Rick Howard: The word is: sandbox.
Rick Howard: Spelled: sand for trap, and box for information.
Rick Howard: Definition: An isolated and controlled set of resources that mimics real-world environments and used to safely execute suspicious code without infecting or causing damage to the host machine, operating system, or network.
Rick Howard: Example sentence: An effective method of testing unverified code is to detonate it in a sandbox and observe the code's behavior, whether it is trying to load malicious files, replicate itself, contact a command-and-control server, download additional software, or encrypt sensitive data.
Rick Howard: Origin and context: Historically, educators used tabletop sandboxes as educational tools for children. John Dewey's Laboratory School at the University of Chicago in the early 1900s used sandboxes to teach about landforms and erosion, or to use as a relief-map base for building twig forts and log cabins of previous civilizations. But long before that, they were used as military tools for diagramming war strategy.
Rick Howard: According to Alexandra Lange from Slate online, quote, "A plan of attack might originally have been sketched on the ground of the battlefield with a stick, but even during the Roman empire, sand tables would have been set up within military encampments with tokens representing soldiers and units in the coming battle. In the digital world, Minecraft is probably the most popular sandbox game of the moment, but earlier hits like SimCity and Spore demonstrated a market for open-ended game play, and before them,
Rick Howard: Virtual sandboxing, on the other hand ,has its origins in the Hydra system, a project that came out of Carnegie Mellon University in the early 1970s. Researchers needed a safe way to experiment with new codes and their operating system while exploring different computer structures.
Rick Howard: Elizabeth Palermo in her article "Sandbox: A Separate Space for Developers to 'Play'” explains it this way. " In traditional operating systems, one bad code can lead to system failure. But with Hydra as the kernel, or base, of the operating system, researchers could run experimental codes as user programs, which still don't have access to the higher-level mechanisms that cause system failure. With this innovative new tool, researchers could experiment with new codes without damaging their entire system."
Rick Howard: This separate space is great for security professionals because cyber criminals can't leave the sandbox environment. They can't get to your sensitive information or even see that other virtual machines exist on the device.
Rick Howard: Nerd reference: As I said, using a sandbox to reduce the probability of a successful cyber attack has been around since the 1970s. In the modern age, here isGoogle describing how it uses the sandboxing technique to protect it's Chrome browser back in 2010.
Google representative: Sandboxing is a feature that we've built into Google Chrome to enhance the browser security. Here's how sandboxing works in Chrome.
Google representative: Every website or web application you open in the browser is a separate and independent process. For example, if you open three different websites in three different browser tabs, each tab you open corresponds to a separate process. So if one tab crashes, the browser and other tabs you have open shouldn't be affected.
Google representative: Sandboxing provides a layer of protection around each of these processes. Just like an actual sandbox. It's designed to build a restricted environment around each process.
Rick Howard: Credits: Word Notes is written by Nyla Gennaoui. Executive produced by Peter Kilpe, and edited by John Petrik and me, Rick Howard. The mix, sound design, and original music have all been crafted by the ridiculously talented Elliott Peltzman. Thanks for listening.