Posted by: Ken Harthun
14 Golden Rules of Computer Security, Secure Computing, Security, Security practice
If you’ve done any coding at all, you probably have a good idea why software developers often run their untested code in a protected environment–a sandbox. If the software misbehaves, all you have to do is shut down the sandbox and everything returns to normal, no harm done.
A sandbox is also a great way to prevent viruses and other malware from infecting your machine while browsing the web. Confine your browser to its own little box and if any malicious software tries to run, it can’t get to your system, it stays within in the box’s boundaries. Kill the box and you kill the malware. The top, sandbox program for Windows–the one I use for secure surfing and testing– is Sandboxie. It runs only on Windows. Run Internet Explorer, Firefox, or any other program under Sandboxie and you should be safe.
You can also operate securely from inside a virtual machine. This is different from a sandbox in that you actually run an entire operating system, rather than a single program. Many people, this Geek included, use virtual machines to run alternative operating systems like Linux. In a virtual machine, you can do everything you do on a real machine and like the sandbox, if things go wrong, your computer won’t be harmed. A big advantage of the virtual machine over a sandbox is that you can examine the actual behavior of malware and any damage to the OS. Microsoft provides the free Virtual PC and VMware provides its free VMware Player and VMware Server. For the Mac, there’s Parallels (not free).
Golden Rule #9: When surfing the web, testing unknown programs, or engaging in other activities with the potential to harm your computer, use a sandbox or virtual machine to protect your base system from harm.