When it comes to creating programs, there are different methodologies on how to get things done. Not everyone agrees on which way the best way is.
It is not like other types of engineering professions where they have standard practices which everyone follows.
With programming, even though people do try to create standards, it somehow slips through the cracks and people create their own way of doing things. But sometimes an idea is so good that it just becomes the best way to do things by default. And while you might still have a small minority of people who will disagree, overall everyone in the community will think that it is a good idea.
One of the ideas that is starting to become an accepted practice and not just something that some programs do, is to create a sand box area for parts of the program which can prove to be dangerous. In the past when a programmer would create a program, there first thought was how fast the program was. They didn’t really give too much thought in how safe the procedure is. All they were worried about was speed. Now, the security of the program is the first and foremost thought in most people’s minds. Not just the developers, the end users as well. With the rise of the internet, security must be the first thing that you think about or you will have some very unhappy customers.
What is sandboxing?
Before we go any further, let’s take the time to explain what sandboxing is exactly. While you might get the drift from the previous paragraphs, you still might be confused on the subject. Sandboxing is when you lock in a program from where it can go in the computer. It allows you to limit the abilities of what a program can do.
While some people may consider sandboxing parts of the program to be slower than the other methods, everyone agrees that it does leave the customer safer. First of all, you keep the dangerous parts of the program from reaching sensitive areas of the computer that can cause harm. Also, you make sure that if anything crashes, it will not take down the entire system. This is a good trade off for a couple of extra milliseconds of speed.
We see lots of programs use this method of security all of the time now. With the new version of Windows, called Windows 8, we will start to see programs limited in what they can do as well. This will be activated when the computer is in what is called Metro mode. When the computer is in normal mode the sandbox features will be turned off. Microsoft is trying to wean people to a more secure method of computing and they are giving the developers time to catch up by creating two modes.
We also see the ubiquitous Flash Player being used in sandbox mode as well. The first browser to use Flash in sand box mode was Chrome. Adobe has just announced that we will start to see it next in Firefox. This is great because there is nothing more annoying than when one tab with Flash running in it takes down the rest of the tabs that you might have running with flash in them. This is also great because it will help secure the system even more than it is now. Flash is known to have a lot of vulnerabilities going against it. So anything that it helps make it more secure is always welcomed.
Mobile phones and sandboxing
Probably the most popular technology that you see use the sandbox model is the mobile phones that we use every day. The creators of these phones do not want developers or the bad guys to be able to change sensitive parts of the cell phone experience. So when they allow people to create apps for the phone, the apps are only allowed to do so much. The success of the sand box model on mobile phones is what has led to the model being used in other parts of computing as well. While this model has always been used, it has never been as popular as it is now.
The safety of your computer is very important. But as a consumer you have to realize that every security precaution taken will take resources away from the rest of your system. So this may mean that while you are safer, you are also slower. But we are starting to see now that this minor decrease in speed is worth it. A computer or mobile phone with security problems these days is not worth having.