Sandboxing is a general term and I used it as a general one. Sandboxing can include virtualization.
Virtualization alone isn’t enough if the external interfaces aren’t protected. With QubesOS you are for example expected to not mix data from untrusted sources with data from trusted sources in the same virtualized environment. You’re expected to use the right tools to open untrusted documents;
QubesOS.
That’s still standard virtualization. It doesn’t harden the applications you run inside the sandboxes.
Virtualization is better than sandboxing for security.
Sandboxing is a general term and I used it as a general one. Sandboxing can include virtualization.
Virtualization alone isn’t enough if the external interfaces aren’t protected. With QubesOS you are for example expected to not mix data from untrusted sources with data from trusted sources in the same virtualized environment. You’re expected to use the right tools to open untrusted documents;
https://theinvisiblethings.blogspot.com/2013/02/converting-untrusted-pdfs-into-trusted.html?m=1
Virtualization is better than sandboxing for security.