Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.



Windows 7: Don't bury your head in a security sandbox.

11 Aug 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Don't bury your head in a security sandbox.

Quote:

Adobe will employ a new sandboxing technology in the next version of its oft-targeted Reader in the name of hardening security. However, the effort won't make Reader more secure in the long run -- and likely not even in the short run. I'm a big believer that the best predictor of future behavior is past behavior, and if you look at the two-decade history of security sandboxes, you'll see they all eventually failed big.

The best example of failed sandboxes can be found in Java, which used an especially locked-down sandbox from the very beginning. In fact, it was so secure (no long-term writes outside the sandbox) that it proved too locked down. Nobody could use it to develop any substantial apps. To save a game score or spreadsheet, you needed long-term storage.

Sun then developed a more granular model in SDK 1.2, which involved asking users for permissions to do things outside the sandbox and allowed applet digital signing. This model proved to be too complex for users and developers alike, and it never caught on. With both sandbox models, Java has had well over 100 critical security vulnerabilities, and it continues to be patched on a regular basis, even though Sun has had more than 15 years to perfect the sandbox.

Google's Chrome browser has one of the best security models of the major browsers, and it includes a security sandbox. During the last two CanSecWest hacking contests, Chrome has been the only tested browser left standing. The hacking experts often credited Chrome's security sandbox for its seeming impregnability. In reality, though, Chrome is hackable; it just doesn't get hacked a lot in real life.
More -
Don't bury your head in a security sandbox | Security Central - InfoWorld

My System SpecsSystem Spec
.

Reply

 Don't bury your head in a security sandbox.





Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 11:28 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33