In a sense, a sandbox is a container placed around an application running within Windows.
When you run an application inside a sandbox, it continues to have access to everything that it would were it not sandboxed. The primary difference is that anything created or changed by the sandboxed application is:
- Not Visible to the other Windows applications outside of the sandbox
- Not saved when you decide to exit the sandboxed application you are running
( An example to put it into context is any malware that might have been downloaded and “installed” in the sandboxed application (ex. Chrome) is discarded when the application exits. )
A virtual machine, or VM, is an application running under Windows that creates an environment simulating a completely separate computer.
In a sense, it’s a “machine within a machine.” Windows running on the actual PC is often referred to as the “host” operating system, while any VMs running on it are referred to as “guest” operating systems.
The VM also includes its own set of virtual device drivers that behave as if they’re interfacing to actual hardware. In reality, they’re mimicking the presence of actual hardware and talking to the host copy of Windows to gain access to the real hardware.
[ Everything that happens in the VM stays within the VM. It behaves exactly as if it were a completely separate physical machine. ]
Within that virtual machine you’re not running Windows, and thus are not vulnerable to Windows-based malware. That’s pretty significant.
That implies that any downloads, changes, updates, installations created or saved within the virtual machine is only accessible from within the VM in some way.
And if you delete the VM, it’s like getting rid of a PC. Everything on the virtual hard disk is erased.
[LNK in WP]
Leave a Reply
You must be logged in to post a comment.