Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Announces Windows Sandbox, a Desktop Environment For Running Applications in Isolation (betanews.com)

Posted by msmash on from the nifty-features dept.

Microsoft has officially unveiled "Windows Sandbox," a feature that was expected to be unveiled next year. Windows Sandbox, the company says, creates "an isolated, temporary desktop environment" where users can run potentially suspicious software. From a report: Windows Sandbox is an isolated desktop environment which functions much like a virtual machine; any software installed to it is completely sandboxed from the host operating system. Aimed at businesses, enterprises and security-conscious home users, Windows Sandbox will be part of Windows 10 Pro and Windows 10 Enterprise. It is not clear exactly when the feature will debut, but it could make an appearance in Windows 10 19H1 next year.

The company touts the following features of Windows Sandbox in a detailed blog post introducing the new feature:
Part of Windows -- everything required for this feature ships with Windows 10 Pro and Enterprise. No need to download a VHD!
Pristine -- every time Windows Sandbox runs, it's as clean as a brand-new installation of Windows.
Disposable -- nothing persists on the device; everything is discarded after you close the application.
Secure -- uses hardware-based virtualization for kernel isolation, which relies on the Microsoft's hypervisor to run a separate kernel which isolates Windows Sandbox from the host.
Efficient -- uses integrated kernel scheduler, smart memory management, and virtual GPU.

116 comments

  1. Sandboxie by Anonymous Coward · · Score: 5, Informative

    Or use Sandboxie, which has been out for over a decade.

    https://www.sandboxie.com/

    1. Re: Sandboxie by Anonymous Coward · · Score: 0

      I hope they donâ(TM)t swap the OK button with the cancel button again. It is not such a problem for me, but sometimes my technicians want to be helpful and click through for me when I am not at my desk and they hit the wrong button and all hell breaks loose. I tell them to read the text normally but they never listen. I was advised to fire them all but that seems a tad excessive

    2. Re: Sandboxie by Anonymous Coward · · Score: 0

      Firing would excessive. You should flay their cocks and clits so they become more docile. Don't forget to feed the their genitalia to the dogs.

    3. Re: Sandboxie by Anonymous Coward · · Score: 0

      Sounds like you work in the Trump White house.

    4. Re: Sandboxie by Anonymous Coward · · Score: 0

      English motherfucker, do you speak it?

    5. Re: Sandboxie by Anonymous Coward · · Score: 0

      I believe you mean "English, motherfucker . . . "

    6. Re: Sandboxie by TJHook3r · · Score: 1

      Good shout AC, Sandboxie is the same product, with almost the same name.

  2. The expected work-around.... by Anonymous Coward · · Score: 3, Insightful

    Of course "bad guys" will figure out some way to detect that they are running inside a pristine sand-box and behave differently, ie, non-malicious. The user/tester runs that application, nothing bad happens, certifies that it is safe and releases it to the rest of the business population. Once it's out in the open the application acts maliciously and does it's dirty work.

    1. Re:The expected work-around.... by ctilsie242 · · Score: 5, Informative

      This is already done. A lot of malware checks for drivers and won't run if it sees a VMWare driver, 3 CPU cores, or an oddball amount of RAM. This is a good thing, in a way, if one uses VMs for partitioning tasks (for example QuickBooks goes into its own virtual machine, so it is isolated and protected from malware for the most part. You can also add encryption, either in the VM via BitLocker or store the VM files somewhere secure (VeraCrypt volume), to ensure better protection when the machine isn't in use.

      I'm hoping Microsoft starts moving more towards a QubesOS model.

    2. Re:The expected work-around.... by Seven+Spirals · · Score: 4, Interesting

      Your solution is a good one, but it's a lot of hassle. QubesOS has it all streamlined, but using paravirt with Xen is a bit of a misfit when I've used it. I'd rather see a solution built around LXC or OpenVZ. However, I guess there already are some efforts in this direction that have made progress. I suppose it's mostly a matter of preference in terms of what method to implement the key is making sure no trace is left for the bad guys to follow.

    3. Re:The expected work-around.... by Anonymous Coward · · Score: 0

      This also happens even with Sandboxie, another sandboxing application for Windows.

      In my case, I had issues installing a game. I no longer trust installing ANY application outside of sandboxes because I'm sick of dealing with shit developers and their shit code breaking things.
      The biggest reason was Google Chromes totally not at all stable update that fucked Google Update, Chrome, Picasa and I was unable to use the uninstaller, I needed to manually remove everything from registry and so on. I resorted to using Google Chrome CANARY because that at least worked.

      So I started installing it. All successful. Running the launcher is where the problems occurred.
      Sandboxie allows programs to read outside of the sandbox to the native folder structure. (you can disable this per sandbox though)
      It will sometimes mirror files to the sandbox if any writes occur to that file. (you can set a maximum file size limit for this, in case it writes to HUGE files, handy feature)
      If a program checks, say, c:\, it will get 2 versions of it spliced together, the actual c:\ directory as well as the virtual c:\ held inside the sandbox directory.
      This launcher seems to be using a read method that bypasses the standard methods so much so that Sandboxie never even bothered to hook on to it. It resulted in the launcher only checking the native file structure without the sandbox, so couldn't find the game EXE. GG.
      I should probably message the devs about that. It was only shitty League of Legends which I only installed just to shut up a friend, the fact it failed was just a bonus. I never bothered filing a bug report on it.
      It may well be fixed, this was years ago back in Leagues popular days.

    4. Re:The expected work-around.... by Anonymous Coward · · Score: 0

      Will Microsoft still require access to all your data, "to improve user experience"?
      How does this affect what they can send back to their servers for what ever purpose?

    5. Re:The expected work-around.... by Anonymous Coward · · Score: 0

      This is my major complaint about Sandboxie, Comodo Containers, etc. I want to sandbox programs permanently not unlike how phones sandbox each program from each other. The biggest shortcoming of desktops is precisely that users don't understand what the purpose of a multi-user OS is when only one user ever uses it. Further, its construct is precisely to treat that one user as hostile to the system and reduce its privilege. Instead, the focus should obviously be the other way around: treating users as non hostile but allowing users to treat programs on the system as hostile, whether they're a part of the system or not.

    6. Re:The expected work-around.... by Anonymous Coward · · Score: 0

      The fun part comes when you install games like Everquest, WoW, or anything using Valve's Anti-Cheat, in a VM, then 24 hours later, you find your account banned, and customer service just copies anything you send them to a public forum to humiliate "cheaters".

      This is why games get the bare metal, I use a KVM switch, so one PC can be spied on by whomever feels like it, while the other gets the work done. They are on separate VLANs, so no matter how fscked the gaming PC gets, it doesn't affect my real work.

    7. Re:The expected work-around.... by bill_mcgonigle · · Score: 1

      using paravirt with Xen is a bit of a misfit when I've used it

      Xen pvh2 is almost done, and should remove the last technical reasons to use paravirt.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    8. Re:The expected work-around.... by Seven+Spirals · · Score: 1

      Sweet, that made me go refresh my Xen news buffer. Lots of cool developments and the near-arrival of pvh2 is definitely one of them.

    9. Re: The expected work-around.... by zaphirplane · · Score: 1

      There will be ways to detect gmtge sandbox, the ms sandbox isnâ(TM)t a pristine installation, itâ(TM)s on top of your current system

  3. True browser sandboxing yet with this feature? by Seven+Spirals · · Score: 4, Insightful

    I want every single tab I open to be like a baby finding itself in a brand new world every time. I want no cookies to cross reference (yes, I am willing to login every time). I wish for no resources available for Javascript trying to find clever ways to spy and screw with things outside of that "sandbox". I want that tab to feel like it's running on a computer that was just whisked into existence for that one task only. When I close that tab I want (at least on the local system) for it to be like that never happened. Don't leave cache files, ghost cookies, cookies, or alter the system in one single goddamn binary bit that can be tracked later on. I know "private browsing" claims to do a lot of these things, but then you find out later that it really doesn't or that there is some tracking. However, I gotta say, my current method works pretty well. I just keep a bookmarks file that I occasionally import/export when needed. Then I use 'srm' (secure rm) to wipe every file and directory that the browser altered when it was running (inside of a jail, usually). It's not that I have all kinds of stuff to hide, I just hate being spied on by automated "eyes".

    1. Re:True browser sandboxing yet with this feature? by sg_oneill · · Score: 0

      I want every single tab I open to be like a baby finding itself in a brand new world every time. I want no cookies to cross reference (yes, I am willing to login every time). I wish for no resources available for Javascript trying to find clever ways to spy and screw with things outside of that "sandbox". I want that tab to feel like it's running on a computer that was just whisked into existence for that one task only. When I close that tab I want (at least on the local system) for it to be like that never happened. Don't leave cache files, ghost cookies, cookies, or alter the system in one single goddamn binary bit that can be tracked later on. I know "private browsing" claims to do a lot of these things, but then you find out later that it really doesn't or that there is some tracking. However, I gotta say, my current method works pretty well. I just keep a bookmarks file that I occasionally import/export when needed. Then I use 'srm' (secure rm) to wipe every file and directory that the browser altered when it was running (inside of a jail, usually). It's not that I have all kinds of stuff to hide, I just hate being spied on by automated "eyes".

      Why do I get the feeling its not the browsers eyes, but the wifes eyes your worried about lol.

      --
      Excuse the Unicode crap in my posts. That's an apostrophe, and slashdot is busted.
    2. Re:True browser sandboxing yet with this feature? by pgmrdlm · · Score: 0

      Lol, if he learned some hot keys. He wouldn't have to worry about the Wife. Windows/D would work.

      --
      Anonymous comments are as pathetic as the anonymous "sources" that contaminate gutless journalism from the New York Time
    3. Re:True browser sandboxing yet with this feature? by Anonymous Coward · · Score: 0

      DR. IAN MALCOLM: John, the kind of control you're attemptingit's not possible. If there's one thing the history of evolution has taught us, it's that life will not be contained. Life breaks free, expands to new territories, and it crashes through barriers, painfully, maybe even dangerously, but there it is.

    4. Re:True browser sandboxing yet with this feature? by Seven+Spirals · · Score: 1

      Yeah, I'm sure low-level file and cross-tab Javascript security in all browsers are just a matter of learning hotkeys. Garsh, why didn't we all just ask you to fix the issue for us?

    5. Re:True browser sandboxing yet with this feature? by pgmrdlm · · Score: 0

      I was replying to a posting where he was trying to hide various windows from his wife. But hey, if you can't take a little humor. That is your problem, not mine.

      --
      Anonymous comments are as pathetic as the anonymous "sources" that contaminate gutless journalism from the New York Time
    6. Re:True browser sandboxing yet with this feature? by Seven+Spirals · · Score: 0

      The only wife I need to hide from is yours... but hey, just kidding, haha. It's hilarious right?

    7. Re:True browser sandboxing yet with this feature? by Seven+Spirals · · Score: 1

      Years of watching various "sandboxing" fails has convinced me that you are probably right.

    8. Re:True browser sandboxing yet with this feature? by Opportunist · · Score: 3, Interesting

      Have you tried epic browser?

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    9. Re:True browser sandboxing yet with this feature? by Seven+Spirals · · Score: 1

      No, but it looks like they have the right idea. I'm just not on Windows very often but I will give it a shot sometime when I am. Thanks for the pointer. After years of just using NoScript and 'rm -rf ~/.mozilla' there has to be some kinda better way. However, my ability to trust a browser at this point will have to be after several test browsing sessions to see what turdlets it leaves afterwards when I examine the filesystem (and registry if it's Windows).

    10. Re:True browser sandboxing yet with this feature? by Provocateur · · Score: 2

      Years of watching Jurassic Park and I almost forgot the name Ian Malcolm, who is quite astute.

      --
      WARNING: Smartphones have side effects--most of them undocumented.
    11. Re:True browser sandboxing yet with this feature? by Seven+Spirals · · Score: 1

      Years of watching Jurassic Park and I still love Silicon Graphics (it's a Crimson they have there - I have a Tezro and 3 other SGIs), the Mac Quadra 700 (I have two of them), and Thinking Machines supercomputers (hehe, I don't own one of these!). I love that freakin' movie.

    12. Re:True browser sandboxing yet with this feature? by Anonymous Coward · · Score: 0

      Why do I get the feeling its not the browsers eyes, but the wifes eyes your worried about lol.

      LoL cuz only pervs care about privacy right? Ha ha! So true and still funny the billionth time!

    13. Re:True browser sandboxing yet with this feature? by Blue+Stone · · Score: 2

      Installed and tried it.

      Tested one website to try it out and it broke the website quite comprehensively, with no way to get it to work (no plugins I could disable, no scripts or permissions I could grant to get it to work (as I do when using firefox with ublock and umatrix).

      It also inserts 'epicupdater' into my startup without permission, which I DO NOT like.

      That's just my first impression. Not *that* great.

      --
      Corporation, n. An ingenious device for obtaining individual profit without individual responsibility. - Ambrose Bierce
    14. Re:True browser sandboxing yet with this feature? by fahrbot-bot · · Score: 1

      I want every single tab I open to be like a baby finding itself in a brand new world every time.

      So... crying, covered in blood and mucus... What freakin' browser are you running?

      --
      It must have been something you assimilated. . . .
    15. Re:True browser sandboxing yet with this feature? by Anonymous Coward · · Score: 0

      I can't even get that far. I run the latest installer, everything seems normal, no folders created. Others have reported the same issue.

      And then there's this...

      Nov. 12, 2014
      How Google Inadvertently Crushed A Privacy Startup
      https://www.businessinsider.co...

    16. Re:True browser sandboxing yet with this feature? by dargaud · · Score: 1

      Browser fingerprinting techniques can still identify you this way.

      --
      Non-Linux Penguins ?
    17. Re:True browser sandboxing yet with this feature? by Anonymous Coward · · Score: 0

      Not a perfect solution and not per tab but:


      #!/bin/bash

      SRC_DIR=${HOME}/.browser/chrome_base_empty/
      BASE_TEMP_DIR=/tmp
      TEMP_DIR=$(mktemp -d $BASE_TEMP_DIR/chome.XXXXXXX)

      cp -a "$SRC_DIR"/* "$TEMP_DIR" &>/dev/null

      chromium-browser --user-data-dir=$TEMP_DIR --no-first-run --disable-remote-fonts "$@"

      rm -rf $TEMP_DIR

      Basically, make a run of "chromium-browser --user-data-dir=${HOME}/.browser/chrome_base_empty/" and setup any options you want from extensions, preferences, whatever, and then run the above script to start individual copies of that base that are deleted at the end. If you want it to be "virgin" then skip the SRC_DIR/cp bit and it'll use a blank temp dir each time. I can't guarantee this gets rid of all tracking because even without javascript or images or cookies, they can track your IP address.

    18. Re:True browser sandboxing yet with this feature? by Seven+Spirals · · Score: 1

      If the sandboxed processes scream and thrash while covered in goo, that'll just add to my satisfaction that they've been shown their proper place in the world. :-)

    19. Re:True browser sandboxing yet with this feature? by Seven+Spirals · · Score: 1

      You're right. However, doing something feels better than just laying down and letting the big-brother corporate feudal lords just monetize my existence at every opportunity. IMO, "Defense-in-Depth" still applies to an individual trying to be left alone, even if their countermeasures aren't 100% effective and they aren't sitting in a missile control silo.

    20. Re:True browser sandboxing yet with this feature? by jimbo · · Score: 1

      Firefox with Temporary Containers add-on takes you quite far in that direction. Each tab is a new container and all data, except bookmarks, is wiped after closing the tab.

    21. Re:True browser sandboxing yet with this feature? by Seven+Spirals · · Score: 1

      I haven't tried that one. Just NoScript, Ghostery, and a few others. It sounds promising. I'll give it a shot.

    22. Re: True browser sandboxing yet with this feature? by Anonymous Coward · · Score: 0

      get wife 2.0 that likes to watch with you.

    23. Re: True browser sandboxing yet with this feature? by Anonymous Coward · · Score: 0

      For someone with a sense of humor you sure are touchy :-)

    24. Re:True browser sandboxing yet with this feature? by Anonymous Coward · · Score: 0

      (yes, I am willing to login every time)

      I do this anyway (firefox set to not remember passwords and forget everything when closed). It's always a bit discombobulating to use someone else's computer and have the browser auto log-in to a site (under their account) - makes you do a double-take "wait, what the fsck... oh yeah, auto-login, that's a thing isn't it?

    25. Re:True browser sandboxing yet with this feature? by Anonymous Coward · · Score: 0

      Coming from Microsoft? Yer fucking dreeeamin

    26. Re:True browser sandboxing yet with this feature? by Blue+Stone · · Score: 1

      Well shit. Google altered the deal, eh? Damn.

      --
      Corporation, n. An ingenious device for obtaining individual profit without individual responsibility. - Ambrose Bierce
    27. Re: True browser sandboxing yet with this feature? by Anonymous Coward · · Score: 0

      This is exactly what Bromium does, and has been doing since 2011. Bromium was founded by the people who made Xen.

  4. Jailbreak by Scutter · · Score: 4, Insightful

    I'm putting money on "under 24 hours" before the first proof-of-concept malware is written that can escape the sandbox, followed by years of bug-fixing whack-a-mole before this is anywhere close to secure.

    --

    "Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
    1. Re:Jailbreak by pgmrdlm · · Score: 1

      This type of technology has been around for a long time. I use to use sandboxie. Where we are working, we are using a solution like this to isolate all Java applications. This is not anything new other than Microsoft is finally offering it.

      --
      Anonymous comments are as pathetic as the anonymous "sources" that contaminate gutless journalism from the New York Time
    2. Re:Jailbreak by bobbied · · Score: 1

      I'm putting money on "under 24 hours" before the first proof-of-concept malware is written that can escape the sandbox, followed by years of bug-fixing whack-a-mole before this is anywhere close to secure.

      But... Edge is faster! Just ask us, or read all the popup ads we send you with every OS update..

      Seriously, ANY operating system software plays whack-a-mole with security holes. MS isn't any exception.

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    3. Re:Jailbreak by ctilsie242 · · Score: 2

      Even if someone does break it, I applaud Microsoft for having this in the first place. Running a Web browser in a VM, sandbox, or isolated environment, where it has no access to documents is a step forward.

    4. Re:Jailbreak by Anonymous Coward · · Score: 0

      That'd still be an improvement, though. Pound on it long enough, and maybe they'll eventually get it into decent shape. Have LXC/LXD, Docker, etc been escaped yet? I am enjoying LXD quite a bit on my server and am totally ready to start using it on my desktop. (And then what everyone needs is for that to become the norm on Android.)

    5. Re: Jailbreak by eneville · · Score: 1

      Been ctrl-alt-f2'ing to another user to browse for a while. Nothing new in multiuser os, just a lot less of an issue in one.

      --
      Why UNIX?
  5. telemetry by Sperbels · · Score: 1

    nothing persists

    Except the telemetry sent back to MS.

    1. Re:telemetry by Anonymous Coward · · Score: 0

      Yep, the whole thing is created just so they could get exclusive access for the spied data and opportunity to sell it first. It is so sad when other companies try to harvest data from Microsofts's products machines.

    2. Re:telemetry by Anonymous Coward · · Score: 0

      Yes, unless you can run Windows OS in this sandbox, it is useless.

    3. Re:telemetry by Anonymous Coward · · Score: 0

      > exclusive access for the spied data and opportunity to sell it first

      I keep reading this here on /. - who is MS selling its telemetry data?

      Honest question. Telemetry != user tracking for ad purposes (aka "what Google does for a living").

  6. Modern OS by Anonymous Coward · · Score: 0

    Welcome to the 21st century, MS!

  7. Potentially Suspicious Software by Anonymous Coward · · Score: 0

    So.... programs like explorer.exe?

  8. Pristine by blavallee · · Score: 2

    Clean as a brand-new installation of Windows.
    I'm sure it will include all the annoying notifications!

    1. Re:Pristine by MagicM · · Score: 4, Funny

      And Candy Crush!

    2. Re:Pristine by Opportunist · · Score: 2

      With all telemetry turned back on that you painstakingly ripped out, using various third party tools and registry hacks.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    3. Re:Pristine by Anonymous Coward · · Score: 0

      Plus all the other shit you didn't want installed.

  9. great in theory by fred6666 · · Score: 2

    but in practice, let say you need to open a file, how does it work? And then save it? Will they allow SMB file transfers between the host and the sandbox? Couldn't viruses spread this way?

    1. Re:great in theory by Anonymous Coward · · Score: 0

      This is how it works on Apple: Given the appropriate entitlements, access is automatically granted to user-selected files in the powerbox. Permissions can be remembered for later use through the use of persistent security scoped bookmarks.

      Based on the naming of things, you can tell that Apple's developers consider the sandbox a joke.

      I see no reason why this can't be implemented on Windows as well, though obviously with different names for trademark reasons.

    2. Re:great in theory by thepigwanker · · Score: 1

      If this is based on Hyper-V, then probably something like enabling the Guest Service so you can use PS Direct (i.e. not SMB).

    3. Re:great in theory by fred6666 · · Score: 1

      But how good is the sandbox if the application can access all your files?
      It can still mine bitcoins and waste your CPU/GPU.
      It can still send all your files to some scamers and then encrypt your local copy.
      The only thing is that it won't have admin rights so it won't be able to delete the OS or mess with other users' files. Just like any non-sandboxed application, isn't it?

    4. Re:great in theory by Seven+Spirals · · Score: 1

      Exactly. Put in a "backdoor" (ala VMware tools, memory balloon drivers, or other such stuff that can talk to the host-side) and sooner or later someone will find a way to escape. Virtual machines can be cool and useful but there can be situations where they complicate the security threats you face versus bare metal. Spectre, Meltdown, and lots of side-channel low level CPU flaws have shown us that it's at least possible. If it's possible, then there is always the threat of really nasty exploit giving folks the ability to pwn the host machine or alter and/or read info/data/files in another VM. You also make the point about Bitcoin mining. There's a new threat that is somewhat resistant to traditional security measures. Sandboxing doesn't really have a well-cured answer there, either.

    5. Re:great in theory by Anonymous Coward · · Score: 0

      Worse case scenario with a VM: it's just as insecure as bare metal, but attackers have to take an extra step.

      VMs are always better from a security engineering perspective.

  10. Obligatory xkcd by aitikin · · Score: 5, Funny

    https://xkcd.com/2044/

    --
    "Don't meddle in the affairs of a patent dragon, for thou art tasty and good with ketchup." ~ohcrapitssteve
    1. Re:Obligatory xkcd by jfdavis668 · · Score: 1

      Yes! All our problems started when we let computers communicate with each other.

    2. Re:Obligatory xkcd by anon208 · · Score: 0

      Nice! One I haven't seen before.

    3. Re:Obligatory xkcd by aitikin · · Score: 1

      It's relatively new. Latest is 2087 and this one is 2044.

      --
      "Don't meddle in the affairs of a patent dragon, for thou art tasty and good with ketchup." ~ohcrapitssteve
  11. Microsoft Sandie by Anonymous Coward · · Score: 0

    A Microsoft cookie that is only just a little bit crumbly. Now with pecans!

  12. Truth in advertizing by gtall · · Score: 1

    If this were really a Windows Sandbox, we could stick Windows in it and be so much more safer. I don't think they are shooting high enough here.

  13. Qubes OS anyone? by Anonymous Coward · · Score: 0

    So they basically integrated, implemented, etc.. Qubes Linux as Windows?

    1. Re:Qubes OS anyone? by Anonymous Coward · · Score: 0

      So they basically integrated, implemented, etc.. Qubes Linux as Windows?

      Qubes Linux is a reinvention of Solaris zones from 20+ years ago...

  14. How much overhead and virtual GPU? by Joe_Dragon · · Score: 2

    On the virtual GPU is it based on your card? or is it some low end basic card?

    1. Re:How much overhead and virtual GPU? by dissy · · Score: 1

      On the virtual GPU is it based on your card? or is it some low end basic card?

      The Windows Kernel Internals descriptions say that 'windows sandbox' is put on top of the previous 'windows containers' software, which basically uses Hyper-V.
      With virtualization options enabled in the CPU, it uses "RemoteFX vGPU"

      I didn't know what RemoteFX was but there was a reference link to here:
      https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/rds-remotefx-vgpu

      From the description this is the same virtual GPU sharing used in the remote application part of remote desktop.

      I'm not sure how similar it works behind the scenes, but vGPU with Hyper-V actually seemed to be designed in a sane way.
      So you now how Intel CPUs have VT-D instructions in them? Nvidia cards have something similar called vPC (gtx series) or vDWS (quadro series)

      Hyper-V uses that to virtualize all the GPU processing cores, and it can partition video ram.

      So it all depends on your hardware really. Most people using or playing with Hyper-V tend to spec out the hardware it runs on at the server level specifically for running VMs.
      I guess if you put this sandbox feature on a high end gaming rig level PC hardware it should be near native speed.
      If you put it on a 6 year old laptop with a non-vt core i3 and on-board intel graphics though, everything GPU related will be done in software and likely be super crap.

    2. Re:How much overhead and virtual GPU? by Anonymous Coward · · Score: 0

      Nvidia cards have something similar called vPC (gtx series)

      It's interesting you say that as from everything I've read, vPC is part of Nvidia GRID which is specifically different hardware than consumer GTX cards. Do you have anything point to some examples of consumer GTX cards actually have vPC support?

    3. Re:How much overhead and virtual GPU? by dissy · · Score: 1

      It's interesting you say that as from everything I've read, vPC is part of Nvidia GRID which is specifically different hardware than consumer GTX cards. Do you have anything point to some examples of consumer GTX cards actually have vPC support?

      Actually no, and now quite the opposite. I stand corrected.

      I misread the Nvidia page listing of cards with vGPU support. What it actually says is:
      "NVIDIA Virtual GPU software runs on NVIDIA Tesla GPU based on the NVIDIA Volta, NVIDIA Pascal and NVIDIA Maxwell GPU architectures."

      I read that as a list of 4 separate architectures, instead of Tesla GPUs specifically on one of those 3.
      That combined with knowing the GTX 1080 uses the Pascal arch, presumed it was included.

      Sorry about that.

  15. I used to do this on Abandonware sites by rsilvergun · · Score: 1

    with dodgy adverts on them. I'd run a Linux VM to browse them. Most of my fav abandonware sites started hosting warez though and got shut down (snesorama, I miss you, you're beloved community found me a full version of X-Tom 3D, which I wasn't even convinced existed).

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
  16. Microsoft innovation! by Anonymous Coward · · Score: 0

    Microsoft has invented the Docker Container. What a remarkable imitation^H^H^H^H^H^H^H^H^Hinnovation!!

  17. ... spectre? by Anonymous Coward · · Score: 0

    not so isolated with spectre about etc....

  18. Getting Close by Anonymous Coward · · Score: 0

    1. Run Firefox with telemetry turned off, block all cookies, block all trackers, and zero caching (this basically turns on permanent private browsing)
    2. Run NoScript and never turn on any tracking sites (google, facebook, twitter, etc...)
    3. Run Ghostery

    This gets you pretty close. I notice when running this configuration, Google can't seem to figure out who I am, especially when browsing at a public wifi site. Panopticlick reports good results as well.

    1. Re:Getting Close by Seven+Spirals · · Score: 4, Interesting

      The thing that stands out as being most effective in that bevy of countermeasures is NoScript. It's amazing how willing folks are to run un-trusted code from people with strong motivation to track and monetize you. You've just described what I do already, now. The only difference is that, in addition to the measures you describe, I have a script that removes the entire ~/.mozilla directory and then re-creates it from a minimal backup that just restores my bookmarks and the aforementioned security plugins. I had to go that far because I was still finding turdlets even after all that. It's frustrating that even the efforts at sandboxing I've seen so far aren't as complete as this psuedo-manual "browsing rig" we are doing now.

    2. Re:Getting Close by thegarbz · · Score: 1

      It's amazing how willing folks are to run un-trusted code from people with strong motivation to track and monetize you.

      Why is it amazing given the level of actual personal risk people face on common websites as a result of tracking? The direct impact to people's lives by corporations hoovering up their data can be likened to dying in a terrorist attack. There are literally billions of people whose data has been harvested and who are being tracked yet the vast majority don't care precisely because nearly everyone has been completely unaffected by it.

      Now breaking the web by micromanaging scripts on the other hand *that* affects people. Can I interest you in my 100% proven terrorist preventing pet rock? It will prevent terrorists but you need to water it twice a day and sing it a lullaby or it doesn't work.

    3. Re:Getting Close by Seven+Spirals · · Score: 1

      Hey, if you or others want to be involuntary Bitcoin miners, unwitting DDoS zombies, or a test-bed for CPU flaws, go ahead. Your right about one thing though: that won't be amazing, it'll just be normal behavior. People do it all the time. Your comment on breaking the web also makes you sound like Jquery/Angular/Axios developer. As if nobody has the "right" to view a website with Javascript turned off.

    4. Re:Getting Close by iMadeGhostzilla · · Score: 1

      I only run NoScript browsers outside of Sandbox (with a handful of urls whitelisted). Email, banking etc. Everything else that would be OK if hacked I browse inside Sandboxie. Bit of a hassle sometimes (copy link from email in no-sandbox browser), paste into sandboxed browser, but worth the additional peace of mind.

  19. Yeah Baby! by Anonymous Coward · · Score: 0

    But you need a separate Win10 Pro license and that'll cost you $200. Thanks a lot Micro-$loth. I will keep keeping on using Linux as much as I want and it costs me $00000 everywhere, anywhere, allwhere, and underwhere. Munich had it right, and then was ambushed by Dems and Liberals getting paid by M-$. I say end this. It must stop. Join forces. Join the Linux Alliance Today! Be a warrior in the fight for your right, to paaaartay!

  20. Differences with other VMs? by Anonymous Coward · · Score: 0

    Kind of lost, is there anything special about that product or is it Microsoft's attempt to arrive (late) to the market of VMs?

  21. Methinks by Anonymous Coward · · Score: 0

    Shouldn't a good OS do this automatically?

  22. sandy boxen by Anonymous Coward · · Score: 0

    I already sandbox myself from Windows.

  23. Can I run windows in the sandbox? by AmazingRuss · · Score: 2

    I'd feel a lot safer...

    1. Re:Can I run windows in the sandbox? by thegarbz · · Score: 1

      Don't you already run it in a sandbox known as your computer? Or are you playing in the cloud?

  24. They just invented chroot and containers! by aglider · · Score: 2, Insightful

    Cool!

    --
    Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
    1. Re:They just invented chroot and containers! by thegarbz · · Score: 1

      Nice modpoint whoring and playing the crowd, but no. They haven't done that even remotely. Try again but this time make a reference to KVM.

  25. Joe Isuzu says... by Anonymous Coward · · Score: 0

    Trust me...

  26. My cat by PPH · · Score: 2

    ... thanks you.

    --
    Have gnu, will travel.
  27. Insecure from the start by Anonymous Coward · · Score: 0

    MS can't write a secure browser. MS can't write a secure office suite. MS can't write a secure operating system. But they *can* write a secure sandbox? Yeah.

  28. How this is different than a regular VM by darkwing_bmf · · Score: 1
    From Microsoft:

    Integrated kernel scheduler - With ordinary virtual machines, Microsoft's hypervisor controls the scheduling of the virtual processors running in the VMs. However, for Windows Sandbox we use a new technology called "integrated scheduler" which allows the host to decide when the sandbox runs. For Windows Sandbox we employ a unique scheduling policy that allows the virtual processors of the sandbox to be scheduled in the same way as threads would be scheduled for a process. High-priority tasks on the host can preempt less important work in the sandbox. The benefit of using the integrated scheduler is that the host manages Windows Sandbox as a process rather than a virtual machine which results in a much more responsive host, similar to Linux KVM. The whole goal here is to treat the Sandbox like an app but with the security guarantees of a Virtual Machine.

  29. Everybody who runs Windows 10 needs this so... by Anonymous Coward · · Score: 0

    Everybody who runs Windows 10 should be running Pro or Enterprise. Get your arse in gear Microsoft, give everybody a free upgrade to Pro/Enterprise or let everybody run this on Home!

    Alternatively lets all run Qubes OS or FreeBSD or OpenBSD. Whatever floats your boat!

  30. So last century by Anonymous Coward · · Score: 0

    Microsoft is finally catching up with virtual machine technology. Better late than never?

  31. VMWare by darkain · · Score: 2

    "uses hardware-based virtualization for kernel isolation, which relies on the Microsoft's hypervisor" Hyper-V and VMWare Workstation cannot operate on the same Windows box. This is another case of Microsoft bundling software that forces out competition. As someone in a full VMWare environment, features like this scare me. I don't want to have to hack my windows just to keep my current tool set operational.

    1. Re:VMWare by Anonymous Coward · · Score: 0

      "uses hardware-based virtualization for kernel isolation, which relies on the Microsoft's hypervisor" Hyper-V and VMWare Workstation cannot operate on the same Windows box. This is another case of Microsoft bundling software that forces out competition. As someone in a full VMWare environment, features like this scare me. I don't want to have to hack my windows just to keep my current tool set operational.

      o_O

      Isn't that like saying Hyper Terminal being bundled forces out competition like putty because a hardware COM port can only work with a single application at a time?

      Your CPU only has one ring-zero in it, so you can only run one thing there. If that thing doesn't emulate a virtual ring-zero then no you can't run another hypervisor inside it.

      Also worth noting is this is due to limitations in Vmware workstation specifically, lacking vm-d nesting functions.
      Vmware ESX does support vm-d nesting however and would let you run hyper-v / windows sandbox within a VM.

      Vmware workstation is their lower end product and so doesn't virtualize CPU vm-d to its VMs

      Linux KVM supports this too, but virtualbox and xen didn't used to support it last I checked (quite a while ago fwiw)

  32. Those solutions lack the drivers... by Anonymous Coward · · Score: 0

    And without the vmware/oddball ram/etc the viruses will try to operate normally, and being on bare hardware that is more likely to succeed.

    lxc and such are running on the bare linux kernel, just inside of data structures that block them from a complete view of the system. Any kernel level exploits still pwn the machine on the first try. As do rowhammer attacks and other difficult, but reproducible hacking tricks.

  33. Firejail by Anonymous Coward · · Score: 0

    So basically Firejail for Windows?

  34. Electrical tape by Anonymous Coward · · Score: 0

    Why do you have to wrap your baby in electrical tape?

  35. "Pristine" by ilsaloving · · Score: 1

    every time Windows Sandbox runs, it's as clean as a brand-new installation of Windows.

    So it's going to preinstall a whole bunch of crap (Candy Crush Saga, Solitaire Collection, Photoshop elements, etc) I didn't asked for or want?

    A brand new install of Windows 10 is about as pristine as a snow pile in a dog park.

  36. Does this? by Anonymous Coward · · Score: 0

    Does this make you safe from the widows in the box or under the box? Neither?

  37. Why would I trust this? by Anonymous Coward · · Score: 0

    Why would I believe Microsoft here? Presumably because they think we've not been paying attention the last 30+ years.

    Time and time again Microsoft opens gaping security holes by implementing things by embedding them so deep in the OS that if something goes wrong, the whole machine is pwn3d.

    The OS itself seems like it's been built to encourage security holes, because they do it in the Microsoft way -- which is to completely go it alone, build it from scratch, and still run it as a privileged process with access to everything.

    The entire history of IE, hiding common extensions, actually making Outlook so that it would execute scripts in emails even if the user didn't click on them, active content and then re-implemented as gadgets and pulled from at least 3 OS's ... everything Microsoft does is geared to giving a dumbed down experience which values ease of use over security, having the OS try to do what it thinks you want, or just preemptively do something people have already been warned not to do.

    Microsoft doesn't write software that really runs in user land, they write stuff that is deeply embedded in the OS. Instead of using documented API calls, they build new infrastructure which bypasses everything, and which allows far greater exploits than would third party software.

    Sorry, but MS telling me I can run something in a sandbox, designed to keep risky things away from an OS which embraces doing stupid and risky things doesn't cut it for me.

    I predict it will be a very short period of time before people discover gaping security holes in this, and Microsoft will have egg on their face.

    And then this will be yet another of their pieces of in-house technology which falls by the wayside.

    Sorry, but as long as Windows 10 doesn't let me choose when to patch and doesn't leave me in control of my machine, I have zero reason to trust a sandbox built on top of that which is supposed to give me more security.

    Way too many of Microsoft's historical design decisions put the security holes in first, and then try to pretend like it's secure.

    If I want a secure virtual container, there's far better and more mature technologies than this.

  38. Virtual machines with live migration very often by Joe_Dragon · · Score: 1

    Virtual machines with live migration very often may help cut that down.

    1. Re:Virtual machines with live migration very often by Seven+Spirals · · Score: 1

      Well, I know VMware guests which are going to use "Vmotion" will need to migrate between machines with similar CPUs often will "dumb down" the instruction set to whatever they have in common. Are you saying that process or something like it is mitigating things like Spectre? I haven't heard that before, but I suppose it's possible. Since VMware virtualization is a layer between the OS and the CPU, I suppose it's possible to use that to your advantage.

  39. default by sad_ · · Score: 1

    they should use this as the defaut option to run any windows application, and make it a special option to NOT run in a sandbox.

    --
    On a long enough timeline, the survival rate for everyone drops to zero.
  40. Oh Oh! Can we put telemetry in a box and lock it? by Anonymous Coward · · Score: 0

    That would be so nice

  41. Advertising by Anonymous Coward · · Score: 0

    I am willing because I want to support the sites I visit with the method they use for advertising. Of course I don't appreciate when they take advantage of the situation, but I can't go through all the apps and analyze/approve each one, there are too many. I also don't want the site I like to fail. It's a frustrating predicament. I do run a browser in a jail that gets wiped and use a different instance for each web site.