Andrew3000

Level 7
Verified
Malware Tester
Windows Sandbox is a new lightweight desktop environment tailored for safely running applications in isolation.

How many times have you downloaded an executable file, but were afraid to run it? Have you ever been in a situation which required a clean installation of Windows, but didn’t want to set up a virtual machine?

At Microsoft we regularly encounter these situations, so we developed Windows Sandbox: an isolated, temporary, desktop environment where you can run untrusted software without the fear of lasting impact to your PC. Any software installed in Windows Sandbox stays only in the sandbox and cannot affect your host. Once Windows Sandbox is closed, all the software with all its files and state are permanently deleted.

Windows Sandbox has the following properties:
  • Part of Windows – everything required for this feature ships with Windows 10 Pro and Enterprise. No need to download a VHD!
  • Pristine – every time Windows Sandbox runs, it’s as clean as a brand-new installation of Windows
  • Disposable – nothing persists on the device; everything is discarded after you close the application
  • Secure – uses hardware-based virtualization for kernel isolation, which relies on the Microsoft’s hypervisor to run a separate kernel which isolates Windows Sandbox from the host
  • Efficient – uses integrated kernel scheduler, smart memory management, and virtual GPU.
More info: Windows Sandbox - Microsoft Tech Community - 301849
 
D

Deleted member 178

Microsoft saga:

Episode 1 "A WD Menace" aka AVs kicked

Episode 2: "Attack of the EMET Clone" aka anti-exploit kicked

Episode 3: "Revenge of the sandbox " aka sandboxes kicked

Episode 4: " A New Edge" aka Chrome kicked.


Basically they copy from 3rd party vendors..
 
Last edited by a moderator:

BryanB

Level 17
Verified
Microsoft saga:

Episode 1 "A WD Menace" aka AVs kicked

Episode 2: "Attack of the EMET Clone" aka anti-exploit kicked

Episode 3: "Revenge of the sandbox " aka sandboxes kicked

Episode 4: " A New Edge" aka Chrome kicked.


Basically they copy from 3rd party vendors..
Sure, who did they steal office from, that's where they made the money to bankrole the whole company, now he's shamefully rich and living the dream, isn't that what so many want to come here and acheive, unless you're young and willing to do anything, no matter how immoral, don't fall for it, it's a pipedream/horseshit.
 

SHvFl

Level 35
Verified
Trusted
Content Creator
Microsoft saga:

Episode 1 "A WD Menace" aka AVs kicked

Episode 2: "Attack of the EMET Clone" aka anti-exploit kicked

Episode 3: "Revenge of the sandbox " aka sandboxes kicked

Episode 4: " A New Edge" aka Chrome kicked.


Basically they copy from 3rd party vendors..
They should improve their copying speed and I will be really happy.

Hope it's secure but regardless the no snapshot and auto clear is not what I usually do with vms. I don't see it replacing my virtualbox installation.
 

shmu26

Level 85
Verified
Trusted
Content Creator
They should improve their copying speed and I will be really happy.

Hope it's secure but regardless the no snapshot and auto clear is not what I usually do with vms. I don't see it replacing my virtualbox installation.
@SHvFl just curious why you prefer VirtualBox over VMWare?
 

HarborFront

Level 52
Verified
Content Creator
You still need them, because the Windows sandbox does not have persistence. It is a throwaway, to be used for one-time testing.
I believe you can dispense with Shadow Defender and SB given the reasons below especially when you just want to run a software (e.g. browser), shuts the system down and have a fresh reboot

7 Practical Reasons to Start Using a Virtual Machine

However, to test another OS you'll need VB/VMWare
 

shmu26

Level 85
Verified
Trusted
Content Creator
I believe you can dispense with Shadow Defender and SB given the reasons below especially when you just want to run a software (e.g. browser), shuts the system down and have a fresh reboot

7 Practical Reasons to Start Using a Virtual Machine

However, to test another OS you'll need VB/VMWare
Right. If you just want to run a software to test it out, this Windows feature should be great. But if the software requires reboot, I don't know if it will work. I guess we will have to wait and see how the Microsoft engineers tweak this feature. As presently described, it does not seem to support reboot.
 

HarborFront

Level 52
Verified
Content Creator
Right. If you just want to run a software to test it out, this Windows feature should be great. But if the software requires reboot, I don't know if it will work. I guess we will have to wait and see how the Microsoft engineers tweak this feature. As presently described, it does not seem to support reboot.
Does SD and SB support persistence ie can they keep a snapshot before shutting the system down and reload the snapshot upon reboot for a faster start up?

If no then they'll be as good as Windows sandbox
 
Last edited:

shmu26

Level 85
Verified
Trusted
Content Creator
Does SD and SB support persistence ie can they keep a snapshot before shutting the system down and reload the snapshot upon reboot for a faster start up?

If no then they'll be as good as Windows sandbox
Shadow Defender is typically used as a throwaway session, similar to this Windows feature, but it is more sophisticated, because it has all your installed programs and settings, and you can define certain locations that will be persistent, for instance, your AV updates.

Sandboxie is persistent until you manually empty the sandbox contents, but it is not system-wide, it is only for the applications that you choose to sandbox. So it is quite different. It is "light" virtualization.
 

JM Safe

Level 38
Verified
I think this is quite interesting. Does anyone know something about the algorithm used to delete applications when the sandbox is closed? In my opinion it should use a secure shredding algorithm because we talk about untrusted EXE files.
 

shmu26

Level 85
Verified
Trusted
Content Creator
I think this is quite interesting. Does anyone know something about the algorithm used to delete applications when the sandbox is closed? In my opinion it should use a secure shredding algorithm because we talk about untrusted EXE files.
You don't need to shred anything, because the whole virtual system is only temporary. It's like nuking the whole building , instead of shredding a few docs.
 

HarborFront

Level 52
Verified
Content Creator
Shadow Defender is typically used as a throwaway session, similar to this Windows feature, but it is more sophisticated, because it has all your installed programs and settings, and you can define certain locations that will be persistent, for instance, your AV updates.

Sandboxie is persistent until you manually empty the sandbox contents, but it is not system-wide, it is only for the applications that you choose to sandbox. So it is quite different. It is "light" virtualization.
IMO, VB/VMWare is still superior than SB/SD/Windows SB because the latter allows the host machine to be fingerprinted. With a guest OS the host machine cannot be fingerprinted
 

JM Safe

Level 38
Verified
You don't need to shred anything, because the whole virtual system is only temporary. It's like nuking the whole building , instead of shredding a few docs.
Hey shmu, I know I am paranoid, but when I test for example an EXE (application I don't know) in VirtualBox I like to shred it before restore the VM state.
 
Top