Sandboxing processes in tabbed browsers – as seen in Chrome - is great for security, as long as users understand how to use the technology, a security expert has warned.
Randy Abrams, director of Technical Education at ESET, said Google is on the right track with Chrome's isolation of tabs featuring their own sandbox. However he warned that people need to understand how it actually works.
“If people don’t understand that a sandbox is really best used as a one shot environment - empty out that sandbox, before you go to something important - sandboxing benefits are mitigated,” warned Abrams.
According to Abrams, the average user is going to use the same tab for many things which defeats the purpose of a sandbox.
“If the user goes to a compromised webpage and malicious software is downloaded, then in that same tab they go to their bank it doesn’t matter that you’re in the sandbox. “You’re playing in the same sandbox and your money is not going to be safe there,” said Abrams.
Google launched a beta version of its inaugural web browser, Chrome, last week where it introduced sandboxing for individual tabs and their corresponding processes.
According to Google, the goal of sandboxing is to prevent malware from installing, while also isolating tabs from any adverse affects in other open tabs.
“We’ve taken the existing process boundary and made it into a jail. That means no watching you type your credit cards and no telling Windows to run an executable at start up," Google wrote in an explanatory guide book.
It’s really good that there are some new security things coming out in browsers, but as we’ve seen cars evolve over the years, they have much better safety [but] it doesn’t prevent fatal accidents," said Abrams.
Close tabs for safe browsing in Chrome
By Negar Salek on Sep 9, 2008 3:02PM