or, in Windows 10, Task Manager  > Startup.

Shade Sandbox – The Good

shade-why sandbox

  • Undoubtedly Shade’s major attraction is its sheer ease of use. The drag and drop system for placing applications under Shade’s automatic protection could not be simpler.
  • Most, if not all, users will benefit from Shade’s system of “always-on” protection rather than having to rely on remembering to switch it on each time – bear in mind that any needed/wanted files can always easily be transferred over to the “real” system.

Shade Sandbox – The Not So good

  • Nothing really, not so far anyway.
  • Internet Explorer problems – I tested Shade in a Win 10 system with all three browsers, Firefox, Internet Explorer, and Chrome, and it worked well with both Firefox and Chrome but NOT with Internet Explorer. When running Internet Explorer in Shade, browsing  slowed to a crawl and the system eventually locked up requiring a forced reboot. Mind you, running Internet Explorer normally in my Win 10 system is problematic anyway, it never seems to work properly.

The Verdict

Any sandboxing type program is, in my opinion, highly desirable. Users can surf around until their heart’s content without any fear of malware infecting the system – sandboxing provides the ultimate protection. Shade Sandbox has one huge plus, it is just so simple to use, with no daunting configurations or complexities to worry about. Perfect for novices and those not familiar with the sandboxing system. Recommended? You betchya!

 

About the Author

Jim Hillier

Jim is the resident freeware aficionado at DCT. A computer veteran with 30+ years experience who first started writing about computers and tech back in the days when freeware was actually free. His first computer was a TRS-80 in the 1980s, he progressed through the Commodore series of computers before moving to PCs in the 1990s. Now retired (aka an old geezer), Jim retains his passion for all things tech and still enjoys building and repairing computers for a select clientele... as well as writing for DCT, of course.

18 Comments

  1. No Joseph,
    SYSTEM REQUIREMENTS
    Operating System: Windows Vista SP2 x32/x64; Windows 7 x32/x64; Windows 8 x32/x64; Windows 8.1 x32/x64; Windows 10

  2. I have often thought about but have been hesitant to try one of these until now. However since I use IE11, also in Win 10, it looks like based on your review I won’t be able to make my first try with this one. 🙁

    • David, I wouldn’t let my experience put you off mate. All systems are different and the issues I experienced with Shade and IE may well be specific to my particular system. As I said in the article, I have problems with IE in Win 10 normally anyway.

      Give Shade a go, chances are it will work fine with IE in your system. And if not, you can always just uninstall it.

  3. Hi Jim.What are the advantages of this, if any over Sandboxie? Any glaring differences in the two as to the method of isolation protection? Thank you

    • Hi Diego,

      The biggest difference would be that; with Shade, browsers and selected programs can be “forced” to automatically run in a sandbox. Whereas with Sandboxie, that feature is only available in the paid/registered version.

      Otherwise, they are very similar.

  4. Dear Sir:
    Please explain if the sand boxed data is in RAM or is in a file that can be located. When Shade is ‘cleaned-up,’ where does the data go? Is it dumped into the ‘free-space’ as when files are deleted, or does it vanish as when RAM powers down? The reason I ask is because I wipe my computer after each session and do not want recoverable data floating around while in sand box mode. I am trying out this product and like the idea but would like more information as to final disposition of data when Shade is closed. Thanks for bringing my attention to this product. I get a lot of good advice from your column.

    • The sandboxed data is contained in a folder in the root of the system drive (usually “C”). When the sandbox/folder is emptied, the files are merely deleted. I seriously doubt there would be any type of secure deletion involved, Shade’s function is to protect the user from malicious activities, not to hide his or her own activities.

        • Correct. But, native to Sbie or not, secure deletion does remain a feature available in Sandboxie that the OP may find helpful to know.

        • Sorry to be pedantic MG, and I do appreciate where you are coming from, but that simply is not correct. Just because Sandboxie provides a command line method to invoke a 3rd party secure deletion tool does not make it a “feature”.

          Anyone can download a 3rd party secure deletion tool and use it to securely delete the contents of any sandbox. The user doesn’t necessarily need to use the built-in deletion option, that’s just there for convenience. All one needs to do is go to the virtual folder and manually delete all the data. And the user can also choose whether to delete that data through Windows or delete it securely using a 3rd party secure deletion tool.

        • I understand what you’re saying. It could be a matter of semantics. I considered the convenience factor of using Sbie’s Ini config file to invoke Eraser or SDelete as a “feature”. Once configured, the emptying of all sandboxes would be done automatically by one of those third part tools.

          On a tangent note, I once used CCleaner in a similar capacity, i.e. to secure delete my sandboxes…although, I had to manually invoke that command each time.

          BTW – No need to be sorry for being pedantic. It’s good to know you’re zealous and scrupulous. Torturing the details is sometimes a good thing.

  5. Having two or more references, every pointing to a
    unique path causes your application to crash.

  6. I use Sandboxie (free version) to test run a new program but it seems that Shade cannot do that? It’s part of the paid Enterprise version, is that correct?
    Therefore Shade free is only for installed programs?

    • An old post but I think more people will be interested in the answer.

      As far as I can see there is NO difference between the private and commercial version. You have to install a program first. Then you shove the desktop short cut into the Shade box. From then on the program runs in the Shade sanbox.

      This works great, as I have tested with browsers and Torrent browser Popcorn Time You can check this by opening the Shade folder on the C: drive. In a special container you can see the program files that have been copied to the container in order for the program to work completely separate from Windows (in my case).

      This works also with downloaded files. When you use a dual pane file explorer like xplorer2 you can shove the downloaded file straight from the Shade sub-directory (where you can check it with a virus scanner) into a “regular” folder.

      Regarding Chrome I found an oddity. Downloads from Chrome were completely blocked. Downloads from FireFox landed correctly in the sandboxed download folder. Another handicvap is that when you use Gmail all kinds of references are blocked (since they refer to information in the regular system folders).

      So I use Chorme for email, and FireFox for downloads. Works great!