2010 Will Be the Year of Sandboxing Apps

2010 Will Be the Year of Sandboxing Apps 203

Posted by timothy on Wednesday January 06, 2010 @04:24PM from the layers-within-layers dept.

Trailrunner7 writes "In a guest editorial on Threatpost, Mac hacker and security researcher Dino Dai Zovi writes that 2010 will be the year that software vendors get religion about sandboxing untrusted data in desktop apps. 'Instead of the usual top ten lists that are all-too-common with predictions for the new year, I have just one: 2010 will be the year of desktop applications handling untrusted data in sandboxed processes, and it will be about time. The largest Internet security threats now arrive through malicious web pages or e-mail attachments. This is because attackers are opportunistic and these are the weakest links especially because they easily pass through every firewall. Security is not and never was about SYN packets, it is about data: the software attack surface that attacker-controlled data interacts with and what sensitive data the attacker can get a hold of if they can exploit vulnerabilities in that software.'"

2010 Will Be the Year of Sandboxing Apps

This discussion has been archived. No new comments can be posted.

Search 203 Comments Log In/Create an Account

Comments Filter:

Re:And the year of.. (Score:5, Informative)

by spun ( 1352 ) writes: <loverevolutionary&yahoo,com> on Wednesday January 06, 2010 @04:44PM (#30674634) Journal

and what exactly is the point of having RAM go unused?
File cache. RAM unused by bloated applications gets used by (most) operating systems to cache files, resulting in quicker disk access.

Re:Already here. It's on my family PC.. (Score:3, Informative)

by CannonballHead ( 842625 ) writes: on Wednesday January 06, 2010 @04:48PM (#30674666)

"Windows 64-bit: Full support for 64-bit is available in recent beta versions of Sandboxie. Click here"
Looks like they are working on that. :)

Sorry. The WWW is now a huge API (Score:5, Informative)

by Colin Smith ( 2679 ) writes: on Wednesday January 06, 2010 @05:06PM (#30674840)

Web servers don't serve html documents any more, they serve remote procedure calls from javascript front ends.

Re:Instead of validating inputs (Score:3, Informative)

by jhol13 ( 1087781 ) writes: on Wednesday January 06, 2010 @10:24PM (#30678176)

We have tried the "validating" approach for 20 years and it is still failing at a tremendous rate.
Maybe it is time to try something else?

Re:How about reducing the surface area? (Score:3, Informative)

by jhol13 ( 1087781 ) writes: on Wednesday January 06, 2010 @10:29PM (#30678202)

applications running in sanboxes have to be able to write files, read files, load and install plugins, execute helper applications,
No, they don't.
They can be made so that only way to access file system is by File Dialog (see Java Web Start / JNLP).

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

2010 Will Be the Year of Sandboxing Apps 203

2010 Will Be the Year of Sandboxing Apps More Login

2010 Will Be the Year of Sandboxing Apps

Re:And the year of.. (Score:5, Informative)

Re:Already here. It's on my family PC.. (Score:3, Informative)

Sorry. The WWW is now a huge API (Score:5, Informative)

Re:Instead of validating inputs (Score:3, Informative)

Re:How about reducing the surface area? (Score:3, Informative)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot