New
#1
Opinion needed - Windows Sandbox or VMware Workstation?
Hi all -
Been doing some software testing with nasty malware.
Which would be best? I want the TPM chip to be in play here.
Sandbox seems sluggish.
Thanks!
Hi all -
Been doing some software testing with nasty malware.
Which would be best? I want the TPM chip to be in play here.
Sandbox seems sluggish.
Thanks!
Hi there
problem nr 1 for Windows Sandbox --- if you need to test software that needs a re-boot after install e,g configuration changes etc then Windows Sandbox isn't really much use.The Sandbox isn't persistent over re-boots. I don't think you can re-boot the sandbox itself (not the main Windows machine) without also losing persistence.
Problem nr 2 - can't move Windows sandbox data to your own choice of drives /directories.
problem nr 3 (possibly) I think you need Windows Pro as you will need to enable part of Windows HYPER-V -- might not be possible on HOME editions -- I don't know for sure but I think this is also a restriction.
Sandboxing is fine if you can test things properly and they are persistent until you want to get rid of them -- currently Windows Sandbox is not much use. (at least IMHO)
VM's take a lot more setting up but these days very efficient and are perfectly good for testing pretty well everything (unless you require real access to the underlying hardware --e.g writing fast video game drivers for specific graphic cards / GPU's etc).
Even then some of the latest hypervisors -- HYPER-V / QEMU/KVM etc allow hardware passthru so you can use the real OS drivers rather than the paravirtualised ones which make VM's have the possibility of running at near native speed and performance -- OK VMWare isn't in that league but all I'm saying here is that using a VM for all sorts of things today is absolutely OK -- even a few years ago running a video player like VLC on a VM was sluggish etc.
Another possibility is to use a cheap cloud server -- so many options today that never existed (certainly at affordable consumer prices) even 3 years ago.
I'd tend to forget using Sandbox -- even if you don't want to use a VM - HDD's are mega cheap these days --just fire up another Windows install for your test -- on the same hardware - activation won't be necessary.
Some sandboxing IMO is like a lot of these 3rd party Anti Virus solutions -- a C20 solution (e.g time of Win 7 etc) when we've got far better C21 systems available.
Cheers
jimbo
Last edited by jimbo45; 09 May 2020 at 08:21. Reason: mentioned passthru possibilities on VM's
Some malwares coded to not work when executed from within VM so you might have to use Sandbox time to time.
No i don't have example but you can check out the article.
How Malware Detects Virtualized Environment (and its Countermeasures)
Main reason for using native boot VHD for testing is that it's so easy. It runs using machine's real BIOS / UEFI settings, using real hardware drivers. When done testing, just delete the VHD.
Kari