Open Source Web Sandbox From Live Labs Help Secure Your Web Site

  • Article

Web Sandbox , virtualization technology meant to make websites safer from attack, has been released with an Open Source license. Web Sandbox is designed to isolate the different parts of a Web page from each other via virtualization, thus enhancing security. Additionally, it will work with most browsers.

Web Sandbox is a project of Microsoft's Live Labs and was released this week under the Apache License 2.0 license, but the project is not sanctioned or sponsored by the Apache Software Foundation.

According to the Live Labs site:

Modern Web pages are made up of pieces that may be served from different locations—maps, visit counters, affiliate programs that run scripts on your page, gadgets built by outside developers, and more. But what happens when items you’re including hamper the experience, either on purpose or by mistake?  IFrames isolate your site’s personal information without protecting users or their machines, which remain vulnerable in face of increasingly sophisticated exploits.

The Web Sandbox addresses this problem through virtualization. We provide an opportunity to test the Sandbox and find out whether it prevents the attacks you’re concerned about.  It's designed to improve the security, isolation and quality of service for your site and your users. The goal is to get to an open and interoperable standard in this space, creating a robust and long term solution. 

You can help by trying to hack the code to find scenarios or exploits we haven’t thought of yet. The more you try to break it, the stronger it will get. Our goal is to involve the community and release a set of open source components that can be improved upon as time goes by.

For more information about Web Sandbox, see Web Sandbox home page. For download information, see Live Labs Web Sandbox.

 

Several significant projects have come from Live Labs recently:

  • Thumbtack: A single place to save or share the stuff you want from all around the web.
  • Seadragon: Smooth, seamless browsing of vast quantities of visual information, on wall sized displays or mobile devices, regardless of the amount of data
  • Photosynth: Automatically reconstruct a three-dimensional space from a collection of photos of a place or an object.