Back to Courier Columns Page

by Ray Carlson

Q. I heard that sandboxing helps security. What is sandboxing?

A. In relation to computer security, sandboxing involves keeping questionable software in a restricted environment so that the software cannot do any harm if it turns out to be a form of malware. The most common approach is to set up a controlled place for guest programs to operate and not allow such programs to have access to sensitive parts of the computer.

An example relates to programs like Adobe flash, Java applets, and Silverlight. Each such program requires a person to download software that is installed on the computer. When that computer is used to look at certain websites, software on that website interacts with the downloaded software to create interesting actions like animation or check boxes that initiate new actions. A crook can create a small program that looks like Java or the like but when it interacts with the software on your computer takes over part of the computer’s operation.

Sandboxes restrict the Java, Flash or other programs on websites from doing anything but their normal activity. Use of sandboxes is gradually growing. In 2008, Google added one form to its browser, Chrome, and they continue to add enhancements. The Comodo firewall, the Avast antivirus program and one version of Microsoft’s Internet Explorer are some of the programs that have added sandboxing. Other variations of sandboxes are also being created suggesting that, in the near future, this concept may become a major form of protection from malware.

Published: Courier 12/19/10 - Page 5C