Any application has the potential to be malicious and therefore the security posture of any computer can be strengthened by the use of sandboxing. While browsers are a very important weakness in any operating system, by no means are they the only weakness. Some browsers which you might expect to include sandboxing (like the privacy-centric Brave Browser) may lack it completely. If you’re running an exotic browser, or want an even greater separation between your OS and your browser, you may want to take a look at the manual sandboxing options listed in the next section. Apple’s Safari browser runs websites in separate processes.Microsoft Edge sandboxes all processes now.Internet Explorer introduced some level of sandboxing in 2006 with IE 7.Mozilla Firefox has selective sandboxing implemented.Opera is sandboxed because it’s built on Google’s Chromium code.Google Chrome has been sandboxed since the beginning.Many of today’s browsers are designed to run in their own sandboxes automatically without any set up from the user. Browser sandboxingīecause browsers are so prolific and always on, they’re worthy of special attention. Sandboxing helps reduce the impact any individual program or app will have on your system In effect, it keeps the sand in the sandbox, keeping that sand from getting all over your (digital) house.
Programs can behave badly and crash, or cause other programs to crash they can have a reliance on some other application on the computer that conflicts with the needs of other programs and, increasingly, programs are malicious and try to access out-of-bounds areas to do bad things. This is exactly the type of behavior we’ve come to demand from our computers, phones, tablets, and watches over the years, but these capabilities can cause undesirable side effects. By allowing programs to share resources, the computer can seemingly multi-task and appear to be doing a lot of things at once. And when malware is involved, it could become disastrous.īasic computer design facilitates this resource sharing. All of that interaction can “dirty” your system, causing conflicts. And in Microsoft Windows, this holds true for many programs and apps, which will write and interact with multiple parts of your operating system, including your static storage, system memory, and CPU. As anyone who’s ever been to a beach will know, sand gets everywhere.
This is accomplished with sandboxing tools, which in concept work similarly a real sandbox. Sandboxing is the act of sectioning off a program on your hard drive so that its exposure to the rest of your apps and critical systems is minimized or eliminated.
0 kommentar(er)
