Submitted via IRC for SoyCow1984
Microsoft is trying to address the fear of running an unknown .exe on your PC. While some power users set up virtual machines to check unknown apps, Microsoft has developed a simple way for anyone running Windows 10 to launch apps in an isolated desktop environment. Windows Sandbox is a new feature coming to Windows 10 next year that creates a temporary desktop environment to isolate a particular app to that sandbox.
It's designed to be secure and disposable, so once you've finished running the app in this mode the entire sandbox will be deleted. You don't need to set up a virtual machine, but it will require virtualization capabilities enabled in the BIOS. Microsoft is making Windows Sandbox available as part of Windows 10 Pro or Windows 10 Enterprise, and it's clearly aimed at businesses primarily or power users.
Technical details: https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Windows-Sandbox/ba-p/301849
(Score: 5, Insightful) by stormreaver on Thursday December 20 2018, @09:01PM (1 child)
Or equally likely, malware writers will learn to detect the sandbox, and act accordingly.
So this is yet another in a long line of useless misfeatures Microsoft dreamed would somehow make Windows more secure. As is usual with Microsoft, it will have the opposite effect: it will make Windows less secure because it will impart a false sense of security, making users more careless.
(Score: 2) by edIII on Friday December 21 2018, @12:11AM
I'm not sure sandboxing even works anymore for that reason. Proof of concept has already been demonstrated in detecting virtualized environments by a running program. Tails can detect if you're running it in a VM, or bare metal. Beyond that, it's been demonstrated that you can escape the VM and affect other processes. Leak encryption keys from virtualized processes that are running alongside the VM. I don't see how sandboxing is any different, or what makes it magically impossible to escape.
Then there is how M$ is going to implement it, and whether that implementation is sound or botched. Considering how utterly fucking horrible 8, 8.1, Metro, and all their new shiny UI that doesn't work for shit, I'm not confident in what they can build anymore.
Only safe way to test an .exe is a bare metal dedicated unit that can only communicate by temporary file sharing. Enable the networking connection, transfer the file, test the program, reimage the test device, analyze the network traffic and program operation, and then decide if the program is safe.
Personally, the only way I would consider a program safe in this day and age is if I could download the source code from a FOSS repo with many eyes on it. One where the author can cryptographically sign it, I can verify it, and the compile the program for my system.
Running strange binaries? This is like providing a protective condom for very questionable prostitutes. The better decision is just to not use strange binaries at all.
Technically, lunchtime is at any moment. It's just a wave function.