08 January 2021
What is a Sandbox?
Sandboxing is a security technique that’s used by companies and individuals the world over. It’s not something the average user will normally come across but you can guarantee that every piece of software you use has been sandboxed at some point in its development.
Everyone from software developers and security experts to the hackers themselves will use a sandbox environment to help build and test their products.
Just as the name suggests, a sandbox is a place where you can do something without it affecting the surrounding area: visualise a sandbox in the middle of a garden. In digital security terms, this means a sandbox is a tightly controlled environment that’s isolated from the main operating system where a person can test or analyse software and its impact on a virtual system.
For security, a sandbox is usually an extremely isolated environment that doesn’t have access to anything on the company network, or any contact with a host machine. Here the security expert is able to conducts tests on untrusted pieces of code, known malware and viruses and even website content. Should those tests reveal something nasty within, the security expert is able to work their magic and develop a fix that can be further tested and finally deployed to the company’s servers, where it’s downloaded as updated virus definitions by the security suites and applied to a customer’s computer.
"A Virtual machine is a great sandboxing environment."
Imagine that from the point of view of a hacker, then. The hacker has developed a particularly nasty piece of code that could bring down government agencies and cause widespread panic among the global digital community, they’re hardly going to test it on their own computer. They need to create a sandbox environment whereby they can trigger the malware, ransomware or whatever, and let it run its course. In the meantime they can run through various procedures to try and wipe the malware, as a security expert would, to find any weaknesses. Once they’ve perfected the malware and wiped out any perceivable vulnerabilities, they can then happily upload it to the Internet and sit back as the world is infected with their code.
Its not always the testing of malicious code that’s associated with sandboxes. For example, the words you’re reading now were written using Office 365/Word 2016. Before the product was released by Microsoft, the development behind Word will have gone through extensive testing, making sure that all the individual components within and that make up Word 2016 all worked. To do so, they will have used a dedicated and separate environment to the one they’re using to program on. This specialised environment will have mimicked a real world setup as much as possible, so that when the developer wanted to test something they could compile the code and execute it in an environment that wouldn’t affect their normal day-to-day workplace.
It’s generally accepted then that when testing in a sandbox it’s advisable to use as common a hardware and software setup as possible. This way, the developer will likely create a program that works on as high percentage of the computers available. Those computers that differ from the norm, and that may require a little more work for the product to install and work on, can then be dealt with through minor patching and bug testing.
So what’s this got to do with you?. Well, there are ways in which you can create your own sandbox environment to test in. Consider how many times you’ve downloaded software from the Internet and executed it without even examining how it may affect your computer. How many times do you visit websites and happily click on whatever message may appear without even reading it properly. With your own sandbox environment, you can download and install a piece of software and see how it runs within a test setup without it ever impacting your real machine. If you get into the habit of testing every bit of software in a sandbox first, you’ll certainly be glad should the day come you discover a hidden virus in the folds of an otherwise harmless looking program.