A first look at Windows Sandbox

Discussion in 'sandboxing & virtualization' started by stapp, Dec 19, 2018.

  1. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    11,733
    Location:
    UK
    https://www.ghacks.net/2018/12/19/a-first-look-at-windows-sandbox/
     
  2. test

    test Registered Member

    Joined:
    Feb 15, 2010
    Posts:
    479
    Location:
    italy
    cool! and long awaited!
     
  3. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    5,572
    Location:
    Europe then Asia
    And again for Pro version users when it is most needed by Home version users who are those most enclined to run shady/malicious stuff...
     
  4. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,711
    Location:
    Ontario, Canada
    Introducing Windows Sandbox!

    Windows Sandbox is a new lightweight desktop environment tailored for safely running applications in isolation.

    How many times have you downloaded an executable file, but were afraid to run it? Have you ever been in a situation which required a clean installation of Windows, but didn’t want to set up a virtual machine?

    At Microsoft, we regularly encounter these situations, so we developed Windows Sandbox: an isolated desktop environment where you can run untrusted software without the fear of lasting impact to your device. Any software installed in Windows Sandbox stays only in the sandbox and cannot affect your host. Once Windows Sandbox is closed, all the software with all of its files and state are permanently deleted.

    https://blogs.windows.com/windowsex...ider-preview-build-18305/#l9ZSEiFFQDCjAgDQ.97
     
  5. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,705
    Location:
    Toronto Canada
    Hopefully it will eventually make it's way to a future home version. Your comments are right on the mark.
     
  6. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,530
    Location:
    USA
    I can't wait for this to come out. It should work really well with Microsoft's unlimited access to the inner workings of the OS.
     
  7. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    5,013
    Location:
    USA
    I disagree . It has some pretty hefty hardware requirements and is likely too advanced for the average home user. I won't be able to test this on my laptop or a VM. I'm also not willing to load this build of Windows onto my desktop.
     
  8. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,479
    This. He wont even understand what it does.
     
  9. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    5,572
    Location:
    Europe then Asia
    I think surely easier than the failed designed Exploit Guard.
    A wizard appearing when the user install an app giving him the choice to run the said app sandboxed wouldn't be so hard to follow.
    About hardware, i know tons of security uber-noobs with higher spec machines than me :p
     
  10. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    589
    Location:
    Germany
    I am worried about this:
    I sure that means any tweaks you did to the host system to prohibit tracking and telemetry are being ignored, and the thing has network access so it will happily be radioing anything you do AND probably even accumulated information from your host.
     
  11. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    7,429
    Location:
    U.S.A.
    Of the bat, Windows Sandboxing requires at a minimum HVCI. As many are finding out on 1809 including yours truly, memory protection can no longer be enabled if you have older hardware. Whereas on 1803, memory protection worked for many again including yours truly.
     
  12. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    5,013
    Location:
    USA
    Exploit Guard was truly not for noobs. From the directions that I read for enabling and using the sandbox I don't think there will be any wizards.
    Most of the noobs I know are running a $400 Dell. This is not going to be for them. Or me either until I buy a new laptop. I guess Sandboxie will have to do. Fortunately I own a lifetime license.
     
  13. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    11,523
    Location:
    The Netherlands
    Seriously, M$ is a joke. I asked for such a feature way back in 2008 and 10 years later they come with this, and only in the Win Pro version. But it seems it's a bit more robust sandbox when compared to Sandboxie, because apps run in a full virtual container, but this also means it's only meant for testing software, not for exploit protection.
     
  14. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,479
    If properly configured an SBIE sandbox can totally contain whatever is inside it, even if it's not a "full virtual container" a la virtual machine.
     
  15. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    386
    The only thing Sandboxie can't contain are kernel exploits. Quite unclear if kernel exploits can be contained by Windows Sandbox.
     
  16. Rainwalker

    Rainwalker Registered Member

    Joined:
    May 18, 2003
    Posts:
    2,416
    Location:
    USA
    Ahhh...Good to know. Had been wondering about that lately. A well written something or other slipped by my defenses last month. What it did was interesting. Caught the problem and fixed it. It was hiding well in email.
     
  17. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    11,523
    Location:
    The Netherlands
    I'm not saying that SBIE is not secure, I'm saying that the Windows Sandbox will be even more robust, pure from a technical point of view. But Sandboxie will also easily contain malware.
     
  18. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    7,429
    Location:
    U.S.A.
    I also see no comparison to this new Windows sandbox feature and Sandboxie. Whereas Sandboxie is designed to run vulnerable existing apps like browsers, e-mail clients, etc., the Windows sandbox is not. Existing published material by Microsoft has noted this new sandbox feature is for app execution testing only with everything being flushed from the sandbox, when the app terminates.
     
  19. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    85
    Location:
    Brooklyn, NY
    I read the article up there and I was under the impression the Windows sandbox would be a competitor to Sandboxie as it stated the need (previously) for users to have to install third party software. The article is actually a little vague. I wonder, would this coincide with Edge's changing over to a Chromium engine? Nevertheless, personally, I stay with Sandboxie, it's just a staple on here and it's already well-established. Whereas, with Windows, who knows what bugs will emerge, like with anything "new."
     
  20. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    7,429
    Location:
    U.S.A.
    I also suspect that there will be issues with malware behavior detection within the new sandbox feature if you're using any security software other than Windows Defender. To date on Win 10, Microsoft has consistently "hooked" enhanced OS security features to WD use.
     
  21. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    11,523
    Location:
    The Netherlands
    No it's not, because Sandboxie can be used for both exploit protection and software testing. The Windows Sandbox is mostly useful for running untrusted software, but they will run inside a full virtual machine without any interaction with the real machine. So I do wonder if you will be able to install security software that need to load drivers, that would be cool I guess.
     
  22. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    85
    Location:
    Brooklyn, NY
    Oh, OK, thanks for the explanation, Rasheed187. Good to know for future reference.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.