diff --git a/BUILD.md b/BUILD.md
index 0661c59..9c0f905 100644
--- a/BUILD.md
+++ b/BUILD.md
@@ -108,9 +108,9 @@ The output is in the `dist` folder.
 
 ## Windows
 
-These instructions include adding folders to the path in Windows. To do this, go to Start and type "advanced system settings", and open "View advanced system settings" in the Control Panel. Click Environment Variables. Under "System variables" double-click on Path. From there you can add and remove folders that are available in the PATH.
+Install [Docker Desktop](https://www.docker.com/products/docker-desktop).
 
-Download Python 3.9.0, 32-bit (x86) from https://www.python.org/downloads/release/python-390/. I downloaded python-3.9.0.exe. When installing it, make sure to check the "Add Python 3.9 to PATH" checkbox on the first page of the installer.
+Install Python 3.9.9 (x86) [[from python.org])(https://www.python.org/downloads/release/python-399/). When installing it, make sure to check the "Add Python 3.9 to PATH" checkbox on the first page of the installer.
 
 Install [poetry](https://python-poetry.org/). Open PowerShell, and run:
 
@@ -124,16 +124,10 @@ Change to the `dangerzone` folder, and install the poetry dependencies:
 poetry install
 ```
 
-Make sure these are installed:
+Build the dangerzone container image:
 
-- [Docker Desktop](https://www.docker.com/products/docker-desktop)
-- [Vagrant](https://www.vagrantup.com/downloads)
-- [VirtualBox](https://www.virtualbox.org/wiki/Downloads)
-
-Run this to build a custom Alpine Linux ISO for Dangerzone, and copy it (and some binaries from Docker) into the `share` folder:
-
-```
-.\install\windows\make-vm.bat
+```sh
+python .\install\windows\build-image.py
 ```
 
 After that you can launch dangerzone during development with:
diff --git a/dangerzone-converter/scripts/document-to-pixels b/dangerzone-converter/scripts/document-to-pixels
index 56cba1d..37ee6b8 100755
--- a/dangerzone-converter/scripts/document-to-pixels
+++ b/dangerzone-converter/scripts/document-to-pixels
@@ -1,22 +1,8 @@
 #!/bin/sh
 
-# Remove this warning by setting the host in /etc/hosts:
-# sudo: unable to resolve host 8160b021d811: Temporary failure in name resolution
-echo 127.0.0.1 $(hostname) >> /etc/hosts
-
-# Record original permissions, and make document readable
-START_PERMISSIONS=$(stat /tmp/input_file | grep Access | grep Uid | cut -d"(" -f2 |cut -d"/" -f1)
-/bin/chmod 0644 /tmp/input_file
-
-# Do the conversion without root
-# /usr/bin/sudo -u user /usr/local/bin/document-to-pixels-unpriv
+# Do the conversion
 /usr/bin/python3 /usr/local/bin/dangerzone.py document-to-pixels
 RETURN_CODE=$?
-
-# Restore original permissions
-/bin/chmod $START_PERMISSIONS /tmp/input_file
-
-# Check for failure
 if [ $RETURN_CODE -ne 0 ]; then
     echo ""
     exit $RETURN_CODE
diff --git a/dangerzone-converter/scripts/pixels-to-pdf b/dangerzone-converter/scripts/pixels-to-pdf
index 01ebcb2..f3c41e1 100755
--- a/dangerzone-converter/scripts/pixels-to-pdf
+++ b/dangerzone-converter/scripts/pixels-to-pdf
@@ -1,11 +1,6 @@
 #!/bin/sh
 
-# Remove this warning by setting the host in /etc/hosts:
-# sudo: unable to resolve host 8160b021d811: Temporary failure in name resolution
-echo 127.0.0.1 $(hostname) >> /etc/hosts
-
-# Do the conversion without root
-# /usr/bin/sudo OCR=$OCR OCR_LANGUAGE=$OCR_LANGUAGE -u user /usr/local/bin/pixels-to-pdf-unpriv
+# Do the conversion
 OCR=$OCR OCR_LANGUAGE=$OCR_LANGUAGE /usr/bin/python3 /usr/local/bin/dangerzone.py pixels-to-pdf
 RETURN_CODE=$?
 if [ $RETURN_CODE -ne 0 ]; then
diff --git a/install/windows/build-image.py b/install/windows/build-image.py
new file mode 100644
index 0000000..5a66c9f
--- /dev/null
+++ b/install/windows/build-image.py
@@ -0,0 +1,56 @@
+import subprocess
+import gzip
+
+
+def main():
+    print("Building dangerzone-converter image")
+    subprocess.run(
+        [
+            "docker",
+            "build",
+            "dangerzone-converter",
+            "--tag",
+            "dangerzone.rocks/dangerzone",
+        ]
+    )
+
+    print("Saving dangerzone-converter image")
+    subprocess.run(
+        [
+            "docker",
+            "save",
+            "dangerzone.rocks/dangerzone",
+            "-o",
+            "share/dangerzone-converter.tar",
+        ]
+    )
+
+    print("Compressing dangerzone-converter image")
+    chunk_size = 1024
+    with open("share/dangerzone-converter.tar", "rb") as f:
+        with gzip.open("share/dangerzone-converter.tar.gz", "wb") as gzip_f:
+            while True:
+                chunk = f.read(chunk_size)
+                if len(chunk) > 0:
+                    gzip_f.write(chunk)
+                else:
+                    break
+
+    print("Looking up the image id")
+    image_id = subprocess.check_output(
+        [
+            "docker",
+            "image",
+            "list",
+            "--format",
+            "{{.ID}}",
+            "dangerzone.rocks/dangerzone",
+        ],
+        text=True,
+    )
+    with open("share/image-id.txt", "w") as f:
+        f.write(image_id)
+
+
+if __name__ == "__main__":
+    main()
diff --git a/install/windows/get-openssh.py b/install/windows/get-openssh.py
deleted file mode 100644
index ce24f1c..0000000
--- a/install/windows/get-openssh.py
+++ /dev/null
@@ -1,65 +0,0 @@
-import os
-import sys
-import inspect
-import requests
-import hashlib
-import zipfile
-import shutil
-
-
-def main():
-    zip_url = "https://github.com/PowerShell/Win32-OpenSSH/releases/download/V8.6.0.0p1-Beta/OpenSSH-Win32.zip"
-    expected_zip_sha256 = (
-        "0221324212413a6caf260f95e308d22f8c141fc37727b622a6ad50998c46d226"
-    )
-
-    # Figure out the paths
-    root_path = os.path.dirname(
-        os.path.dirname(
-            os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentframe())))
-        )
-    )
-    zip_path = os.path.join(root_path, "build", "OpenSSH-Win32.zip")
-    extracted_path = os.path.join(root_path, "build", "OpenSSH-Win32")
-    bin_path = os.path.join(root_path, "share", "bin")
-
-    os.makedirs(os.path.join(root_path, "build"), exist_ok=True)
-    os.makedirs(os.path.join(bin_path), exist_ok=True)
-
-    # Make sure openssh is downloaded
-    if not os.path.exists(zip_path):
-        print(f"Downloading {zip_url}")
-        r = requests.get(zip_url)
-        open(zip_path, "wb").write(r.content)
-        zip_sha256 = hashlib.sha256(r.content).hexdigest()
-    else:
-        zip_data = open(zip_path, "rb").read()
-        zip_sha256 = hashlib.sha256(zip_data).hexdigest()
-
-    # Compare the hash
-    if zip_sha256 != expected_zip_sha256:
-        print("ERROR! The sha256 doesn't match:")
-        print("expected: {}".format(expected_zip_sha256))
-        print("  actual: {}".format(zip_sha256))
-        sys.exit(-1)
-
-    # Extract the zip
-    with zipfile.ZipFile(zip_path, "r") as z:
-        z.extractall(os.path.join(root_path, "build"))
-
-    # Copy binaries to share
-    shutil.copy(os.path.join(extracted_path, "libcrypto.dll"), bin_path)
-    shutil.copy(os.path.join(extracted_path, "moduli"), bin_path)
-    shutil.copy(os.path.join(extracted_path, "scp.exe"), bin_path)
-    shutil.copy(os.path.join(extracted_path, "ssh-agent.exe"), bin_path)
-    shutil.copy(os.path.join(extracted_path, "ssh-keygen.exe"), bin_path)
-    shutil.copy(os.path.join(extracted_path, "ssh.exe"), bin_path)
-    shutil.copy(os.path.join(extracted_path, "sshd.exe"), bin_path)
-    shutil.copyfile(
-        os.path.join(extracted_path, "LICENSE.txt"),
-        os.path.join(bin_path, "LICENSE-OpenSSH.txt"),
-    )
-
-
-if __name__ == "__main__":
-    main()