back to article Insiders! The good news: Windows 10 Sandbox is here for testing. Bad news: Microsoft has already broken it

No, Windows Insiders, that isn't your New Year's hangover kicking in. After unveiling Windows Sandbox to much fanfare, Microsoft promptly broke it with a cheeky cumulative update. We noted the imminent arrival of Windows Sandbox just before Christmas. Microsoft dropped a fresh fast ring build in the form of 18305 shortly after …

  1. Teiwaz Silver badge

    "We've made the decision to only do one bug bash this release."

    Seems sensible, squashing one bug can often create another two new ones.

    Seems with Windows, it's almost inevitable.

  2. Alistair Silver badge
    Windows

    I'm not sure if the cat pic is because the cat is out of the bag, or the reg is just being a bit catty in the new year, or because the cat as always, doesn't quite fit the box... and we all know MS has never quite fit in the box either. Happy new year. And may your sand stay in the the boxes this year.

    1. DJV Silver badge

      Cat pic

      Well, we all know what cats tend to do in boxes of sand (or anything they sense will make a reasonable substitute for litter).

      And, what the cats do there is what MS subsequently tend to do all over anything they ever manage to get right at least once!

  3. SVV Silver badge

    Windows sandbox

    The whole point to a sandbox is that nothing else should be able to break it, it should live in glorious isolation as much as possible. And then an update to the ancient Internet Explorer breaks it. Which could only mean that the brand new sandbox is dependent upon IE code in some way. This is not a good basis on which to create modern reliable software.

    If there's some other explanation, it is probably even more concerning.

    1. David Lewis 2
      Facepalm

      Re: Windows sandbox

      "This is not a good basis on which to create modern reliable software."

      Modern Reliable Software != Windows 10

      FTFY

    2. overunder

      Re: Windows sandbox

      What could be concerning is that if it is reliant on a web browsers code, it's soon to be reliant on Google's Chromium. I wouldn't be surprised if you'd have to eventually login to Outlook and eventually Facebook to use it. Of course in the end, it's going to run regardless in contrast to your interest and gather data on you. But don't worry about your data... its "sandboxed".

    3. CheesyTheClown Silver badge

      Re: Windows sandbox

      Ok... first of all, Sandbox is an insider feature which means that things will and DO go wrong. It's not meant to be reliable software, it's meant to be bleeding edge. Think of it as the alpha and beta versions of times past.

      Second of all, security fixes from release builds generally come into sandbox builds. The security fixes are tested against release and if they're tested against insider as well, it's a bonus.

      Internet Explorer is an application built on top of many Windows APIs including for example the URL engine for things like fetching and caching web media. It's like libcurl. Just like libcurl, wget, etc... there are always updates and security patches being made to it. So, when making updates and security fixes to the web browser, if fixes need to be made to the underlying operating system as well, they are.

      That said, I've had fixes to IE break my code many times. This is ok. I get a more secure and often higher performance platform to run my code on. It's worth a patch or two if it keeps my users safe.

      As for what the sandbox does, I'd imagine that the same APIs which IE uses to sandbox the file system from web apps requesting access to system resources (probably via Javascript) are used to provide file system access for example. If I had to guess, it probably is tied to the file linking mechanism.

    4. livin' thing
      Facepalm

      Re: Windows sandbox

      "Which could only mean that the brand new sandbox is dependent upon IE code in some way" - that's just how I read it too; and if we're correct, or even only vaguely correct, then Windows is way more rotten than an old log in a warm bog. Deeply worrying (if you have to run the horror - luckily I don't).

    5. david 12 Bronze badge

      Re: Windows sandbox

      Which can only mean IE is dependant on Windows System code? Dam that's disturbing.

  4. anthonyhegedus Silver badge

    Windows wouldn't be Windows if stuff worked as it should, even in a beta test.

  5. ma1010 Silver badge
    Facepalm

    Freudian reading

    When the article said "Microsoft dropped a fresh..." my early-morning mind was expecting to read "grogan." But from the rest of the article, it looks like my morning-addled subconscious was right.

    And yes, MS, certainly one round of crowd-sourced "testing" is all you need with Win X, given it's recent stellar record. One wonders what they're smoking (or, given its location, probably vaping) these days.

    1. a_yank_lurker Silver badge

      Re: Freudian reading

      Smoking weed almost certainly

  6. jake Silver badge

    Ah, yes. Internet Explorer.

    Breaking everything it touches, since 1995.

    1. chivo243 Silver badge
      Big Brother

      Re: Ah, yes. Internet Explorer

      @jake

      C'mon man!! It's Internet Destroyer! Or Internet Exploder! Back to the education camp with you!!

      1. jake Silver badge

        Re: Ah, yes. Internet Explorer

        Nah. IE has always been such a piece of shit that it doesn't need that kind of derogatory moniker.

  7. Inventor of the Marmite Laser Silver badge

    Y'now the Midas touch ................

  8. Ian Emery Silver badge

    Still waiting for that Nelson Munce icon; we REALLY need it when M$ feature in a story.

  9. ScissorHands

    MS keeps forgetting they have "Slow" and "Release Preview" rings...

    I'm on the Slow Ring and for the last two flights, I only start getting preview builds less than two months before release... There used to be an initial build two months after release of the previous version, one pre Bug Bash, one post Bug Bash, and one near release.

  10. RunawayLoop

    SANDBOXIE .... SANDBOXIE ...SANDBOXIE .... SANDBOXIE ...SANDBOXIE .... SANDBOXIE ...SANDBOXIE .... SANDBOXIE ...SANDBOXIE .... SANDBOXIE ...SANDBOXIE .... SANDBOXIE ...SANDBOXIE .... SANDBOXIE ...SANDBOXIE .... SANDBOXIE ...SANDBOXIE .... SANDBOXIE ...

  11. Boohoo4u

    Tester

    You’d need to pay me to be a Windows “Insider” beta tester.

    I’m not that much of a masochist otherwise...

  12. J J Carter Silver badge
    Linux

    I wonder?

    Can WINE host the Windows 10 Sandbox?

  13. JJKing
    Devil

    The grapes of wrath.

    I think you would need to consume great quantities of WINE if you were forced to use Windows 10 Sandbox.

  14. hellwig Silver badge

    Pretty sure IE will be shown as an escape vector any day now.

    If a "lone" application like IE can break the sandbox, it's not a sandbox at all. If the idea is to run applications in an isolation environment that basically mimics the external environment, IE should have broken windows too, not just the sandbox. Clearly IE is doing some so low-level that the virtualized environment couldn't handle it. That tells me it's low enough that it will probably expose the primary system to the sand boxed environment somehow.

    Otherwise, why can't I just use the sandbox without trying to launch IE?

    Until Microsoft kills IE and permanently divorces it from the underlying OS, Windows will NEVER be secure.

  15. PeterM42
    Facepalm

    What is the difference between IE and a virus on Windows?

    You can REMOVE a virus.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019