OpenAI wants me to switch back to Windows

Hey. I wanna show you something. Do not judge me. Under my desk, have a Mac, and then way over here, I also have a Windows PC and a KVM switcher to switch back and forth. There's a reason for that chaos. We'll get to that here in a moment. But first, OpenAI reached out to me about two months ago and said, hey, you know that Codex app that everyone's freaking out about? We made it Windows native. And I was like, so what? Who's even still using Windows? But it turns out, you are. I polled all you suckers. Over 60,000 responses, and guess what? Most of you are using Windows as your daily driver. So whether you are forced to be there because of work or gaming or you genuinely love it, there's like three of you. Most of you are on Windows. So back to OpenAI making Codex Windows native. Okay. I get it. That might be a big deal. So I said, sure. I'll make a video about it. Mainly because I'm curious about what Windows native means. And spoiler, it's all about a sandbox and security, which means we're about to get super nerdy on AI agent security. That's gonna be fun. But also, it made me kind of miss Windows. I know. That's weird. But don't you miss it just like a little bit? Like, miss it being awesome? Maybe Codex can win me back. I don't know. We'll see. And thanks to OpenAI for sponsoring this video and forcing me to use Codex. I'm for real now using it every day, and it's actually pretty sick. Hold on. Wait. There's more. I know that was lame. I'm gonna drop seven things on you about Windows that might make you smile and think fondly of Windows in the past. Get your coffee ready. Let's go. Be looking for those. Collect them all. But before we dive in, I have a confession. I don't use Windows, and it's not for the reason you think. And I know you kinda see me using it right now. I'm on Windows right now. That's because this is all I use it for. There's this one app. Here it is. It's called vMix. It's Windows only, and I'm stuck like many of you. Hi. But this Mac underneath my desk, that's my daily So why did I switch? Yeah. Those reasons are valid, but that's not my reason. I actually like Windows. Calm down. But I like the feel. I like the UI. I grew up on it. It's nostalgic. Maybe I'm like this guy and I have Stockholm syndrome. I don't care. I think we can all agree that at one point, Windows was amazing, and it was your favorite OS. Admit it in the comments now. So I'm, like, super aggressive right now, and Like, has been a little nuts lately. But even with all the craziness, what made me switch was AI. It seems like every AI tool was made for Mac and Linux, and they forgot about Windows. Sure. They make some Windows apps, but it's not the same. You're always missing something, and I was tired of running AI in WSL2 like a second class citizen. And, no, Copilot sucks. And every effort by Microsoft to put AI in its operating system is garbage. Hot garbage. Just stop it. I'll bring my own AI. You guys stay out of it. So that brings us to the Codex app being Windows native, and they did something that really no one else did. They went a little crazy. Let's stop talking about it. Let's install it. Now I'm on a Windows machine right now, but I also, over here, have my Windows Alienware laptop that I'm remoted into with Microsoft RDP. Windows surprise number one. Didn't see it coming, did you? SimCity had a bug in its code that would not allow it to run with Windows 95. Instead of telling SimCity to fix their code, Microsoft changed the OS code of Windows 95 to accommodate it. Windows is one of the most backwards compatible OSs in the world. An app made in 2001 can still run on Windows 2,011. That's a little magic. Let's go find Codex. We'll go to the Windows App Store. There it is, and we will get it. What is this thing that keeps popping up? Leave me alone. What is that? Windows. Now if you're new to Codex, this is essentially ChatGPT for power users. When we open it, we can log in with our ChatGPT subscription and use that. I'll skip that. And we are in. Codex right now is pretty much the golden child of the industry. Everyone loves the Codex app. Peter Steinberger even uses it. Although I think he's paid too now, so it's kind of a bad example. But you get the point. Now right away, we're hit with something I'm gonna talk about here in a moment. I forgot this is going to happen. Let's click on setup and see what happens. The agent sandbox is asking for elevated permissions. It launches UAC, and that was it. The sandbox was ready. But what is it? You gotta wait. But first, just know whether you use this on Windows or Mac or Linux, this thing's pretty sick. Let me tell you why people care about this and why I've been using it every day. Sub-agents. There they go. It has plugins. Let's add Chrome and superpowers. Definitely want superpowers. It's been that easy the whole time. Sorry. That was a dumb joke. I'm a dad, and we have skills, which I think are just part of the plugins. We have automations. Run chats on a schedule. This is pretty powerful. Do a demo of that here in a moment. They are winning right now. And if you don't use it on Windows, use it anywhere. It's pretty sick. Like I said, I use it for a lot of stuff, and it's my favorite way to code right now. But back to Windows native. We're gonna meander over to the settings tab. There it is. Settings and then settings, and we'll scroll down just a bit until we see this. The agent environment is Windows native as opposed to what? Like, what's the alternative? Let's see. WSL. And that's Windows surprise number two. Windows ships with a real Linux kernel, the Windows subsystem for Linux. Honestly, this is what kept me on Windows for a while because it had Linux built in. And on build twenty twenty five, Microsoft open sourced the entire thing. That's shocking. But still, I don't wanna use it for my built in agent like most AI tooling does because it's not running in Windows. It's kind of running beside Windows in its own little container. So the default option is it runs in Windows, which to me, I don't know. It just seems really cool because I know when the AI tools first started coming out, the only option was Mac or Linux or WSL2. Just thinking about the agent running in Windows is kind of fun. And not only that, it speaks the language. PowerShell. Most AI tools can write PowerShell, but not all of them live in PowerShell. But why is that a big deal? Who cares? Well, if you use Windows as your daily driver, which you do, you might be a Windows Sys admin managing Active Directory and Windows domain controllers and Azure maybe. Codex doesn't just understand that environment. He lives in it. He's a local. Like, watch this. Let's go to this project and say, how many files are in this directory. Watch what happens. It's running PowerShell. By default, it's gonna be using PowerShell commands just like you do. Packer, accountant, developer. Codex isn't just visiting Windows anymore. He's not pretending to be Windows in a Linux costume. He moved in. And the way that it can help us with our jobs is way more integrated now. But this becomes extremely scary. Like, did you hear that story where Google Antigravity deleted a developer's drive? It apologized, but it was gone. This was on Windows. Now, thankfully, this is where OpenAI focused a lot of their attention. You see this agent right here, our Codex agent, he's stuck inside a sandbox. That sandbox that we saw earlier get built. But what is that? A sandbox is what AI companies use to protect us from their AI, but this isn't always easy to do. Now on Mac and Linux, it kinda is. Mac has Seatbelt. Linux has bubblewrap. These are ready made solutions that enable companies like OpenAI to produce a good sandbox to box that agent in. So it can't do things like delete all your stuff, erasing your code base and dropping all your database tables or removing all your family photos. But here's the problem. On Windows, there's really not an equivalent tool like Seatbelt or bubblewrap. Most companies will just spin up a VM or run a Docker container or WSL2 to isolate the agent, but then you lose that integration. And, also, these can be kind of heavy. So OpenAI built their own. They just did that. Over 15,000 lines of Rust code. This sucker is Windows native. Using all Windows tools like file system ACLs, firewall rules, restricted tokens, and don't get this confused with the Windows sandbox and the app container. They didn't use that. The sandbox is a VM that will run on Windows to isolate things. OpenAI didn't wanna do that. The sandbox OpenAI built is running right there on your Windows system, the same one you're using, but it's built on top of existing Windows security plumbing. But enough talking about it. Let's see it. Let's watch it happen. It's actually pretty fun. This is where we get to nerd out a bit. You know, like, Chuck, we haven't already been nerding out. Oh, we can go deeper. Coffee break. Actually, I'm almost out. I'll be right back. Don't go anywhere. I almost fell. I'm back. Windows explosion number three. I'm not sure why I called it explosion. Did you know that if you turn on Hyper-V on your Windows machine, the Windows you're running becomes a virtual machine? Running on the exact same hypervisor as Azure, the cloud. I know it's kinda weird. But if you're running Windows 11 Pro, when you enable Hyper V, just one setting, a thin type one hypervisor loads beneath Windows at boot, and you're running Windows is now the root partition. A privileged guest of that hypervisor. You have data center grade virtualization sitting on your laptop right now. Sandbox in action. Let's create a new project. Actually, we'll start a new folder ourselves. Where's my desktop? Where's my documents? I don't have a documents folder. Where is it? That's crazy. I'll call this folder clean my PC. Now real quick, I'm gonna show you something before we jump into Codex. I'm gonna right click this folder, open it in terminal, and let's icacls it. Don't worry about that. I'll just copy the entire path here to make it easier. Look off the break. This tells us who has permission to do stuff in that folder. Now notice one thing here. We have a Codex sandbox sandbox users group. K. Now let's go open it in Codex. New project, existing folder, clean my PC. We're here. Now I'm gonna say, hey. Tell me how many files are in this folder. There should be none. Running PowerShell. Wow. Using the superpowers. That's a lot. Zero files. Let's get back to our terminal. Run that command once more. Woah. Who's that guy? It looks like we have a new user, and this is actually a new SID. Not that SID. It's diagram time. Right here in this diagram from OpenAI, this is the sandbox that we've been talking about. Right now, that sandbox is that folder, that clean my PC folder. Sandbox. Let me fix that. B sandbox. That was gonna bother me. It's not using your user account. You you're over here. You ran Codex dot EXE, but the agent itself, he's stuck. He's like a prisoner. That seems negative, but he can't get out unless we say he can. He's running as a sandbox user. We can actually see that in PowerShell. If I type in net users, there's two users that Codex gave to us, Codex sandbox online and Codex sandbox offline, one for no network access and one for network access. And I mean, like, accessing the Internet. By default, we're gonna be running the no network user. And from there, Codex created a synthetic identity, a restricted synthetic identity, SID, that has permission to that folder to run things like PowerShell, Python, Git, but that's it. Just that folder. So running icacls in that folder, we can see that SID is still sitting there. But if I just run icacls on my documents folder, go one directory up, no SID there. Time for a Windows nugget. that Windows remembers your last 25 copies? I'll show you mine. Hit Windows key v. Oh, you have to turn it on first. Turn it on. Look at that. It remembered. That's your clipboard history. You can pin the ones you like to reuse. It even syncs across Microsoft logged in accounts if you're into that sort of thing. Although we're all kinda forced to be right now, aren't we? Now let's start a new chat. Let's have it try to access the network. I'll say, hey. curl networkchuck.com. curl is a tool that it will use to essentially get information from my website. Let's see what happens. Bam. It couldn't do it. It's now asking me permission. Why? Watch this. Windows Firewall rules. I'm a go to my firewall. Oh, we're getting deep now. I'll go to outbound rules. Ah, and there they are. The sandbox user offline is being blocked. But now what's happening here? What happens when we say, yes, you can do this? Well, if we get back to our diagram, this user, this restricted token can't do it. So he's sending a request across the control plane saying, hey, got blocked help. And now it's up to us to explicitly allow that. Let's do it. We'll say yes. And it did it. And for that moment, it was allowed to run that command because we explicitly allowed that. But notice here how it's using Windows features to protect us from our AI agent. Assuming, of course, that we are using the default permissions. We actually have a few options for that. We click our drop down here. We have auto review, which you'll actually use an AI agent to determine if certain things are easy to approve, like no brainer. It just wants to find out how many files are in a directory, or it might block a sketchy download. And the full access is you don't care about your machine at all or your anything. Just go for it. I don't recommend that, at least for security stuff. I'm guilty of running that sometimes. Who else in the comments lets it run full permission? Don't do that. Now let's say this. New prompt. I want you to clean up my downloads folder. Remove any files that are obviously trash and don't need to be there. Now notice he's able to read the files even though we're in the clean my PC sandbox. Look at him go. It's so cool. If icacls the downloads folder, the sandbox users can read and execute. There's that permission right there. But now you see we're hit with a, question. Can we do something else? See, now it needs permission to actually do something in that other directory. And, yeah, I'll let it do its thing, like removing virtual box downloads and stuff. But if I go back to our testing project where we created 30 coffee story files, and I'll launch another chat inside that directory, I can say delete the 30 story files. It should not need our permission. It has its full rights within that directory to run and go crazy. I mean, not crazy crazy. And it did it without needing us. That's the sandbox at work. Now let's have some fun with Codex and have it actually clean up some stuff on my machine. But before we do that, Windows surprise. I don't know what to call these things. Did you know that if you name a Windows folder a certain string, like, watch this. Let's make a new folder. New folder. And we'll name it exactly this. God mode, a bunch of strings or characters. Boom. What? It's my first time doing this. If you open it, 250 Windows settings shortcuts all right here. That's just magic. Now speaking of magic, let's do this. On my Windows machine here, if I go to my start bar, I get all these, like, news things and advertisements and all this stuff. I hate this. I hate all the adware and bloatware in Windows. I know that's a complaint. Let's see if Codex can fix that. Clean my PC. Let's go to extra high thinking now. That's the prompt. And what the cool thing about, Codex, we can go into plan mode and set this as a goal that it'll keep working towards. I think that did it. And also watch this. Use as many sub-agents as you can to get this done. We'll send that, and we can say steer that conversation. We'll change our permissions to auto review. Now we're cooking. Now, obviously, steering it interrupts him a bit saying, hey. By the way, go this way instead of just being queued and waiting for him to finish. While that's happening, let's open up one more. Clean up my desktop. It's messy. Make it look nice. I don't know what's gonna do with that. I'm getting lazy here. Those fans are kicking on back there. Dude, it spawned six agents. Another Windows treasure. I'm running out of options. Windows has a real package manager built in. Mac has brew. Linux has a apt. Almost forgot there for a moment. All this Windows talk. Windows has a winget. It works. It's a real thing. Try it out. And while it's doing all that, I'm gonna do one more crazy thing. I'm not even sure if it can do this. New project. Call this hacking project. And say, want you to spin up a Hyper-V based hacking lab with Kali Linux and Ubuntu. I'm using this to become a pen tester. This is for my study on just this machine. Let's see what it does with that. He cleaned up my desktop. Let's see what he did. He did not do a good job. Oh, my organized desktop is right here. I guess he put it into folders. That's how he interpreted that. Thanks anyway, Codex. Say, like, arrange the icons in a pleasing way. Make it look really good. I noticed it's actually checking my Windows registry too. It's not changing anything. That would be dicey. But because we're running auto review, it determined that just checking it's not crazy. Oh, which network isolation do I want? Think I just killed my computer. The defender and Codex are fighting. No. It's blocking Codex. It made my layout a little bit prettier, I think. It didn't. It was a nice try, Codex. I'll let this guy cook, and he did his job. I've got a Kali VM. I have an Ubuntu VM, and it's a hacking lab. Like, I can actually go in there and try to hack the app it built. It's an intentionally vulnerable app, but it built a hacking lab for me. Switch NAT everything. It also finally cleaned up my desktop, kind of. It looks okay. It put it all in folders. It's not much for desktop aesthetics. I'll have to teach it. And then bloatware, it did it. Let's check this out. Clean. Nothing. No distractions. And I could do this because, you know, Windows updates, they like to come in and overwrite things you that you do. Let's create a Codex automation that will prevent Windows updates from reversing our changes. There it went. Did see that? Where's that pen? I put it up. Get out of here, water. It made the automation. And that's one of my favorite things about Codex, the app, are these automations. There's the prompt. It's gonna run Spark. It'll run how often did it say? Every six hours. Sick. What do Taylor Swift and Windows have in common? Another Windows secret. They both love to shake it off. This is silly. I'm sorry. But watch this. Take take a window. You just shake it, and everything goes away. Shake it again. They're supposed to come back. They didn't. Oh, there they go. It's kinda neat. You have to turn it on in the settings. System multitasking, title bar window shake. Alright. Time to close this out. Windows native is becoming a thing. OpenAI with Codex, first movers on this, but others are following. The Hermes agent is not far behind. They'll have Windows native soon. And, honestly, just making this video and playing with Windows again, actually diving into the settings and playing with a firewall. I missed it. I do. Do you? Like, Windows is not perfect. They make some really weird and, honestly, bad decisions. We can all agree with that. They're working on it. They made an apology. Editor put that up. It was kind of an apology. And despite everyone trying to move to Linux for gaming and stuff, which I don't think is gonna happen, Linus Tech Tips keeps making a series to try and do it. How many more is it gonna take? But I want Windows to be good again. I want an OS like Windows seven and XP, and e even 10 was good. I want to love Windows, and OpenAI is making it a little bit easier. But, you know, I'm not quite ready to switch yet. I'm close. Maybe if a few more tools come over, I will I will dive deep. And if Windows changes their attitude, they gotta fix it. Then maybe I'll feel good about moving my Mac out of here. Because, honestly, I I enjoy this more, Windows, more than Mac. I Let me know. Let me know how you feel. Let me know. What what do you think? Comment below. And by the way, have you hacked YouTube today? Let's make sure you do. Hit that like button, notification bell, comment, subscribe. You gotta hack YouTube today, ethically, of course. That's all I got. I'll catch you guys next time. My coffee cup is empty. A little bit left. You made it to the end of the video. If you're new here, I like to pray for you at the end of my videos. I do honestly believe in the power of prayer, and I genuinely care for you. So for me, the best way I can love you and show care for you is to do this, to pray for you. So if you don't mind, I'm just gonna do it right now. One two three, pray. God, I thank you for the person on the other side of this screen. I thank you that they're here, that they're excited about technology, that they're potentially in IT or just fumbling around on the Internet trying to figure out how to work AI. Wherever they're at right now, give them clarity. Give them the next steps. If there's any confusion about their jobs or what they're supposed to be choosing to study in school. Let it be revealed to them right now. Give them a peace, and let AI not give them anxiety, but give them hope. Let them not believe in the the negative headlines. Let them let them be relentlessly optimistic. Bless their families right now. Strengthen their families and encourage them. Help help these people watching this video right now to be a source of encouragement to their loved ones around them. Help them to, balance their time well between messing with AI and having fun with this, but also spending very intentional focused time with their family. And if there's anyone in their family that's just going through a hard time, any kind of sickness or any kind of disease or anything, God, be with them and and heal them, God, in in all the ways you know you can. Jesus, we thank you for everything. It's in your holy name we pray. Amen. Thanks for letting me do that.