Windows Sandbox
-
Has got to be the coolest feature added to Windows in a while. Don't need to mess with a permanent Windows VM these days and there's WSL rather than a using a Linux one. But oh yeah, when you need a quick OMG VM for Windows... it's totally cool.
Jeremy Falcon
-
Many of the newer security features being added to Windows 11 use sandboxes by default. In fact, when you turn on some of the Windows 11 security features, Windows 11 becomes a virtual machine running in partition zero of the Hyper-V client.
That's cool to know.
Jeremy Falcon
-
dandy72 wrote:
I'm not knocking it - but given everything gets wiped on every shutdown, what are some usage scenarios that, in your opinion, makes it "better" than a VM, given that you can create checkpoints and roll them back? Is it somehow "more isolated" than a VM might be by default, that sort of thing?
It's quick and convenient. A no brainer. There will always be people that prefer bare metal and those that prefer VMs. For those that deal with graphics, video editing, etc. bare metal is very valuable. And this is just a cool little way to pop up an isolated environment and get on about your day if you're a bare metal type of person. If you live in VMs... you do you. It's still cool though. As for me, I just buy new machines now if I want a different OS as I personally don't have a need for snapshots. So, it's cool.
Jeremy Falcon
Are you *sure* this sandbox is running on bare metal? 'cuz if I look at Device Manager, it's showing Hyper-V drivers managing the hardware, including the hard drive, the NIC, the video hardware, the audio hardware, etc...just like my VMs do. HKLM\HARDWARE\DESCRIPTION\System\BIOS is showing the Hyper-V BIOS just like my VMs do. Open Hardware Monitor shows all components using the same virtualized identifiers just like my VMs do. And to top it all off, the [documentation](https://learn.microsoft.com/en-us/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview) tells you that if you want to run that sandbox in a VM, you have to enable nested virtualization. Sure doesn't look like bare metal to me.
-
Are you *sure* this sandbox is running on bare metal? 'cuz if I look at Device Manager, it's showing Hyper-V drivers managing the hardware, including the hard drive, the NIC, the video hardware, the audio hardware, etc...just like my VMs do. HKLM\HARDWARE\DESCRIPTION\System\BIOS is showing the Hyper-V BIOS just like my VMs do. Open Hardware Monitor shows all components using the same virtualized identifiers just like my VMs do. And to top it all off, the [documentation](https://learn.microsoft.com/en-us/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview) tells you that if you want to run that sandbox in a VM, you have to enable nested virtualization. Sure doesn't look like bare metal to me.
dandy72 wrote:
Sure doesn't look like bare metal to me.
I never once said it wasn't using Hyper-V. I said some folks prefer running on bare metal and for those that do it's a cool feature. At this point, you're just looking to argue. I'm not going to entertain you.
Jeremy Falcon
-
dandy72 wrote:
Sure doesn't look like bare metal to me.
I never once said it wasn't using Hyper-V. I said some folks prefer running on bare metal and for those that do it's a cool feature. At this point, you're just looking to argue. I'm not going to entertain you.
Jeremy Falcon
Jeremy Falcon wrote:
I said some folks prefer running on bare metal and for those that do it's a cool feature
Then I misunderstood and apologize - I was under the impression you were suggesting the sandbox was running on bare metal (as opposed to being virtualized), and because of that, that was preferable (for those who prefer it that way). With my response, I wasn't trying to argue what might be "preferable" (that's all that is, a preference, and there's no good or bad answer to that); I was only saying that, based on my observations, it *is* virtualized...and so if someone's trying to avoid virtualization, than this sandboxing isn't the right solution. Arguing was never my intent. I was more interested in discussing the architecture from a technical perspective. But cool beans, man, we're good, and I'm happy to leave the discussion at that.
-
Jeremy Falcon wrote:
I said some folks prefer running on bare metal and for those that do it's a cool feature
Then I misunderstood and apologize - I was under the impression you were suggesting the sandbox was running on bare metal (as opposed to being virtualized), and because of that, that was preferable (for those who prefer it that way). With my response, I wasn't trying to argue what might be "preferable" (that's all that is, a preference, and there's no good or bad answer to that); I was only saying that, based on my observations, it *is* virtualized...and so if someone's trying to avoid virtualization, than this sandboxing isn't the right solution. Arguing was never my intent. I was more interested in discussing the architecture from a technical perspective. But cool beans, man, we're good, and I'm happy to leave the discussion at that.
dandy72 wrote:
But cool beans, man, we're good, and I'm happy to leave the discussion at that.
Fair enough. And sorry if I sound on edge... it's just I am. You know how it is online these days. :laugh:
Jeremy Falcon
-
dandy72 wrote:
But cool beans, man, we're good, and I'm happy to leave the discussion at that.
Fair enough. And sorry if I sound on edge... it's just I am. You know how it is online these days. :laugh:
Jeremy Falcon
Jeremy Falcon wrote:
Fair enough. And sorry if I sound on edge... it's just I am
*Everyone* seems on edge after these last few years. Besides, it's sometimes difficult to tell what's intentionally confrontational vs what isn't...and I've been known to sometimes choose my words poorly. :-)
Jeremy Falcon wrote:
You know how it is online these days
If you're only on edge when online, then you're doing better than a lot of people.
-
Jeremy Falcon wrote:
Fair enough. And sorry if I sound on edge... it's just I am
*Everyone* seems on edge after these last few years. Besides, it's sometimes difficult to tell what's intentionally confrontational vs what isn't...and I've been known to sometimes choose my words poorly. :-)
Jeremy Falcon wrote:
You know how it is online these days
If you're only on edge when online, then you're doing better than a lot of people.
dandy72 wrote:
If you're only on edge when online, then you're doing better than a lot of people.
Weeeeellllll.... to be honest it's offline too. Regardless of where I've moved to in the past several years, I always seem to move next to stoners lighting it up. I don't want to breathe that crap and get a second hand high. I'm sure everyone has their issues though, economy, etc. But, I don't see how getting the world stoned is gonna help.
Jeremy Falcon
-
dandy72 wrote:
If you're only on edge when online, then you're doing better than a lot of people.
Weeeeellllll.... to be honest it's offline too. Regardless of where I've moved to in the past several years, I always seem to move next to stoners lighting it up. I don't want to breathe that crap and get a second hand high. I'm sure everyone has their issues though, economy, etc. But, I don't see how getting the world stoned is gonna help.
Jeremy Falcon
-
Jeremy Falcon wrote:
But, I don't see how getting the world stoned is gonna help.
In my (limited) experience, stoners are pretty mellow; seems to me the only thing most of them worry about is what they're gonna do when they get the munchies. :-D
That's just it... I'd wish they worried about the other people they affect with their stank. It's strong now. Your neighbors will smell it. Take an edible if you want to waste your life. At least it's only your life you're wasting.
Jeremy Falcon