Windows 10 Enterprise Getting 'InPrivate Desktop' Sandboxed Execution Feature (bleepingcomputer.com) 99
An anonymous reader quotes a report from Bleeping Computer: A recent Windows 10 Insider Feedback Hub quest revealed that Microsoft is developing a new throwaway sandboxed desktop feature called "InPrivate Desktop." This feature will allow administrators to run untrusted executables in a secure sandbox without fear that it can make any changes to the operating system or system's files. This quest is no longer available in the Feedback Hub, but according to it's description, this feature is being targeted at Windows 10 Enterprise and requires at least 4 GB of RAM, 5 GB of free disk space, 2 CPU cores, and CPU virtualization enabled in the BIOS. It does not indicate if Hyper-V needs to be installed or not, but as the app requires admin privileges to install some features, it could be that Hyper-V will be enabled. "InPrivate Desktop (Preview) provides admins a way to launch a throwaway sandbox for secure, one-time execution of untrusted software," the Feedback Hub questions explains. "This is basically an in-box, speedy VM that is recycled when you close the app!"
Re: (Score:3)
I'm a BSD/Linux head from way way back. No way would I run it for clients at a company over about 20 people. I do IT operations for a 90,000 user international 120 year old French company, I might know what I'm talking about.
Re:Seriously, though... (Score:5, Insightful)
I'm serious - bad as Linux is, at least you have some modicum of control over your destiny vs just blindly following MS, n'est pas?
Re: (Score:2)
Slow roll out. Active Directory. LanDesk Manager. Heterogeneous environment (same OS, same versions of clientware, same models of client hardware. Running IT/IS under ITIL methods. If you don't do enterprise IT then you might not be aware of all the tools out there to help.
Re: (Score:2)
I was running SUSE desktops for 40+ users mostly browser-based internal app and a custom C++ app, imaging via dd and PXE boot/tftp in 2003. It was possible, and we migrated from Windows XP over 2 months, working. All the usual OOO and stuff working , SMB shares from the preexisting Windows Server while we moved SMTP to a RHEL box
But constant complaints from management that they, they, didn't have the apps they wanted, like Office. And Outlook. Those we reverted back to XP, no big deal, except for the dev h
Re: (Score:2)
Exactly. Doesn't matter which platform you use, enterprise is non-trivial when done correctly. One nice thing about the Microsoft environment is you can mostly buy your way out of any jam via M$ or consultants. Also everything works with Microsoft. I have 34TB of archived mail on Symantec Enterprise Vault. It mostly supports Domino, until you want to extract. Then it's to the cmd line and half the time it locks up the indexer. The "Sure we support Domino" often turns out to be "we have a ten year old
Re: (Score:2)
But random idiots CAN'T figure out how to use a website, that's why a lot of people think the only thing on the web is Facebook, Twitter and Instagram.
Re: (Score:2)
Re: (Score:3)
Linux at the server level is a no-brainer. Even if you're running massive databases, nothing in the Microsoft orbit can claim to be so superior to open source , no, they can't. I live with a Cassandra system, and it is not the db engine that is the problem. They would have the same problems with MariaDB, MongoDB, Oracle, SQL Server, or DB2. We left Hadoop a while ago.
But the desktop user is different, and comparisons are pointless. Server side apps are different. That space is a real catfight between Micr
Re: (Score:1)
Re: Seriously, though... (Score:5, Insightful)
Linux is a kernel. A.distribution is an operating system. Debian is certainly consistent across the versions, and so is SLED or RHEL. Linux is also consistent with itself in this regard, sometimes painfully so.
it's an administrator's job to know how to install and maintain software. Once a company decides to use a particular OS, it will be consistent across the company. Simple as that. The end user has to know only how to click on things and how to type in things, and that hasn't changed for a generation.
All the problems that you describe are certainly not corporate problems. They are problems of a distro-hopper who is not inclined to learn the concepts behind the technology.
Re: (Score:3)
Re:Seriously, though... (Score:4, Insightful)
Part of the reluctance to move to Linux is the lack of good developer tools.
Someone probably spewed coffee when they read that, but it's true. On Windows you can grab Visual Studio and build a GUI in WPF with a backend database incredibly easily. In C# there is a library for everything, but of course even if they work under Mono they won't have been tested properly. Need cloud? A couple of clicks and you are running on Azure.
Sure, Linux is great if you want to write C++ or Python and don't mind manually managing your Qt GUI and manually connecting your database to it. From a business perspective this makes no sense. They have to hire more expensive developers to do the same job more slowly.
It's easy to laugh at a deranged baboon screaming "developers developers developers" on stage, but the Microsoft development ecosystem is actually pretty good and not just because of Windows' popularity.
Re: (Score:2)
There are plenty of good tools. What there is a lack of is people who can or want to use them.
People don't seem to have trouble using Visual Studio. If they have trouble using the tools on Linux, then they're not as usable by definition. QED, coward. Not a Windows fan here, BTW. I use Win7 because I want to play games, but if I want to do serious things, I boot Linux.
Re: (Score:2)
You see, you arrogant little prick, there's a difference between something being good, and being what people want.
In this case, there is no difference. Nor is there any difference between you and a cowardly wanker.
Re: (Score:2)
If the problem is, as the OP asserted, the availability and usability of the tools required, that's a problem which can be solved.
Can be solved != will be solved or has been solved, so your comment is irrelevant.
If the problem is that people flat out refuse to use anything and everything, no matter what, that isn't Windows or VS because it isn't Windows and it isn't VS or Outlook or whatever,
If that were the problem, you'd have a point. It isn't. Visual Studio is not only broadly considered to be the best IDE for developing Windows software, but one of the best native IDEs period — usually, the best.
IME the latter problem is the most common by far.
Your opinion is irrelevant when compared to the opinions of many, more more people than you, who say otherwise.
Not that I expect you to be able to admit to being wrong, ever.
That's because you're unfamiliar with my posting history. I have done many times. But I bet you're to
Re: (Score:3)
I use VS Code from Microsoft. I love it. It's light weight enough to be useful without a lot of work and powerful enough to get my job done. I used it when I had a windows 10 notebook, I used it on my ubuntu Dell notebook, and I use it now in my new role with my macbook pro.
Re:Seriously, though... (Score:4, Insightful)
Re: (Score:3)
I disagree.
Linux has it's place, but as an end user desktop in a production environment it's severely lacking. Software support for it is immature at best for the vast majority of products, and arcane at worst.
When it comes to web servers, I'll take linux in nearly every application of it, but when it comes to a corporate internal network? You're using windows.
seems exactly what bromium have been doing... (Score:1)
This is exactly what bromium have been doing for years now:
bromium.com [bitly.com]
regards
John Jones
Re: (Score:3, Interesting)
Bromium is way new to the game.
Protip: The smart nerds have a Write-locked PE USB made that deploys a RAMFS and essentially ignores anything else inside the computer excepting network card.
Had an XP one for about 18 years now. Probably about time I made one for 7.
Re: (Score:2)
"He doesn't have enough education to build anything himself."
YEA!!!! Now we're getting into libel.
Keep it up, your own hatred for me is about to consume you and trap you just how I want it to.
Re: (Score:2)
July 13 2000 was the first release of build 2250 of XP (over 18 years, now.) Official RTM was April 2001.
Try again when you actually worked in the industry at that time.
Exactly what every good amin has been doing... (Score:1)
This is exactly what every good administrator, and most good power users, have been doing for years now with VirtualBox or something similar. And with significantly less resources required on the computer to do it, I might add.
Typical Microsoft. Take something everyone already does. Add the ability to do it in Windows automatically, but require more resources than it already takes. Drive the sales of new hardware, computer manufacturers are happy, Microsoft is happy. If adoption isn't high enough, then
InPrivate should mean no telemetry (Score:2)
Uhm... Well... haven't they read the news? (Score:2)
Rowhammer, Spectre, Meltdown and all of their variants didn't just disappear. In fact they will likely get replaced by new versions of themselves in new operating systems. Each one of those can be used by malevolent software to break out of a sandbox.
Also the Windows API is vast and was not meant to have security in mind. For example usually every application can fill out forms in every other application. That way you can inject code. The timer message, which everyone can send, includes a "callback" field,
Re: Virtualization is not a security solition!! (Score:2, Insightful)
Virtualization isn't a complete security solution, but it certainly helps. Just like RAID isn't a complete backup solution, but it helps protect against one class of problem.
No Fear. No Shit. (Score:2, Funny)
> This feature will allow administrators to run untrusted executables in a secure sandbox without fear [...]
Windows administrators don't fear anything. That's why they are Windows administrators!
Does Microsoft have access inside the sandbox? (Score:2)
Cool but (Score:2)
Re: (Score:1)
Cool, but, this is the year of linux on the desktop, right?