When you think about the task of securing a computer, you tend to think about the software that is in front of you and that is about it. Sure, you see the antivirus programs running and the Firewall sending you warning messages and you think that is all that goes into it. You start to think yeah, they may be complicated programs but they are all that you need to protect your system. Wrong, there is so much more going on behind the scenes to help protect your computer. It is just hidden from the average consumer. One of the tools that happen to be used to protect your computer is called sand boxing.
Sand boxing is not just used on your computer. It is also used in your video game systems and in your mobile phones. It is the process of making sure that the third party programs that run on the system can only run in certain parts of the memory. The memory is a very important part of the computer and you want to make sure that everything is in order. Certain pieces of malware try to exploit systems with loose memory rules by causing havoc. With a sandbox system they make sure that they try to stop that from happening.
Some parts of the memory are only for internal system executables. If a piece of malware is able to affect that part then your computer is going to have problems. Having a sand box ready stops those problems in their tracks. Now you might be asking why all systems do not use a sandbox? They do to a certain extent. But some sand boxes are stricter than others. The reason why is because the stronger the sand box the less a third party programmer can do. Programs that are created with a looser sand box rules allow you to do more than a sand box that has stricter rules. So since the programmer has less features of the overall system to play with, the less he can do. So when you think about having a system with a sand box, then you have to realize that there is a trade off that you have to consider.
As with everything else in life, there is a trade off. Do you want a more secure system or do you want a system that allows programs to have a lot of features?