Originally Posted by
unmesh
This is a fascinating thread though I suspect there is a learning curve in setting up VMs, especially with VLAN tags as some have suggested.
VLAN tagging has quite a learning curve, yes. I just physically segregate my network into a trusted and an untrusted section.
Just setting up VMs is
dead easy; the simplest untrusted VM, and a very good one is to just run a Linux LiveCD (take your pick; pretty much every distro now makes one), point VirtualBox or your choice of virtualization apps at the CD with all the defaults turned on, and you're up and running.
If people want, I can post some screenshots as a how-to.
Setting up a basic Windows VM is pretty much the same except you then have to run through the Windows setup steps, and probably load a video driver afterwards...in general, there's a menu item in the UI to "Load [VMWare/Virtualbox/etc] Tools" which mounts a CD image, and then you just go through that and reboot it.
For a use case where the applications will be very few, even say just a browser, do people have any experience with a simpler sandbox implementation such as Sandboxie?
I've used chroot jails under Linux (and run stuff I really didn't trust ... like software key generators ... under WINE rather than real Windows) before, but never anything else like that under Windows. I was unaware of Sandboxie until you mentioned it.