Also, even the most sophisticated technology, which changes only the implementation and not the design, does ultimately make the discovery of an exploit only more time and resource consuming, but not less possible, doesn't it? This obviously raises a lot of questions, because at the first glance, all this resource sharing should increase the attack surface greatly, leaving more space for exploits to be found.
It relies on the Microsoft hypervisor to run a separate kernel that isolates Windows Sandbox from the host. Secure: Uses hardware-based virtualization for kernel isolation. According to the official documentation, the Sandbox shares both the host's immutable system files, as well as the physical memory pages.ĭespite that, Microsoft seems to remain confident that their solution is secure as implied by one of bullet points mentioned in the Sandbox overview: If I understand things correctly, everything that in theory can be safely shared between the host and the guest, gets shared. Windows Sandbox claims to "achieve a combination of security, density, and performance that isn't available in traditional VMs", by leveraging a different approach to memory and disk management. But for the purpose of this question, let us just consider the host-guest scenarios. Of course, that is considering the VM actually does the job it's supposed to do.Ī little disclaimer beforehand - I've read the article Beware the perils of Windows Sandbox at Magnitude8, describing how the Windows Sandbox comes with a NAT pre-enabled and thus any malware running on the guest would still get a direct access to your intranet, which is already a large problem. It makes adding an extra layer of security to any thing I want to do so easy - just launch the sandbox application in a matter of seconds and you're done.
The idea of having a fast, disposable VM at the palm of my hand appeals to me very much.
0 kommentar(er)
