
Windows Sandbox - prostoalex
https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Windows-Sandbox/ba-p/301849?ranMID=43674&ranEAID=je6NUbpObpQ&ranSiteID=je6NUbpObpQ-_UZUOlZ2ZyTOTejYypcnAQ&epi=je6NUbpObpQ-_UZUOlZ2ZyTOTejYypcnAQ&irgwc=1&OCID=AID681541_aff_7795_1243925&tduid=(ir__i0avhykzmgkfrw2i0ckzh9lp2u2xhyajo2v1pvjr00)(7795)(1243925)(je6NUbpObpQ-_UZUOlZ2ZyTOTejYypcnAQ)()&irclickid=_i0avhykzmgkfrw2i0ckzh9lp2u2xhyajo2v1pvjr00
======
eitland
Seems like a really nice feature. I've been thinking about something like this
for a while.

I see some people are really annoyed that it isn't available for the Home
version and I too am somewhat annoyed but in this case it is somewhat
understandable since it depends on a feature that is (somewhat more
reasonable) limited to Pro versions.

The thing that annoys me more (hi MS guys, feel free to tell the relevant
people about this) is how they have started to add ads to the login screen and
my start menu - even in the Pro version!

I'm on KDE now so I cannot verify this since the last few months, and probably
shouldn't care but given that MS has become a lot nicer in a lot of areas it
really should bug developers and PR people there that PMs or bean counters
(sorry to all good accountants and PMs out there) are allowed to destroy all
the work you put into making people love you.

Edit: minor edits for readability, clarification

~~~
castis
> they have started to add ads to the login screen and my start menu

A coworker has asked what reasons I could have for not wanting to run "the
best OS". this is enough for me.

~~~
WalterGR
What was your reason before ads were added to Windows?

~~~
eitland
Mine:

\- Clumsy installation process (unless you where in a position where you
didn't have to rely on OEM crap, i.e. unless you where an IT pro or
enthusiast)

\- Performance. My builds would easily take 50% more time on the same hardware
with Windows. Git was slower. Node was slower.

\- Ecosystem. Until WSL getting access to standard tooling was kind of clumsy
(respect for Cygwin, but still). Even after WSL it is still clumsy (who can
tell my how to activate WSL without consulting duckduckgo? I've done it twice
and I still cannot say for sure).

\- Package management: Used to be non-existent (except again cygwin). Now it
is just clumsy (a mix of Windows Store, WSL apt-get and Chocolatey should get
you most of the stuff you need.)

\- Licensing. I'm no die hard free software person, but many of the standard
programs on Windows are directly user hostile (Acrobat Reader comes to mind).

\- Until recently Windows also lacked basic desktop manager features like
multiple desktops.

\- Not directly Microsofts fault, but if people like me are using Windows it
is often because someone I work for demand it. Usually that also means having
to deal with an IT department running Active Directory and all the
"interesting" consequences that has, even for someone who is part of said IT
department like I've been. (Getting locked out from your files because an
admin flipped a switch? Check! Someone swapped regional settings across a
group of machines that I was responsible for and locked them, causing all POS
systems to fail with no way to fix them? Check! Having to wait for all kinds
of scripts that run on logon? Check! Accept having basic parts of your user
experience set by it department? Check! Again this is not MS fault directly
but back when I first experienced working with Windows in companies for some
reason Active Directory seemed to attract people who wants to to those kinds
of things and/or it has a power to make them want it. </rant>

------
finchisko
Nowadays it's almost impossible to uninstall an app completely, because most
of them creating files willy nilly. And it's same on all known OSes. The side
effect we see is system size growing in time.

IMO running an app in a sandbox should be the default option.

On Windows, I used to like sandboxie, which virtualized every write into
single directory. Uninstall was easy as removing that dir.

This MS sandbox doesn't allow you to continually run an app in the sandbox, as
all data get's destroyed on app close, so it's not sandboxie (or similar)
replacement.

~~~
laumars
> _Nowadays it 's almost impossible to uninstall an app completely, because
> most of them creating files willy nilly._

This has always been the case on Windows. In fact if anything, nowadays it’s
better than its ever been because thanks to the UAC and other controls
Microsoft have put in place, developers aren’t so free to do whatever they
like to the host machine. But that’s remember a time before the UAC when it
would often be common practice to reinstall the OS on a semi-regular basis
(not something I personally engaged in but a great many of my peers used to).

> _And it’s same on all known OSes_

It really isn’t. On platforms with a proper package manager you can query what
files get installed where. A great many package managers even let you query a
file system file and see which package installed it.

Of course you still have the problem of the software writing files during its
operation but that should be limited to $HOME (on POSIX systems) or any path
that is writable by the owner / group of the user that application runs as
(which should be limited even if it’s a system service).

~~~
finchisko
It really is. I'm not talking about app binaries only. But about all files
that app creates after install. Most of the reside in home dir, but stays
there forever. Like various cache files, settings, ... And most of the time
they are not confined to single dir.

~~~
kbenson
> Most of the reside in home dir, but stays there forever. Like various cache
> files, settings, ... And most of the time they are not confined to single
> dir.

I think you need to support that statement. I believe the vast majority of
software on common Unix distros creates no files in $HOME[1], and of those
that do the majority use one folder in home[2], which *should+ be used for
configuration, and often you don't want it automatically uninstalled on
software removal.

The few I can think of that quote to multiple locations do so because the
extra locations are shared folders. For example, I would not want my downloads
directory removed on uninstallation of Firefox.

    
    
      1: E.g. Most things in /bin, and /usr/bin.
    
      2: other than what I outlined above, I can't think of any that use multiple directories. If it's truly a common as you say, you should be able to provide some examples.

~~~
tremon
He's referring to the XDG standard [0], I think. It used to be that all
persistent user-configuration resided in ~/.${appname}, but some people were
unhappy with that so they recreated the etc|var|lib|tmp filesystem usage
distinction inside users' home directories. This means that an application's
user files are now spread across $XDG_DATA_HOME, $XDG_CONFIG_HOME,
$XDG_CACHE_HOME and $XDG_RUNTIME_DIR.

[0] [https://specifications.freedesktop.org/basedir-
spec/basedir-...](https://specifications.freedesktop.org/basedir-spec/basedir-
spec-latest.html)

------
dman
Please do not make this a Pro / Enterprise feature. I do remote tech support
for my parents and would love for them to browse / use apps in a sandbox.

~~~
pjmlp
That is what Windows store apps and MSIX sandbox are for.

~~~
hawski
I'm not much of a Windows user, but MSIX sounds great.

Does it add a simple context menu entry to convert an installer? Bonus points
for straight up Install and even more for Run.

I see it's open source, so if it's missing it may be possible to make a
distribution of it with those things implemented. Then one could install it
and make it a default msi handler.

Edit: from what I see conversion is much more involved. Create a certificate
and go through a wizard and fill out some forms. Correct me if the is a quick
and easy convert option. Otherwise it's a nice thing that needs more
development to be useful for a generic user.

~~~
fetbaffe
"Being just the start, MSI packages may very well be supported for at least a
few more years on Windows 10. However, by looking on the GitHub repo of MSIX,
there are some hints that Microsoft envisions a future where MSIX not only
replaces the MSI but also creates a package format which cross-platform
Microsoft applications can recognize and use on any platform (iOS, Android,
MacOS, and Linux)."

[https://www.advancedinstaller.com/msix-windows-
package.html](https://www.advancedinstaller.com/msix-windows-package.html)

~~~
Holybeds
> MSI packages may very well be supported for at least a few more years on
> Windows 10

This sounds like someone making installer stuff would say. MSI will be
supported on modern OSes for much longer than "a few more years".

VB6 apps created in 1998 will be supported until 2025 at least. MSIs will be
treated the same.

~~~
vitorgrs
Windows Core OS doesn't support MSI by default. :)

------
chungy
Sandboxie has been providing similar functionality on versions of Windows
since XP: [https://www.sandboxie.com/](https://www.sandboxie.com/)

It's probably nowhere near as elegant as the Windows 10 feature, but it should
be very handy if you have older versions of Windows!

~~~
voltagex_
Sandboxie is a UI nightmare IMO - it took me ages to work out how to launch a
single program in a sandbox.

~~~
chungy
Interesting. How long ago was this? I've used Sandboxie for around 10 years
and in that entire time, it has always just been a matter of right-clicking
the program and "Run Sandboxed", even trivially accessing the sandboxed start
menu via the notification icon.

~~~
revanx_
I agree, been using Sandboxie for way over 6 years now and it's the easiest
thing ever to use.

------
neotek
Only Microsoft would come up with a new security feature and then
intentionally and arbitrarily limit its availability to the most expensive
version of their OS.

This is the same company that thinks putting ads in the fucking _file
explorer_ is appropriate on an OS they charge hundreds and hundreds of dollars
for.

~~~
lionpixel
I paid 13€ for an Microsoft Windows 10 Pro OEM key. I thought everyone is
doing this as well?

~~~
MarkMc
Where did you buy such a cheap copy of Windows 10 Pro?

~~~
lbeltrame
Those are digital (unused) licenses, that although can't technically be
resold, they "can" be in Europe as they contradict a ruling made in 2012 (I
don't have time to dig the link up, unfortunately).

~~~
Strom
Those cheap licenses are always used. They exploit the fact that these can be
used to activate ~10 copies of Windows. It's even worse than that though. One
seller could keep track of this limit, but what happens is that a bunch of
sellers source their keys from other similar sellers. So they don't even know
how many times a key has been used.

Last time I bought one of these 15€ keys for a friend, I had to write to the
customer support over 10 times and shuffle through at least 6 different keys
until one actually worked.

------
devwastaken
>this feature ships with Windows 10 Pro and Enterprise. No need to download a
VHD!

Swing and a miss. It's interesting how Microsoft will force their slow AV onto
every win10 home edition device, yet won't give actual tools users can protect
themselves with.

~~~
pjmlp
Power users get Pro, typical home users think that sandboxes are children
playgrounds.

~~~
SmellyGeekBoy
I'd argue that typical home users are the people who need this feature the
most.

~~~
pjmlp
And I would argue they are better off with Windows S mode.

~~~
jake_the_third
Tell that to my father who still uses decades-old software. I agree with the
gp, Windows Home users need this feature the most.

Folks who don't mind Windows S would already be using android/ios.

~~~
WorldMaker
"S Mode" (as opposed to Windows S which was briefly a separate SKU) in current
builds of Windows 10 (Home/Pro/Enterprise) is now arbitrarily admin
activatable/deactivatable. As your father's admin (assumedly in this example)
you deactivate S Mode, install all the old apps, then reactivate S Mode. Your
father still gets access to the old apps, and can install new apps from the
Windows Store [1] without your involvement as admin. You just have switch it
out of S Mode if your father finds another old CD or floppy behind the couch
to (re-)install.

[1] I don't recall if S Mode currently allows sideloading non-Store but code-
signed APPX/MSIX packages. I think it is supposed to? But I think my confusion
is that it may differ (at least currently) between Windows Home in S Mode and
Windows Enterprise in S Mode.

~~~
lostmsu
I don't think you can launch non-signed apps when S Mode is on. Does not
matter, if you installed them when it was off.

------
tbronchain
I - and I'm quite sure it's common practice - have been doing something
similar using VMware, desktop integration and shared folders. It's nothing
close to a native integration but it does the work - and I've been able to
render 3D applications pretty well (not at a professional level of course).

I've been wondering for a while what was preventing a virtual machine editor
to step ahead in integration and let you run the hosts' applications in a
safe, virtualized environment - I've had thoughts mixing a sort of overlayfs
(no idea if that exists on Windows), RAM isolation, and chroot-like (again, no
idea if that exists on Windows but there must be something similar, right?)

Anyway, I'm really happy to see Microsoft stepping ahead. Most programs
downloaded online are simply unsafe - sometimes just for privacy reasons! -
and I often don't feel comfortable running them on my bare metal OS (not even
talking of cracked software).

When I first got back on using Windows after a long time on OSX then Linux
(I'm not happy with recent Apple hardware, I'm missing a whole lot of
entertainment/creation applications on Linux), I assumed Hyper-V would be the
best option to have a reliable, built-in hypervisor on my system. I was wrong.
My goal was to setup 2 VMs: Linux CLI only do development, Windows 10 for
untrusted software. It worked but the graphics integration of the windows VM
sucked, and the Linux VM was extremely unreliable - I can't recall exactly
what happened but crashes were common, especially in situations like sleep
resume, drivers updates etc.

I would like to finish this informative comment with a hope that this new
"sandbox" feature fixes most of the problems I used to experience with
hyper-V. I would also love to see the others - VMware and virtualbox - to
implement such feature. Hopefully, this could bump the use of virtual machines
at a personal level (agreeing on dman comment to, please!, make it a standard
feature) and see better performances and painless integration in the future.

------
humps
I think enabling this for Windows Home users would potentially turn into a bit
of a support nightmare. The requirements for Sandbox include turning
virtualization on in BIOS, it also recommends 8GB of RAM and 4 CPU cores with
hyperthreading. Correct me if I'm wrong but most consumer laptops and desktops
probably don't have a virtualization option in the BIOS and only a small
percentage use 4 cores with hyperthreading. So it either won't work for a lot
of Home users or even if it did run, performance wouldn't be great.

~~~
floatboth
> most consumer laptops and desktops probably don't have a virtualization
> option in the BIOS

I haven't seen a single amd64 machine without a virtualization option (except
Macs, which don't have a Setup menu in the firmware, but they have
virtualization always enabled)

------
guest98765436
Did Microsoft fix the issue that when Windows virtualization is enabled then
VirtualBox VMs do not run [0]? Better they focus some of their resources to
fix that first.

If not yet, then Windows Sandbox it is a less useful feature that it may seem,
because we have to choose between Windows Virtualization and VirtualBox VM
snapshots all the time.

[0]
[https://www.virtualbox.org/ticket/16801](https://www.virtualbox.org/ticket/16801)

~~~
dkarbayev
This. I cannot use docker on my gaming rig to use it as dev machine sometimes
because I need VirtualBox on it.

~~~
SmellyGeekBoy
Isn't it just a case of changing a registry value and rebooting?

~~~
yjftsjthsd-h
If switching from games to dev work requires manually patching the system
registry and rebooting, then something is horribly wrong.

------
kodablah
Quick thoughts...

First thought: I'd love to be able to ship an app w/ this enabled by default
(i.e. it's an ephemeral app w/ no local data storage).

Second thought: I'd love to pause this snapshot and resume it. Too many apps
store preferences that you don't want to reconfigure just because you want
isolation from the rest of the system each execution.

Third thought: Instead of always-dispose-on-app-close, I would like to
namespace/cgroups-style it instead. This is how I would expect the Chrome
equivalent of FF's "containers" would be built (I know I can --user-data-dir
which is similar).

~~~
jclay
Regarding your first thought, you can get pretty close today with Windows
Isolated App Containers. Chromium uses this under the hood.

------
excalibur
Ok, we're taking bets on what the first sandbox-escaping attack will target.
My money is on a privilege escalation based on this gem:

> Our solution is to construct what we refer to as “dynamic base image”: an
> operating system image that has clean copies of files that can change, but
> links to files that cannot change that are in the Windows image that already
> exists on the host. The majority of the files are links (immutable files)
> and that's why the small size (~100MB) for a full operating system.

~~~
kevingadd
It's an obvious target, but it's also kind of a stretch to suggest that
someone's going to find an exploit against _read-only pages_.

------
Havoc
PSA: Pro version and up. However if you stick an old win 7/8 Pro key into a
win 10 home you can upgrade it to 10 Pro

------
org3432
Can the app detect if it's in the sandbox? If so, then it could just behave
differently in the sandbox and then when used outside behave another way. I
think the Linux systemd folks have the right idea with just running processes
in their own cgroup regardless, this thing where programs go mucking around
with stuff all over the place should be relegated to the past at this point.

~~~
muterad_murilax
It is stated that "every time Windows Sandbox runs, it’s as clean as a brand-
new installation of Windows", so it seems that such an app could simply look
for the presence of any non-bundled software or any non-default settings to
get a rough idea.

------
ttflee
> you’ll need a compatible GPU and graphics drivers (WDDM 2.5 or newer)

Does WMMD 2.5 require drivers to implement SR-IOV capability for GPU? Or does
Microsoft used some architecture similar to mediated device in VFIO?

------
foxX
Will it be possible to test-install the bi-yearly updates in this and avoid
getting my workstation bricked?

------
forapurpose
Mods: Would you fix the link? Currently it is the following (410 characters;
you'll have to find a way to read it):

[https://techcommunity.microsoft.com/t5/Windows-Kernel-
Intern...](https://techcommunity.microsoft.com/t5/Windows-Kernel-
Internals/Windows-
Sandbox/ba-p/301849?ranMID=43674&ranEAID=je6NUbpObpQ&ranSiteID=je6NUbpObpQ-
_UZUOlZ2ZyTOTejYypcnAQ&epi=je6NUbpObpQ-
_UZUOlZ2ZyTOTejYypcnAQ&irgwc=1&OCID=AID681541_aff_7795_1243925&tduid=\(ir__i0avhykzmgkfrw2i0ckzh9lp2u2xhyajo2v1pvjr00\)\(7795\)\(1243925\)\(je6NUbpObpQ-
_UZUOlZ2ZyTOTejYypcnAQ\)\(\)&irclickid=_i0avhykzmgkfrw2i0ckzh9lp2u2xhyajo2v1pvjr00)

I'm not going to try to parse and decode that, but it's mostly unnecessary and
my security software thinks it's an XSS attack (a false positive, I would
guess). This link works:

[https://techcommunity.microsoft.com/t5/Windows-Kernel-
Intern...](https://techcommunity.microsoft.com/t5/Windows-Kernel-
Internals/Windows-Sandbox/ba-p/301849)

------
plq
How detectable will it be? I doubt this will make the lives of malware
analysts any easier.

~~~
n-gatedotcom
As much as hyper-v. Without sounding disparaging (because this is really
cool), its just a one-click application-on-windows-on-hyper-v. So all the pros
and cons come with it.

~~~
plq
Yeah, I assumed that "sandbox" implied some smarter isolation technique closer
to eg Linux namespaces instead of just app-v in a new shiny packaging. Nothing
new for the malware-analysis use-case.

------
kerng
This is great! I was waiting for something like this for a while. Can't wait
to try it out.

Now we need the same for Android and iPhone, so we can run our apps in true
isolation. I dont want apps to be anywhere near my actual data and contact
information on the phone. Just mimic some fake contacts or whatever for
majority of apps.

------
jaimehrubiks
I feel it lacks some features like being able to preinstall software such as
adobe reader on the virtual desktop.

------
euph0ria
I wish they would have added the option to have the data persist. I have a
bunch of software that I run only a few times per year, but I don't want to go
through the hassle of re-installing it every time I need to run it. It would
have been so much more useful if the data could persist.

~~~
excalibur
Wouldn't that make it an ordinary VM?

~~~
Too
Ordinary VM takes several GB of storage to store the whole guest OS. A docker
image is only as big as the delta inside it and you can easily persist data
outside of it with docker volumes.

------
fuzzy2
Based on Hyper-V? Bummer. I use VMware Workstation at work and that’s not
going to change.

~~~
ToFab123
I could but I won't. What keeps me on VMware if that I can easily expand the
vm to use 1 or more monitors. I am not sure if hyperv handles resizing of the
window as smooth as VMware the adjust the display settings in the client. Last
time i checked hyperv (rdp) just gave me scrollbars. It is probably antitrust
concerns that is the reason why Microsoft never has improved the RDP client.

~~~
JaRail
I haven't used HyperV in a while. I rarely connected to VMs via the hyperv
console, just for installations or cases where windows wasn't booting
properly. I use MSTSC (MS Terminal Services Client). That has supported
multimonitor for the 12 or so years I've used it.

~~~
ToFab123
Yes, it does support multi monitor no problem. VMware has a couple of buttons
in the tools bar that allows you to go from using 1 monitor to 2 or 3. It then
adjust the screen resolution inside the guest vm and of course you can go back
to one monitor. I believe MSTSC reguires you to start it with a switch /span
or something and then you need to close the RDP window and launch it again if
you want to add / remove monitors.

~~~
JaRail
I'm trying to think when exactly the GUI was updated. I think somewhere around
Vista. You can just check "use all my monitors for the remote session" in the
Display tab.

I'll admit that with a triple-monitor setup, I've sometimes wanted to remote
in with only a dual-screen setup. So it wasn't perfect for me. It certainly
did fine for my 95% use-cases. Having to reconnect to adjust desktop size just
was never a big deal for me.

Maybe adjusting sizes is more of an issue for people today. If I was using a
laptop and constantly docking/disconnecting external monitors with a large
number of active connections, it'd annoy me to have to completely reconnect
each time.

------
zelon88
> 11\. Confirm that the host does not have any of the modifications that you
> made in Windows Sandbox.

This item on their "Quick Start Guide" doesn't fill me with confidence.

Any takers on how long before an escape is disclosed? I think within 30-60
days.

------
ChuckMcM
This is pretty cool, I know where I'm going to run my browser from now on :-).

~~~
saagarjha
In case that wasn’t sarcasm: you probably don’t want to run your browser in
this, since it already has a sandbox and you’ll have a measurable performance
penalty by running in a virtual machine.

~~~
ChuckMcM
It wasn't sarcasm, although I don't know if it would become my daily driver
either.

Performance is a non-issue for me, generally the browser performance is
limited by pages waiting for ad networks to serve up ads. A pi-hole helps (and
running in a VM/Sandbox lets you run the filtering DNS server as a local
process pretty easily.

Lack of local data persistence is similarly a non-issue as the reason for
running this way is to drop tracking cookies etc that fall out of a browsing
session like leaves on an autumn day.

If it had some built in way to defeat the dozen other ways in which a browser
can be fingerprinted, then it would be perfect.

Just a simple way to avoid the ad trackers and keep my actual stuff safe from
the evil doers on the web.

------
cm2187
I'm glad to finally see some innovation on Windows that is not user hostile.

~~~
lvs
It could just be that we simply haven't had time to figure out the manner in
which it's hostile.

------
petra
It would have been very useful to have something that support persistence(you
can install a program in isolation and use it over time). This does not
support that.

Are there any good alternatives, that do support persistence ?

------
novaleaf
About time! However this is for Win10Pro or higher.

If you run an older/cheaper version of windows, I can recommend:

[https://www.sandboxie.com/](https://www.sandboxie.com/)

------
empyrical
In addition to the use-case of running untrusted applications safely, I think
these light weight and ephemeral execution environments would be amazing for
continuous integration as well!

------
herpderperator
> Additionally, since Windows Sandbox is basically running the same operating
> system image as the host we also allow Windows sandbox to use the same
> physical memory pages as the host for operating system binaries via a
> technology we refer to as “direct map”.

> In other words, the same executable pages of ntdll, are mapped into the
> sandbox as that on the host.

> We take care to ensure this done in a secure manner and no secrets are
> shared.

I would really like to see that last point elaborated. They claim it's
completely separated from the host, yet they say it maps to the same physical
memory, yet somehow it's done securely.

------
morrbo
Honest question: is there telemetry in the sandbox, and are the names, hashes
or anything similar sent back to Microsoft?

------
fro0116
Microsoft actually has this nifty thing meant for IT admins called App-V, that
allows you to create immutable application packages that execute in an
isolated environment where changes made to the local system default to copy-
on-write and are redirected to a centralized location (including both
filesystem changes and registry changes).

It's actually been integrated into Windows 10 Enterprise edition for quite a
while now, and I personally use it to package up a lot of the apps I use on a
daily basis, delivering the packages through a network drive and synchronizing
the centralized state store with Syncthing for mostly seamless cross-device
roaming. (You can download the App-V Sequencer from the Windows 10 ADK to
package some apps to try it out for yourself, if you happen to have a copy of
Windows 10 Enterprise: [https://docs.microsoft.com/en-us/windows-hardware/get-
starte...](https://docs.microsoft.com/en-us/windows-hardware/get-started/adk-
install))

This actually works fairly well for most apps, but unfortunately the isolation
isn't perfect, and some apps for inexplicable reasons manage to get around the
App-V sandbox and read/write to the local filesystem directly (Especially apps
that have some kind of licensing mechanism, where licensing state can't be
properly isolated and synchronized. Though you could definitely argue that's
the licensing mechanism working as intended, in my view it still represents a
technical failure on the part of the sandbox that this can happen), forcing me
to install them locally instead of keeping them as isolated App-V packages.

I was hoping this would basically be App-V but with better isolation through
the lightweight virtualization layer they built for windows containers (and
with less restrictive licensing. Seeing lots of valid criticism on licensing
here, but from where I stand, Pro and above is still much more accessible than
App-V's Enterprise-only), but looks like they can't quite serve the same use
cases just yet.

App-V isolates state changes, but those isolated state changes are persisted
on disk, so when properly configured, you can use an app across multiple
sessions, closing and reopening at will without losing state, as if it was
locally installed.

Sandbox also isolates state changes, but those state changes seem to be
ephemeral and will be discarded upon closing the app. This means it's only
useful for running apps that are mostly stateless or for experimenting with
untrusted apps. There's nothing wrong with serving those use cases, but to
someone who's been feeling the pain from App-V's poor isolation, and someone
who's been watching immutable application ecosystems like Nix, Guix, Flatpak,
Snaps, etc, flourish in the Linux world, it does seem like a missed
opportunity. Definitely hoping they're planning to extend it to also support
the same use cases as App-V in the future.

------
niii
I was excited by the premise, but the execution is all wrong. What I had hoped
to see was a webbrowser based sandbox environment, that I could quickly access
from my mac (or windows for that matter) to achieve the same results.

The current execution is nuts and doesn’t make any sense.

------
romanovcode
Can you run 3d applications like old games on this thing?

------
apapli
Prerequisite: AMD64. Does that mean it will work with my Ryzen, but no intel
chips?

That’s a nice win for AMD at the expense of intel if true for corporate
environments.

~~~
manigandham
AMD64 = x64 = x86_64 = common names used to describe the 64-bit x86
instruction set that both Intel and AMD CPUs support. It was just first
designed by AMD.

~~~
apapli
Thanks for the clarification!

------
mapcars
Plan 9's features from 1990 coming to windows in 2018?

------
natmaka
On Linux Firejail/Firetools offer such functionality.

~~~
fulafel
Firejail is based on the same type of tech as containers, namely process
restrictions that you can activate on a per namespace basis. The MS sandbox is
a separate VM with its own sandboxed kernel, which sounds like stronger
isolation on the face of it.

~~~
natmaka
You are right but I stand my point, the main functionality (isolation) is the
same. One may indeed prefer a stronger isolation and be ready to accept a
larger memory footprint, less easy ways to fine-tune isolation in order to let
the isolated software access to some system-wide resources...

------
CyberDildonics
20 years late is better than never.

------
make3
"Graphic virtualization" so could someone who isn't me use this to safely run
pirated games?

~~~
blauditore
Theoretically yes, but it would probably take a considerable performance hit.

~~~
senectus1
depending on the pirated game this might be a good thing :-P

~~~
thecatspaw
in what game is a performance hit desirable?

~~~
Zekio
Some games physics engines break down once you go past a high enough
framerate, such as the fallout games a performance hit would likely keep you
below the 125 fps where it begins to break

------
revanx_
This is not a sandbox. All this does is launch windows in hyper-v virtual
machine and configures the virtual environment automatically for you.

You could achieve all of this yourself manually and you still wouldn't call it
a sandbox, you would call it VM.

~~~
crummy
Can't you use a VM as a sandbox?

~~~
revanx_
Sure, I just don't think they should advertise this as such because it's
nothing more then a VM. It's not some new windows feature, you could do this
same thing since Windows 8.1 using hyper-V or since windows XP using something
like Virtualbox.

A proper sandbox would be if you could run a program in the same operating
system with an isolated execution environment, similar to how sandboxie does
it.

