No, please no. Make sand-boxing an optional feature the user has control over. Sort of like containerized tabs in Firefox. Not all apps have legitimate reasons for accessing your hard drive, but I'd argue that 90% of them that do, really need to. Let the user decide.

As an example, Adobe Acrobat. It's obvious why it needs 3 services, a persistent update checker, a couple shell extensions, 2 non services set to run at startup, and always running extensions for Outlook, Excel, and Word. All totally necessary things that a restrictive app model would unjustly break.

Don't forget it can randomly decide to try and render your computer inoperable because it guesses you might've had a dodgy version of Photoshop installed at some point in recorded history!

The mobile sandboxing parent comment mentioned lets the user decide: an app that requests permission to access files triggers an OS dialog asking if the user wants to allow the app to access them.

If you look at the android sandbox architecture (I m guessing ios is similar but I m less familiar with it) there are intentional "holes" in the sandbox that are managed by the user permissions (hence the user does have a say). I don't think a lot of people are arguing about 100% sandbox or nothing. I know that depending on where one stands they have feedback to give about how android permissions could be better, but still the ecosystem is better with it than without it.

QQ comes with a bundled QQProtect.exe that can't be killed, QQ simply refuses to run without it.

The OP on V2EX mentioned[1] that they downloaded QQ from the Microsoft Store, specifically because it doesn't come with QQProtect. Didn't help, apparently.

[1] https://www.v2ex.com/t/745030?p=1#r_10067077

There's a fatal issue with Microsoft Store apps: it allows both sandboxed and unsandboxed apps, and the developer can just upload a new version for their sandboxed app, that is not sandboxed. Updates are automatic, so the app, that looked like restricted to access only say calls will after update be able to access anything it wants.

Can't you sandbox both though?

Unsure, but multiple Tencent products ship with various "protects" (like TenProtect) that are kernel level rootkits that start at boot.

Any recommendations on sandbox software/workflow on Windows? I tried Sandboxie, but it caused the sandboxed app to crash.

Nerds think trust is something that can be created with technology. If only that were the case.

I tried Tencent's app on Android a long time ago when they were offering 1TB of free cloud storage. It started uploading all my photos (and who knows what else) as soon as I allowed file access.

I immediately deleted it, who the hell does that? Even Google Drive asks for permission first. I guess that's what you trade for 1TB haha.

Note that Chinese webdrives will detect and ban "illegal" contents, even if it's just your own nudes.

Apple tries sneaking in iCloud syncing regularly, Adobe did it to me with their cloud storage as well. Sadly, behavior like that seems ok with product managers.