from the get-outta-my-sandbox dept.
Qubes-OS, the Security-by-Isolation, VM-based operating system, has concluded that a port to the Windows OS line isn't feasible. In this post, the CEO of Inivisble Things Labs outlines what she had hoped to accomplish with the port and her explaination why it was just not meant to be.
This paper [pdf] contains all the technical bits you need to know, and the explanation on why the Windows APIs and system architecture are not appropriate for the task of creating an isolation system. It also has some interesting (if that's your thing) information on the Windows security model.
Does anyone here have any experience with Qubes? Does it make sandboxing easy enough for day to day use?