What are Sandboxes and should you use one?
Last Updated on January 19, 2021 by Travis Kipp
What are Sandboxes?
If you were lucky, when you were a kid, you had a sandbox to play in. Ah, the memories. Unfortunately, that’s not what we are talking about today but this technology does get its name from them. Computer sandboxes give software running in them a place to reside while being isolated from the rest of the system. The idea is to run untrusted software in this safe area just to make sure it doesn’t do anything damaging to the rest of the system. A playground of sorts, hence the term sandbox.
Windows 10 Sandbox
Windows 10 now has a nifty Sandbox feature built into the operating system. There are some catches, though. You need to be running the Windows 10 May 2019 update or newer and running either Pro or Enterprise to utilize this feature. Unfortunately Home users cannot take advantage of this feature. Your CPU also needs to support virtualization and be enabled in the BIOS. Finally, the Windows Sandbox feature needs to be enabled in Windows Features. The Windows 10 Sandbox is like running factory default Windows install inside of Windows. Every time it boots up, it’s a default install.
Why Should I Use This?
Lets say you are looking at some new software you want to try. Before installing it on your machine, launch the Windows Sandbox and download and install it from there. Then test out the software for awhile. If the software turns out to be malicious, your machine is completely protected as the software is running in an isolated environment. All you need to do is close the Sandbox window and you’re good to go. Next time you launch the Windows Sandbox, it’ll be back to a default install. It’s like nothing happened at all.
Another solution is Sandboxie. I was recently made aware of this solution. This software is similar to the Windows Sandbox, however, it runs more akin to traditional software you’d install on Windows. This software was made by SOPHOS. They recently made it open source and has been rebranded as Sandboxie-Plus. If you’re not familiar with open source software, it simply means the source code is available for anyone to view. This allows people from around the world to suggest edits and make improvements to the software. It’s quite a powerful tool to give anyone the ability to check your work and make corrections as needed.
The Use Case for Sandboxie-Plus
If you are on a version of Windows that does not support the Windows Sandbox, Sandboxie-Plus is a good alternative. This software allows you to Sandbox any program already installed on your computer. If you want extra protection while running a program, this is a good idea. Not every program will cooperate with this but it doesn’t hurt to try. A good program to try is your web browser. Browsers are at the forefront of security these days. Almost everything we do involves one. They are constantly being updated and are rather proactive in security measures but it doesn’t hurt to give them an extra layer of security. Sandboxie-Plus is quite simple to use. It lets you launch any program on your computer. Sandboxie-Plus does this by giving a list of programs in the start menu and you can select which one you want to run. Also, it has different levels of sandboxes. For instance, they have a more hardened sandbox option which takes extra precautions to isolate the software from your system.
What About a VM?
A virtual machine or VM is also another option. They do exactly as you’d think, they create a virtual computer using software. The software then manages your physical computer’s resources and allocates some to the virtual computer. They are more secure than a sandbox but they also have more overhead. Just like the Windows Sandbox, you need to have a CPU which supports virtualization and be enabled in the BIOS. Not to mention you need to have another copy of Windows lying around and on top of that, you need to install Windows into the virtual machine. A way around this is to install Linux in a virtual machine, however, the program you are concerned about needs to be available for Linux as well. In order to run a virtual machine, you need to install a hypervisor. This is just a fancy term for the program which manages the physical computer’s hardware and allocates them to the virtual machines.
A sandbox is a useful tool to test untrusted software before fully adopting it. If you’re running a computer that supports the Windows 10 Sandbox, I’d opt for that over Sandboxie-Plus. If your computer doesn’t support it, then Sandboxie-Plus is a good alternative. A true virtual machine is another option to test untrusted software, but it does come with many drawbacks including enough system resources to run and another Windows license.