'InPrivate Desktop' security feature will let Windows 10 sandbox untrusted software
The feature currently in development for Windows 10 Enterprise gives quick access to a throwaway sandbox for testing apps.
Microsoft this week let slip an interesting new security feature it is cooking up for Windows 10. Called "InPrivate Desktop," the feature was initially spotted in a now-removed Feedback Hub quest for Insiders by Bleeping Computer (via ZDNet), and it's described as a type of "throwaway sandbox" for testing untrusted software.
With InPrivate Desktop, users would be able to quickly launch a one-time sandboxed virtual machine that would let them test a piece of software without worrying about it potentially impacting system files. As Microsoft described in the Feedback Hub post:
Outside of a basic description, Microsoft also listed the prerequisites for running the app, indicating that it is destined for Windows 10 Enterprise on build 17718 or later. The app will also require at least 4GB of RAM, at least 5GB of free disk space, and at least two CPU cores.
Further, the description links to a wiki page referencing "Madrid_Self-Host," possibly indicating the app's internal codename is "Madrid." Unfortunately, the wiki page requires sign-in with a validated Microsoft account to access its contents.
According to Bleeping Computer, the InPrivate Desktop app was inaccessible from the Microsoft Store even while the Insider quest was live in Feedback Hub. Still, it gives us a peek at what could turn out to be an interesting and valuable feature for system administrators looking to quickly test out untrusted software.
Get the Windows Central Newsletter
All the latest news, reviews, and guides for Windows and Xbox diehards.
Dan Thorp-Lancaster is the former Editor-in-Chief of Windows Central. He began working with Windows Central, Android Central, and iMore as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl.
That would be great to have. But does Enterprise have a different store?
That would be great for trolling scammers who call and claim to be from "Microsoft Support". Give them access to a sandboxed desktop, and waste their time.
I like this idea, but I'd rather have a container for untrusted software that stays until you delete it. I don't like the fact that with things as they are, as I understand it, if you want to run untrusted software isolated from the rest of the system, you have to run it in a virtual machine, which, if you are a Home or Professional user (not an Enterprise user, for example), means that you have to buy a separate Windows license just for running Windows in the VM. I understand that for the most security, you'd want to run untrusted software in a virtual machine as opposed to a container; but running a virtual machine that runs Windows requires a separate Windows license, so I'm interested in containerization, and in what security trade-offs are involved.
So useful! Currently use VMs for this.
Hope it will trickle down to Pro and Home edition soon.
By Jez Corden