Who doesn't know Don Abbondio? For us Italians he is an unforgettable figure. Little little man hiding behind words with dark meanings.
Well, some "security experts" make me want to compare them to Don Abbondio ... You might ask yourself why, but I'm not going to hide that the reason is very simple: the use of the language to confuse others and demonstrate the own superiority !!!
Of course they are not all like that, on the contrary, my experience is that for the most part they are serious and prepared professionals who try to explain in the simplest possible way sometimes extremely complex concepts.
Unfortunately, there are also those who act as the only connoisseur of the subject and honestly in these cases I enjoy putting it to the test, pretending (is it the truth?) Not to understand anything about safety and listening to the expert in front of me.
Recognizing these people is quite simple, some clues will allow you to recognize them even without being experts:
- when they speak it is impossible to interrupt them to say something;
- if you can ask him a question to ask for clarification you will have an answer that sinks you even further down;
- occasionally they will say that this or that system is absolutely safe (doubt these in particular!);
- they give their speech of technical terms in English, and that's why I started with Don Abbondio!
I anticipate those particularly fussy readers who are thinking that Don Abbondio did not use English but Latin. Correct, but these new Don Abbondio employ technical English just as Don Abbondio used Latin: to silence and confuse!
The last time I met one of these people the topic used to confuse me was related to the use of "sandboxes", then let's see what it is.
Una sandbox is an isolated test environment that allows users to run programs or open files without risk for the applications, systems or platforms they run on.
Generally the sandbox they are used by software developers to test programs code.
Instead, security experts use them to test potentially dangerous code limiting the risk of infection or loss of sensitive data.
I would like to draw your attention to the term I use: "limiting", not "eliminating"!
It is important to understand that 100% security does not exist when dealing with hardware and software.
But how does a "sandbox" work?
La sandbox simulates the working environment of a software, therefore the software that runs inside the sandbox it is as if it was run directly on the operating system of the computer. Of course inside the sandbox the software (malicious or not, but which we have reason to not trust) does not have the same freedom to act as it would have had in the normal operating system, in general it does not have direct access to real resources (memory, cpu ...) but to virtual resources established a priori. The software that runs inside the sandbox should not realize that he is inside the sandbox, if the software was a malware it should therefore behave for what it is, for example by trying to infect other programs or install a backdoor1 , sandbox should prevent such behavior.
Of course I use the conditional because like all things also sandbox they have their weaknesses and hackers are able to exploit them. To give just one example, some malware, before doing anything else, they try to understand if they are inside one sandbox, in which case "avoid behavior" that could betray them!
But then what should be done? Even the sandbox are not safe?
Le sandbox they are tools, useful, but not infallible. They can be used for our purposes, security, but they don't eliminate the risk, they simply reduce it. The knowledge and awareness of the risks that are run are the tools that allow us to face the risk in a serious way, which is why we need to spread knowledge.
To return to the introduction ... knowledge and awareness also help to recognize Don Abbondio on duty and, if necessary, silence him!
1 It is a hidden access door, which the hacker can use at will.
To learn more:
- https://searchsecurity.techtarget.com/definition/sandbox
- https://www.darkreading.com/vulnerabilities---threats/when-your-sandbox-...
- https://www.howtogeek.com/169139/sandboxes-explained-how-theyre-already-...
- https://simplicable.com/new/sandbox
