For anyone unaware, it's very simple to switch out of S mode:
Learn how to switch out of S mode to install apps from outside of the Microsoft Store or to upgrade to Windows 11.
support.microsoft.com
But yeah, there are options:
1. Could run a VM, especially with baremetal access
2. Could RemoteApp locally. So install your apps to a core catalog & do it Docker-style, like you mentioned
3. Could run Windows as a Hypervisor (especially with the Linux sub-system) with something like the Proxmox/QEMU/KVM stack
I know a guy who runs his company like this. All machines are locally virtualized with a skinny hypervisor. I'm not sure if he does a baremetal install & then converts it to virtual with baremetal access or what, but he has a a pretty slick backup system & can add stuff like GPU's, unRAID-style. He has some programmers on it, so I suspect it's a custom scripted system running on Proxmox's Debian base, which does both container-based & full virtualization (plus stuff like virtualized networks, clustering, etc.), because he can rewind client's Windows VM's quickly & through tons of snapshots.
tbh I'd like to see this kind of seamless sharing between systems down the road with stuff like Mac & Windows. So have like an ARM hypervisor that runs baremetal OSX & Windows 10 live at the same time, splitting the CPU, GPU, RAM, either SSD partitions or like dual soldered SSD's, an iGPU/dGPU dual-setup, etc. Then do like docker-style apps within that. Just totally isolate everything haha! That's essentially how iOS works, with each app isolated within its own sandbox, so each app is not only isolated from other apps, but from the operating system as well, which makes for a pretty secure operating system (provided you don't jailbreak it!).
Although operating systems are a bit trickier as they use more powerful tools outside of copy & paste and keychain-password sharing between apps for authorizations & logins & whatnot. With all of the various operating systems now from Apple alone (iOS, iPadOS, Watch OS, OSX), they still take independent routes per OS, but have been doing a lot to do cross-talk to seamlessly merge everything together, which is really nice because you don't have a diminished Mac laptop or desktop that runs a pared-down iPadOS system, but the iPaOS system is still a really great fit over iOS, which is bettered suited for iPhones & iPod Touches. Windows tried to do this years ago with the Windows Phone, which I will admit was a pretty cool idea, and it looks like Apple has followed suit a decade later with a more seamless experience in tow.
I've done a number of virtualization projects over the years (VMware, Citrix, Hyper-V, Parallels, VirtualBox, Proxmox/QEMU/KVM, etc.) with various hardware components (GRID cards, Tesla cards, and even HP's nifty RGS system, which I guess is now licensed software but still pretty cool over the previous PCoIP cards) & there's a lot of really neat work being done (especially in the cloud with stuff like Shadow Tech!). As Microsoft dives into the world of ARM with stuff like Win10 for ARM64, it would be interesting to see them use that idea of like their Windows Subsystem for Linux & put that at the forefront as a hypervisor with the actual end-user OS running within a baremetal VM, with realtime incremental backups, OSX Timeline-style per app VM, or something to that effect.
As of the 2019 update, you can Sandbox apps within Windows 10:
In this guide, we'll show you the steps to enable and get started using the new Windows Sandbox experience to run untrusted apps without affecting your device on the Windows 10 May 2019 Update.
www.windowscentral.com
Although they're kinda limited, so it's not the same as doing like
After Application Guard, Credential Guard, and Device Guard, Windows Sandbox is the latest virtualization-based security (VBS) feature in Windows 10 (starting from build 18305). This lightweight and user-transparent virtual machine (VM) discards all changes upon closing the Sandbox.
4sysops.com
There's also App-V for like a local version of RemoteApp:
Get started with Microsoft Application Virtualization (App-V) for Windows 10/11. App-V for Windows client devices delivers Win32 applications to users as virtual applications.
docs.microsoft.com
People are doing really cool stuff with the idea you're talking about in the OP, like using GPU-passthrough to use Proxmox to do gaming in a Windows 10 guest:
And then building off that idea to do remote gaming, Shadow Tech-style, but locally:
Could be neat. Host OS isolation with App isolation, iOS-style but for Windows! Might be fun to try with the method in the above videos & then use something like Sandboxies for app isolation:
For me tho, I pretty much just use Macrium Reflect, which does automated incrementals (on the paid version) & has cryptolocker protection for your backup drive, so it's easy to restore if something goes south. I also use a VMware burner VM for opening up unknown files & testing software, as I keep a software library of all software officially-installed on my PC for rebuild purposes.
Looping back to your OP, yeah, cutting out other browsers is a real idea because Microsoft makes money from advertising on Windows 10, which is the most likely reason why the Win7/8 upgrade to 10 is still free:
You might ask yourself: how does Microsoft make money from Windows 10 and Windows 11? Although some means, like selling licenses, are obvious, others aren’t, and the ways the company generates revenue from Windows may be quite surprising. Starting with Windows 10 and continuing with Windows 11...
www.digitalcitizen.life
And most people who are buying low-end Windows 10 S laptops are probably totally fine downloading apps only from the Microsoft Store, without ever performing the S to full-10 conversion. During the height of COVID with everyone doing WFH, I bought a ton of laptops & mini PC's for doing VPN machines for home use for various clients, and it was easy enough to pop them out of S mode, encrypt them (iirc you still need to do the Pro upgrade to use Bitlocker instead of just device encryption), throw on whatever VPN & RDP software the client's network was using, and voila - cheap laptops & mini PC's that could be plugged into monitors or big-screen TV's with wireless keyboards at home!
Facebook
Twitter