[Kaizyn]

Why would anyone need or want this? Running Windows as a standard user and/or Vista's UAC mechanism seems to provide the same functionality.

I can see that the virtualization layer is more beneficial if you were trying to make it so applications behaved the same when running on Windows, Mac, or Linux. In this case, you'd be expanding on existing things like Apache's Portable Runtime, Wine or Parallels. However, the business case for your Windows sand boxing system is not something that makes sense to me.

[snprbob86]

"Running Windows as a standard user and/or Vista's UAC mechanism seems to provide the same functionality."

This isn't true under Windows. It's not true under Linux or OSX either.

Think of your software security boundaries as an onion. In the middle you have kernel mode, then system services, then the administrator user land, followed by a common user. Application virtualization adds one more layer to the onion. Not only are applications insulated from your system, but they are also insulated from other applications.

The ultimate model is much closer to that of a web browser with domain restrictions on cookies and the like. This is the next logical step in fighting malware.

[thorax]

It's far more compelling than you think.

There are a number of companies offering this Windows app virtualization layer today in different ways (they actually have a lot of patents on this). Softricity did this and was acquired by Microsoft. Citrix also has their own app virtualization technologies. Symantec acquired AppStream which does this, too. There are some large existing markets for this, though it's vastly enterprise-based.

Streaming apps to your company desktops instead of worrying about what they have installed and how it might conflict is extremely compelling to large corporations, governments, etc.

Baseshield is aiming at the consumer side, probably, but the technology seems very similar to what these other companies provide for the enterprise.

[marcus]

Installing an app on Vista/XP almost always requires administrative privileges even if the only need stems from writing into the C:\program files\ directory.

And frankly once you give an application Admin privileges once, it doesn't matter anymore it can do whatever the hell it wants. Sandboxing is a much better mechanism from a security perspective

Plus uninstalling a program is always problematic under the existing Windows mechanisms, basically it is every programmers duty to write an uninstaller for his own software, many of which are buggy, leave trash on the computer and so on. Sandboxing an installation makes the uninstall automatically easy & fool proof.