Slashdot Mirror

← Back to Stories (view on slashdot.org)

2010 Will Be the Year of Sandboxing Apps

Posted by timothy on from the layers-within-layers dept.

Trailrunner7 writes "In a guest editorial on Threatpost, Mac hacker and security researcher Dino Dai Zovi writes that 2010 will be the year that software vendors get religion about sandboxing untrusted data in desktop apps. 'Instead of the usual top ten lists that are all-too-common with predictions for the new year, I have just one: 2010 will be the year of desktop applications handling untrusted data in sandboxed processes, and it will be about time. The largest Internet security threats now arrive through malicious web pages or e-mail attachments. This is because attackers are opportunistic and these are the weakest links especially because they easily pass through every firewall. Security is not and never was about SYN packets, it is about data: the software attack surface that attacker-controlled data interacts with and what sensitive data the attacker can get a hold of if they can exploit vulnerabilities in that software.'"

9 of 203 comments (clear)

  1. Windows 7 by gbjbaanb · · Score: 3, Funny

    Great, I just upgraded from XP to Windows 7 and now all my apps have to be run in XP Mode's virtual machines. Thanks Microsoft. :)

  2. Re:And the year of.. by SnarfQuest · · Score: 2, Funny

    If you want to leave a lot of openings in your sandbox for malicious software to work through, you have to expect things to slow down.

    --
    Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
  3. Re:Wow.... Welcome to Java applets, 1995... by Anonymous Coward · · Score: 1, Funny

    Sandboxes are a tried and true idea, they work well. It's about time

    So, sandboxes will see as much success as Java desktop apps? What?

  4. Re:Already here. It's on my family PC.. by sakdoctor · · Score: 5, Funny

    Whoa! Your daughter is off the rails, and your soft approach to parenting is not helping.
    Install linux on her system right now, and don't give her the root password until she's 18!

  5. Re:This is the year of wishes being predicitons by csartanis · · Score: 5, Funny

    I predict this will be the year of Kari Bryon on the desktop!

  6. Re:Already here. It's on my family PC.. by Anonymous Coward · · Score: 2, Funny

    [dont-take-it-personal][joke-to-easy-to-resist]
    "Much like her mother"? she has poor taste in men?
    [/joke-to-easy-to-resist][/dont-take-it-personal]

  7. Re:Old news? by MrEricSir · · Score: 2, Funny

    Yes, but a big bully came and stomped on all our sand castles. Now that we've grown up a little, it's time to try again.

    --
    There's no -1 for "I don't get it."
  8. Awesome! by InlawBiker · · Score: 4, Funny

    I was just handed a memo from a collection of all major software and hardware vendors on Earth, saying that security will be put ahead of profits from now on! It was delivered by a Unicorn, who got here on the gumdrop express via the rainbow highway.

  9. Re:Isolate by Fnord666 · · Score: 3, Funny
    From the Isolate web site:

    isolate currently suffers from some bad security bugs! These are local root privilege escalation bugs. Thanks to the helpful person who reported them (email Chris if you want credit!). We're working to fix them ASAP, but until then, isolate is unsafe and you should uninstall it. Sorry!

    This doesn't really sound like the solution most people looking for.

    --
    'The tyrant will always find pretext for his tyranny.' - Aesop's Fables