Safer browsing
Windows CoPilot generated design featuring windows sandbox

Safer browsing

The safest way to browse is built into windows 10/11 (except for windows home machines)!

In these days of powerful computers, you have probably heard of Virtual Machines (VM) - but maybe don't know what they are, how to use them, or why you would. Let's start with what a VM is. You can think of a VM as a copy of an operating system running it an isolated part of your machine. Things that happen in the VM don't happen on the core of your system - but rather in a "virtual" environment - the vm can't "see" your C drive, registry, boot information, etc.

To anything running within the VM it looks like they completely own the space they are working in. But when you shut a VM down - everything in it stops. And if you remove the VM anything that happened inside that VM is gone - as if it never happened.

Wouldn't it be cool if you could run things inside a VM to see if they were dangerous, or you weren't quite sure where surfing might end you up and you wanted to avoid any resulting infections? And wouldn't it be super cool if that were easy and simple to do, without a lot of technical knowledge? Well it turns out.... it is!

Windows Sandbox

Windows 10/11 has a built in feature called Windows Sandbox. What that feature does is give you a virtual machine that you can spin up - do stuff inside - then, when you exit, it all disappears - forever. So using windows sandbox to (for instance) edit a document might not be a good idea (the document will disappear when you exit the sandbox) but using it to surf to a site you found in Google you're just not sure about? Or to download and run that open source software your boss asked you to test? Perfectly valid use - AND EASY!

Turn it on

Turning on Windows Sandbox couldn't be easier, but your machine must be capable of running a virtual machine, and you should have enough memory to make that practical. I recommend at least 16gb of RAM. If you can't install windows sandbox, it's probably because your machine is too old. You will also need admin access to your machine. If you don't have that, ask your system admin to help you.

To install it hit the start menu, type in the word FEATURES and choose TURN WINDOWS FEATURES ON AND OFF. Scroll to the bottom of the list and check Windows Sandbox (it's unchecked by default). Then hit ok. It will install, and probably ask you to reboot to complete the installation.

Use it

Once windows sandbox is on (and you've rebooted if it asks you to), using it is super easy. Hit the start menu again and type in SANDBOX - Windows sandbox should show up - right click that and pin it to your task bar. You'll get a blue icon that looks like a rectangular box. Need a sandbox? Click it!

What happens when you create your sandbox is you'll get another window that looks like - a blank desktop without any apps. Perfect. It will have the Edge Browser, so if all you're doing is browsing, fire that up and run it. You won't have any of your passwords or shortcuts, but anything that happens on THAT instance of edge will also disappear when you are done, and not affect your normal browser. Malware gets installed? No biggie - just exit the window and it's gone. Something tries to write files to your C drive? install a cookie? etc? All gone when you exit - the "c" drive is a virtual drive.

If you want to install a program to test it, drag the installation file or directory to the desktop on the virtual machine, and run it there.

Exit and everything is gone!

Done with your session? closing the Virtual Machine image erases everything that happened inside that session.

Is it perfect?

Nothing is perfect security wise, but doing sketchy surfing or testing out a software install inside a virtual machine gives you an extra layer of security. Remember though - your virtual machine doesn't have antivirus (unless you installed it after running it) and running something in a VM still gives it access to your network (the same access as you have) or it couldn't see the internet. So a malicious actor could still gather information about your internal servers, or try to access secure information on your net. It's not perfect - but it is an extra layer of protection, and lets you test certain types of programs.

It won't keep you from clicking through on that malicious login program and revealing your password, or approving a 2fa you shouldn't. We are just adding another tool to your toolkit.

Do it today - it hurts nothing to install it, and it might come in handy. I now use this:

  • Whenever I'm accessing a customer's machine - if they have an infection it only gets as far as my vm, and none of the data from the last machine I accessed survives to the next one.
  • Whenever I am clicking links found in google, bing, etc. You never know where those lead - they are most common way that users stumble onto sites with malware, scamware and adware infections. I do all my searches inside a VM.
  • To test installation options when installing software
  • When I find links in emails I'm not sure about. I just copy the url and paste it into the VM's browser address bar. That way if popups start happening or the machine acts weird, or it tries do download something, the rest of my machine is protected.

Windows Sandbox - Windows Security | Microsoft Learn

要查看或添加评论,请登录

Lee Drake的更多文章

  • Trump voters aren't stupid?

    Trump voters aren't stupid?

    But here's why we think they are Lifted from another post..

  • Navigate the confusing world of "CoPilot" licensing

    Navigate the confusing world of "CoPilot" licensing

    So by now you've probably been overwhelmed by Microsoft renaming everything "CoPilot" like they do every time the get…

  • Robots are taking over the Nazareth University Golisano Training Center!

    Robots are taking over the Nazareth University Golisano Training Center!

    Rochester, NY October 26th -- FIRST ? Robotics Competition Team 1511 Rolling Thunder from Penfield, N.Y.

    1 条评论
  • Microphone Drop

    Microphone Drop

    I'm retiring For over 42 years I have been getting up every morning, putting my tech support hat on, or my owners hat…

    48 条评论
  • Don't use oneDrive to share files for collaboration!

    Don't use oneDrive to share files for collaboration!

    As usual Microsoft terminology and structure makes some things more confusing than they need to be. Microsoft has a…

  • My email is bouncing!

    My email is bouncing!

    Now what? All of a sudden customers are saying "I'm not getting emails from you" or you're receiving bounce messages in…

    4 条评论
  • Microsoft unbundles teams

    Microsoft unbundles teams

    Which means teams users will be paying more for the privilege. Microsoft has unbundled teams from the costs of…

    13 条评论
  • How cloud backup saved my bacon

    How cloud backup saved my bacon

    So your business data is in the cloud - oneDrive, Exchange online, google drive, google apps, etc. It's safe right?…

  • Updating windows applications

    Updating windows applications

    A useful tip for keeping Windows applications up to date If you have a windows computer, no doubt you have tons of…

  • 2FA and you

    2FA and you

    12 tips for better two factor authentication management These days if you haven't heard of 2fa (2 factor…

社区洞察

其他会员也浏览了