SN 1022: The Windows Sandbox - Short-life Certs, Ransomware Payout Stats - podcast episode cover

SN 1022: The Windows Sandbox - Short-life Certs, Ransomware Payout Stats

Security Now (Audio)
Apr 23, 20252 hr 53 minEp. 1022
--:--
--:--
Listen in podcast apps:
Metacast
Spotify
Youtube
RSS

Episode description

  • Enabling Firefox's Tab Grouping.
  • Recalled Recall Re-Rolls out.
  • The crucial CVE program nearly died. It's been given new life.
  • China confesses to hacking the US (blames our stance on Taiwan).
  • CISA says what Oracle still refuses to.
  • Brute force attacks on the (rapid) rise.
  • An AI/ML Python package rates a 9.8 (again!)
  • The CA/Browser forum passed short-life certs. :(
  • A wonderful crosswalk hack hits Silicon Valley.
  • Android to add force restarting ahead of schedule. Maybe.
  • The EFF is never happy. But especially now, about Florida.
  • Interesting research into ransomware payouts.
  • Windows Sandbox: The amazing gem hidden inside all Windows 10 & 11!

Show Notesb - https://www.grc.com/sn/SN-1022-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Sponsors:

Transcript

Primary Navigation Podcasts Club Blog Subscribe Sponsors More… Tech Windows Sandbox: The Hidden Gem in Windows 10 & 11

Apr 25th 2025

AI-created, human-edited.

In a recent episode of Security Now, Steve Gibson enthusiastically introduced listeners to Windows Sandbox - a powerful built-in security feature in Windows that many users might not know exists. As Steve put it, he's "infatuated" with this technology, noting that it's one of the rare occasions when he's genuinely impressed with a Microsoft innovation.

Windows Sandbox is a lightweight, isolated desktop environment built directly into Windows 10 (since version 1903 released in 2018) and Windows 11. It's available in Pro, Enterprise, and Education editions - though notably absent from Home editions. 

As Steve explained, Windows Sandbox provides users with:

A pristine, disposable Windows installation each time it's launchedComplete isolation from your host systemHardware-based virtualization for kernel isolationEfficient performance with minimal resource usageQuick launch times (seconds rather than minutes)

"This is clearly a win for anyone who might have any occasion to need a quick, safe, disposable instance of Windows," Steve noted during the podcast.

During the discussion, Steve highlighted several compelling scenarios where Windows Sandbox shines:

Testing unknown software: Install and run potentially sketchy applications without risking your main systemExploring the darker corners of the internet: Browse suspicious websites safely without leaving tracesExperimenting with system modifications: Test changes that might otherwise disrupt your carefully tuned desktopQuick testing environments: Create disposable test environments without the overhead of traditional VMs

What really impressed Steve was the ingenious technical implementation. Windows Sandbox isn't a traditional virtual machine - it's much more efficient:

Dynamic base image: Instead of downloading a separate Windows image, it cleverly reuses your existing Windows installationIntelligent memory management: The host can reclaim memory from the sandbox when neededDirect mapping: Uses the same physical memory pages as the host for operating system binariesIntegrated scheduler: Treats the sandbox like a process rather than a traditional VMSnapshot and Clone technology: Enables faster startup timesGraphics virtualization: Provides hardware acceleration for a smooth experienceBattery awareness: Optimizes power consumption for laptop users

"It is genius," Steve emphasized. "They're reusing all of the Windows OS files. They're reusing all of the Windows kernel's memory that's been loaded with static code."

Enabling Windows Sandbox is straightforward:

Search for "Turn Windows features on or off" in the Start menuScroll down to find "Windows Sandbox" and check the boxClick OK and restart your computer when prompted

If the option appears grayed out, you may need to enable virtualization features in your system's BIOS/UEFI settings.

For power users, Steve mentioned that Windows Sandbox supports customization through WSB configuration files. These XML-formatted files allow you to:

Disable the virtualized GPUTurn off networkingMap folders from your host systemExecute custom logon commandsConfigure audio/video sharingManage memory allocationAnd more

Steve's enthusiasm for Windows Sandbox was evident throughout the discussion. He described the experience as "the most seamless and smooth operation of a Windows OS in an OS" he's ever encountered.

"I really believe Microsoft has outdone themselves on this one," Steve concluded. "They've essentially figured out how to run an entire separate instance of Windows as an application... It's fast and lightweight and does not burn up disk space or RAM."

For security-conscious Windows users, this built-in feature offers a fantastic way to safely experiment without risking your main system - and it's been there all along, just waiting to be enabled.

Share: Copied! Security Now #1022
Apr 22 2025 - The Windows Sandbox
Short-life Certs, Ransomware Payou… All Tech posts Contact Advertise CC License Privacy Policy Ad Choices TOS Store Twitter Facebook Instgram YouTube Yes, like every site on the Internet, this site uses cookies. So now you know. Learn more Hide Home Schedule Subscribe Club TWiT About Club TWiT FAQ Access Account Members-Only Podcasts Update Payment Method Connect to Discord TWiT Blog Recent Posts Advertise Sponsors Store People About What is TWiT.tv Tickets Developer Program and API Tip jar Partners Contact Us
Transcript source: Provided by creator in RSS feed: download file
For the best experience, listen in Metacast app for iOS or Android
Open in Metacast