Slashdot Mirror

← Back to Stories (view on slashdot.org)

Attacking Sandboxes

Posted by kdawson on from the just-another-brick-in-the-wall dept.

SkiifGeek writes "Many anti-malware applications use a sandbox as a tool to help identify potentially malicious software. Now knowledge is spreading about techniques and methods that can allow sandboxed software to target the sandbox itself (and by extension the application that applied it). While attacks that specifically target sandboxing applications are probably a little way off, this technology can be considered the logical extension of techniques and procedures to identify the presence of hosted systems (VMWare, Virtual PC, etc.)."

15 of 110 comments (clear)

  1. Enter the Sandbox by Anonymous Coward · · Score: 2, Funny

    So when will we be able to attack the Matrix?

  2. Sandbox the sandbox by robo_mojo · · Score: 4, Funny

    That's ok. We can just sandbox the sandbox and still be safe.

    1. Re:Sandbox the sandbox by langelgjm · · Score: 4, Funny

      But who will sandbox the sandboxers?

      --
      "Anyone who [rips a CD] is probably engaging in copyright infringement." - David O. Carson
    2. Re:Sandbox the sandbox by GizmoToy · · Score: 4, Funny

      You know, this was marked as Funny but I wouldn't be surprised if this was suggested as a solution at some point. "Hell, just wrap it in another (insecure) layer and it'll be fine."

    3. Re:Sandbox the sandbox by ehrichweiss · · Score: 4, Funny

      HA! I got you on that one!!! It's sandboxes all the way down!!!!!

      --
      0x09F911029D74E35BD84156C5635688C0
    4. Re:Sandbox the sandbox by sunami88 · · Score: 2, Funny

      When sandboxes are outlawed, only outlaws will have sandboxes.

      Oh Slashdot, your memes are teh win.

      --
      Sex. Drugs, and Unix.
    5. Re:Sandbox the sandbox by Mike89 · · Score: 2, Funny

      falling for stupid fishing sites
      Yeah, somehow these places always manage to hook me with their bait.
  3. Serves us right by jimbug · · Score: 3, Funny

    for building a box out of sand. what were we thinking?

    --
    Bite my shiny metal ass.
    1. Re:Serves us right by RAMMS+EIN · · Score: 2, Funny

      I thought sand was central to most boxen.

      Well, silicium, anyway.

      --
      Please correct me if I got my facts wrong.
  4. Re:Watch what I can do by click2005 · · Score: 4, Funny

    I've got friends who know how to block your friend's actions.

    --
    I am a free slashdotter. I will not be modded, blogged, DRM'd, patented, podcasted or RFID'd. My life is my own.
  5. Sandboxes and Firewalls by Sammy+Loo · · Score: 1, Funny

    People will start to think of sandboxes like they do fire walls. (Hay its wallz of fires! hay im no0b!)

    hahahahahahhahahahahaha

    I hate when people do that.

  6. Love this -- like the turtles.... by CFD339 · · Score: 4, Funny

    Just remember....recursive code is great code, because its recursive, so its great.

    --
    The problem with quotes on the internet, is that nobody bothers to check their veracity. -- Abraham Lincoln
    1. Re:Love this -- like the turtles.... by ettlz · · Score: 4, Funny

      Just remember....recursive code is great code, because its recursive, so its great.
      Well I'd just like to point out thaStack overflow
      Aborted
  7. Detecting virtualization? by macemoneta · · Score: 3, Funny
    Being able to detect virtualization would be great, if the technique can be generically applied.

    There is no spoon

    --

    Can You Say Linux? I Knew That You Could.

  8. Re:Umm... yes? And? by Opportunist · · Score: 2, Funny

    Actually, forget the "in soviet". "Russian malware pnws YOU!" is more to the point.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.