Sandbox in Windows - an overview of the built-in utility and third-party software

Have you ever downloaded an executable file (an .exe file), but were afraid to launch it, for fear that it might just blow up your entire system? You want to have a test machine or, best of all, a virtual PC on which to experiment with suspicious software, but also do not want to create it from scratch. Microsoft tried to solve this problem with the new Windows feature - Sandbox.

Using the sandbox on a computer in Windows.

What is a sandbox

Sandboxes reproduce at least the minimum functionality necessary for accurate testing of programs or other developed code (for example, using the same environment variables or access to a database identical to that used by a stable previous implementation, intended to be changed; many other possibilities, since specific functional needs vary greatly depending on the nature of the code and the applications for which it is intended). Developers also offer alternative ways to use sandbox functions. For example, the program Sandboxie.

What is a sandbox on a computer? The sandbox concept (sometimes also referred to as a working directory, test server, or development server) is usually built into version control software, such as CVS and Subversion (SVN), in which developers "extract" a copy of the source code tree to learn and continue. Only after the developer has fully tested the code changes in his own sandbox, these changes should be returned and merged with the repository and thus provided to other developers or end users of the software. From a computer security point of view, a sandbox is a mechanism for running programs safely in an environment from which it cannot influence other programs and has limited resources to use. Here are a few places where sandbox technology is used:

  • Browsers, such as Chrome / Firefox, use a sandbox to launch pages / plugins / parts of pages, such as iframes inside a sandbox.
  • Network software — programs like FTP have options to set up Chroot. At the same time the user will be limited within the directory.
  • Virtual machine - they emulate the entire OS in the sandbox.
  • Linux Chroot - on Linux systems there is a chroot command (change the root), in which the user can change the root from / to some subfolder, for example, / mnt / new / root, and, therefore, all programs launched later will process / mnt / new / root as /. Thus, all their actions are limited inside the subfolders.

No matter what you want to do, Windows probably has the software to make it easier. The only problem is that you cannot trust every download from free software download sites or from an unknown developer. The reason for this is simple: software downloaded to a PC may be unstable, bundled with adware, or may even be infected with a virus or malware. To handle this, you can put the application in the sandbox and try it.

Microsoft has added a way for Windows 10 users to easily check unknown applications without jeopardizing their PC in the process. Once an instance of the sandbox is created, it acts as a clean installation of Windows, which only takes about 100 MB on the hard disk. Just create an instance, run any application you want to test, and close out of the sandbox when you're done. The introduction of the sandbox function directly in Windows, of course, will be a boon for corporate and private users who need to constantly maintain the efficiency of the PC. Microsoft hopes that this will be an effective replacement for the virtual machine setup process every time you need to test a new executable file without risking harm to your full Windows installation.

This is a lightweight virtual machine created on the basis of technologies used with Windows containers. It is a lightweight virtual machine that mimics Windows 10 installed on a PC using a so-called dynamic base image, a set of clean copies of files that can be changed, and links to them. Therefore, the size of the virtual sandbox machine is only 25 MB if it is not installed, and will be increased to 100 MB if it is installed. The software is similar to a regular application that you can search and find directly from the Start menu. When activated, it runs in the same way as another virtual machine running on top of your current system, except that the system in the sandbox is, in fact, a new, fresh version of your main system. From there you can copy and paste executable files and run them inside.

How to install and configure the sandbox

To install and use this great new feature in Windows, you will need a computer that:

  • running at least Windows 10 Pro or Enterprise build 18305;
  • 64-bit version;
  • has the possibility of virtualization in the BIOS;
  • It has at least 4 GB of RAM, 1 GB of free space and 2 CPU cores.

How to enable and configure Windows Sandbox:

  • Click “Start”, enter “Windows functions” and click “Enable or disable Windows functions”.
  • Check the box "Sandbox" in the window "Windows Features" and click "OK".

After completion, restart the computer and everything is ready.

Why the sandbox does not work

First of all, make sure that virtualization is enabled on your system. You can find out by going to the Performance tab in the task manager. If all requirements are met, let's check if this update KB4483214 is installed. Apparently, it breaks the Windows Sandbox while trying to fix another error. Go to the "Installed updates" section on the control panel, right-click the patch and delete it. Restart your computer and the Windows Sandbox will work again.

How to use Sandboxie

On the Internet, we do a lot of things that threaten our identity, data and PC. Sometimes we are not even aware that what we are doing can cause harm. If you use the Internet, browsing gifs with cats or trying experimental software, you can do harm, no matter what you do on your PC. This is where Sandboxie comes in handy. Sandboxie allows you to isolate programs, websites and more so that they cannot make changes to your computer. Using Sandboxie is easy. To add a sandbox, open "Sandbox Management", click "Sandbox" and select "Create a new sandbox". If you decide not to restore the files, you can always view and launch them in the sandbox later: open “Control”, right-click the desired “sandbox” and select “Quick Recovery”.

To install Sandboxie, go to the Sandboxie website and download the program. During the installation, you will be prompted to install drivers for Sandboxie. This may seem like a strange ball request from such a program, but it is necessary for the problematic integration of Sandboxie to work on your computer. You will also be warned about software compatibility issues on your system. Scroll through each one and select add settings to work in Sandboxie. If you do not plan to use these programs in Sandboxie, you can refuse to change these settings and move on.

When you first open the Sandboxie, you’ll see what it does with its basic settings and several features. Sandboxie is similar to a primitive program based on the user interface, but its simplified design allows you to focus on the background to isolate what you are opening. Click "Customize." Sandboxie allows you to almost completely control the system. You can create an alert program. They warn you when certain programs, processes, and more open outside of Sandboxie. This can alert you to malware and things opening up on your computer that programs cannot detect. You can also fully control how Sandboxie integrates into the Windows shell. It allows you to add shortcuts, shortcut menu shortcuts and more. The experimental protection mode provides more detailed protection settings for the 64-bit version of Sandboxie.

Now click "Help". Sandboxie can be a complex program, and developers have created many help and documentation files to help users get started. It is recommended that even after reading our tutorial, you spend time studying the Sandboxie help files. Now click "Sandbox" / "DefaultBox". From here you can name your sandbox, delete it, change the settings and even delete the contents or complete the programs running in it. Click “Run sandbox”. From here, you can launch a web browser, email reader, any program, Start menu items, or the Windows Explorer process.

Click Launch Web Browser. A default web browser, such as Chrome, will open. Sandboxie does not support fullscreen mode. While the program is surrounded by a yellow frame, it is in the sandbox. This protects the browser, the program, or whatever you open, from making any changes to your operating system. If you return to the Sandboxie window itself, you will see various processes associated with running the program. If something is malfunctioning or causing problems, you can interrupt this process by right-clicking on it and selecting “End Process”.

Click “DefaultBox” again, then click “Start Isolated Environment”. Select "Run any program." Now you can go to any program in Windows and run it in the sandbox. You can even select the "Run as administrator UAC" checkbox to get full access to the program's features. If you select “Start from the Start menu, you can go through the elementary Start menu to open the item in the Sandbox. Sandboxie also uses right-click commands to open any document, program, or other item in Windows in the sandbox. This is just the basics of how to get started with Sandboxie. The more you use Sandboxie, the more you will see how it can protect your computer from unauthorized changes. Sandboxie offers an interesting way to use programs and browse the web on a Windows computer.

The best sandbox for Windows 10

The sandbox is a virtual environment in which you can install and run new or unreliable applications without harming your system. Here are some of the best sandbox applications for Windows available.

Bitbox

This tool is specifically designed for web browsing in the sandbox environment. It comes in both Chrome and Firefox versions, and is largely a copy of Linux for Virtualbox designed specifically for browsing, which means it requires a bit more memory than the other applications on this list. BitBox has the ability to upload files to your real PC, so it’s important that you decide whether you want this to happen and set it up accordingly. It takes important precautions such as turning off the microphone and monitoring all host-box interactions, making it a safe and secure choice.

Bufferzone

BufferZone is an isolated software tool, which means that if you go to parts of the Internet that could be dangerous for your PC, or someone gives you a USB flash drive that you don’t trust (it happens to everyone, right?), then you should run them through BufferZone. It’s easy to add different programs to run through BufferZone, and every major web browser works well inside it. One of the advantages of the application compared to other software is that you do not need to configure for a long time to run it. By storing selected actions in a protected virtual zone, BufferZone makes it impossible for malicious software to penetrate your computer via the Internet, because everything you do through it becomes “read only”, so no malicious programs can write their data to your hard drive. .

Shade sandbox

Shade Sandbox is another popular and free sandbox application. Compared to Sandboxie, the Shade user interface is much simpler, clearer and more convenient for beginners. To put the application in the sandbox, all you need to do is drag it into the Shade Sandbox window. The next time you start the application, it will be automatically placed in the sandbox. With Shade Sandbox, your entire browsing history, temporary files, cookies, Windows registry, system files, etc., will be isolated from the operating system. Any files downloaded using Shade will be stored in the Virtual Downloads folder, which can be accessed from the Shade interface.

Toolwiz Time Freeze

Toolwiz Time Freeze does not work at all like the two sandboxes described above. When you install Toolwiz Time Freeze, it creates a virtual copy of all your system settings and files and saves the state of the PC. After using the application you want to test, simply reboot the system and it will be automatically restored. This type of application is very useful when you want to fully test a program without restrictions, but do not want it to make any changes to the OS.

Shadow defender

Shadow Defender is similar to Toolwiz Time Freeze. When you install and initialize the software, you will be prompted to virtualize the system disk and any other disks of your choice. After the system has been virtualized, any changes made to it will be canceled the next time the system is rebooted. Of course, you can always specify files and folders to exclude from the shadow mode. This allows you to choose which changes to keep and which to undo. In shadow mode, if you want to save the downloaded file or commit a change to the system, all you need to do is to click the “Run now” button in the main window.

What all the above applications do is commonly known as Light Virtualization. That is, the applications you are testing still work on the host operating system, albeit in a limited way. If you want full virtualization, there is no better way than to create a virtual machine with your chosen operating system in Virtual Box or VMware. If you already have experience with one of the above applications, or you use another sandbox, share it in the comments under the article.