| Latest revision |
Your text |
| Line 4: |
Line 4: |
| | | title = Sandboxing Cycle | | | title = Sandboxing Cycle |
| | | image = sandboxing_cycle.png | | | image = sandboxing_cycle.png |
| − | | titletext = All I want is a secure system where it's easy to do anything I want. Is that so much to ask? | + | | titletext = All I want is a secure system where it's easy to do anything I want. Is that too much to ask? |
| | }} | | }} |
| | | | |
| | ==Explanation== | | ==Explanation== |
| − | A {{w|Sandpit|sandbox}} or sandpit is a playground where children can play safe without interfering with the world outside. By this meaning the term was adopted by others like the {{w|Sand table|sand table}} in military uses, or as a {{w|Wikipedia:Sandbox|Wikipedia Sandbox}}, a playground for inexperienced editors to test their additions, and in {{w|Sandbox (computer security)|computer security (sandbox)}} which [[Randall]] probably references at this comic.
| + | {{incomplete|Created by a BADLY SANDBOXED BOT- Please change this comment when editing this page. Do NOT delete this tag too soon.}} |
| | | | |
| − | Software is getting more and more complex, and in an effort to reduce programming work and security vulnerabilities, large applications are composed of multiple programs. Getting these mostly self-contained programs to work with each other can be tricky, since requirements can vary a lot between different applications, requiring a rather general {{w|Interface (computing)|interface}} or {{w|API}} for communication. The more open such interfaces are, the higher the risk of unintended side effects, like vulnerabilities and overly permissive data access which could be exploited by hackers. | + | Software is getting more and more complex, and in an effort to reduce programming work and security vulnerabilities, large applications (for example a web service) is comprised of multiple programs. Getting these mostly self-contained programs to work with each other can be tricky, since requirements can vary a lot between different applications, requiring a rather general {{w|Interface (computing)|interface}} or {{w|API}} for communication. The more open such interfaces are, the higher the risk of unintended side effects, like vulnerabilities and unnecessary data access (which could be exploited by hackers). |
| | | | |
| − | At the top left panel it could be a software collection whose parts are not yet fully connected to each other; the parts of the system which are as yet unconnected are shown in red, symbolizing a problem. A simple example is a typical {{w|Productivity_software#Office_suite|office suite}} used for documents, presentations, spreadsheets, charts, databases, and more. In the early days those separate applications weren't much connected together, copy and paste was one of the most important features; which suggests the applications haven't yet been fully developed. However, software is never fully developed, improvements can always be made. | + | At first, we are presented with an application whose parts are not yet fully connected to each other. Some of them are encapsulated and don't talk directly with programs on the outside, but through the encapsulation layer. |
| | | | |
| − | The next panel uses some "new technology" (in green, representing a solution) to interconnect those parts not only internal but also to the world outside at the internet. In the simple office suite example this means a document can now use a spreadsheet directly by using just a simple connection to another file. If that spreadsheet is changed the document uses this new content without any need of copying it manually.
| + | Using some "new technology" these parts are interconnected, with blatant disregard to good software design (foregoing encapsulation (as they are being drawn from an inner circle 'cutting' through its container), too much data sharing, even a connection that seemingly leads nowhere). |
| | | | |
| − | But this leads to the third panel, with undesired connections shown in red. The undesired connections mean that problems in specific applications may spread to other applications because nobody can oversee everything in a large environment. It even may destroy the original document in the office suite example or allow malicious users to exploit security holes.
| + | Randall then notices that the programs making up his service have a very high number of connections between them, reducing the sandboxing effort to absurdity (and probably gaining a few security holes along the way). |
| | | | |
| − | The fourth panel shows (in green, representing a solution) a method applied to this problem known as sandboxing. This is a security mechanism for separating running programs without risking harm to others. This can tighten up sloppy security. A direct consequence of restricted communication is that the programs now again can't connect easily to each other, resulting in a situation very similar like in the first panel and restarting the "sandboxing cycle."
| + | One solution to this problem is {{w|Sandbox (computer security)|sandboxing}}. Sandboxing a program limits its access to the outside world transparently. This can tighten up sloppy security by working around it. A direct consequence of restricted communication is that it is now harder to connect programs with each other. The Industry currently puts a lot of work into {{w|Orchestration (computing)|orchestrating}} these sandboxes; making it (supposedly) easier to plug programs into each other without sacrificing security. |
| | | | |
| − | The point made by this comic is that it is often difficult to easily use a system without lowering security in that system; a dilemma that can be found both in the office suite example above or the social media example below.
| + | He then proceeds to re-sandbox his services without cleaning up the mess he made and the cycle starts over. |
| | | | |
| | The dilemma is again stated in the title text: Randall wants both ease of use and high security. In practice, a tradeoff has to be made. | | The dilemma is again stated in the title text: Randall wants both ease of use and high security. In practice, a tradeoff has to be made. |
| − |
| |
| − | For a related xkcd on cycles and security, see [[2677: Two Key System]].
| |
| | | | |
| | ==Transcript== | | ==Transcript== |
| − | :[The comic consists of four panels arranged in a circle around the center. Black arrows connecting them clockwise in an infinite loop. All panels show the same 14 tiny circles and three different rings embedding some of the circles while other circles are outside. A few circles and rings are connected by lines but there is no connection between them all.]
| |
| | | | |
| − | :[The panel at top left shows this configuration but with a few circles in red.]
| + | The comic consists of four panels that are connected with arrows in a circle. |
| − | :"I wish these parts could communicate more easily."
| |
| | | | |
| − | :[Clockwise the next panel on the right shows new lines in green connecting nearly all remaining also now green circles and the lower most circle has a dashed green line to the outside.] | + | : "I wish these parts could communicate more easily." |
| − | :"Ohh, this new technology makes it easy to create arbitrary connections, integrating everything!" | + | : A large software application is stylized as circles; larger parts contain sub programs. Some are connected to each other, but far from all, others are colored red, possibly indicating known security vulnerabilities. |
| | | | |
| − | :[At the third panel to the bottom right all green parts are now in black and even more connections are established. Parts of these and some others are now highlighted in red.] | + | : "Ohh, this new technology makes it easy to create arbitrary connections, integrating everything!" |
| − | :"Uh-oh, there are so many connections it's creating bugs and security holes!" | + | : New communication channels (in green) have formed between all of the subprograms, often forgoing the principle of encapsulation. |
| | | | |
| − | :[At the fourth panel to the bottom left all red parts are now in black, showing a complex structure. Four green rings separate the structure with only green connections between them and to the outside.] | + | : "Uh-oh, there are so many connections it's creating bugs and security holes!" |
| − | :"Ohh, this new technology makes it easy to enclose arbitrary things in secure sandboxes!" | + | : Even more connections appear and some of them are now circled red, likely indicating bugs. |
| | | | |
| − | :[The arrow above the fourth panel connects it to the first and the circle continues from the beginning.] | + | : "Ohh, this new technology makes it easy to enclose arbitrary things in secure sandboxes!" |
| | + | : The sandboxes are stylized as new green circles encapsulating major parts of the application. |
| | | | |
| − | ==Trivia==
| + | The circle continues from the beginning. |
| − | *While this comic is applicable to a wide number of digital security issues, it may be about social media in particular.
| |
| | | | |
| − | *Originally, there were only a few social media websites (AOL, for example), which were not connected to one another but were so large and all-encompassing that they could be considered highly-connected systems. Once the internet became more popular and more powerful, lots of smaller websites popped up for individual topics -- forums, web apps, etc. Eventually there were so many places users had to log in that Google and Facebook began to offer services to use a single log-in for all websites that opted-in to supporting that service. Recently, with increasing consumer concerns about privacy and security, some users have begun to deliberately sever the connections between websites, to make it harder for any one company to gain a monopoly on their data. This may not last long, though, as users realized just how inconvenient it is to manage so many logins.
| |
| − |
| |
| − | *This desire to accommodate both privacy and ease use of use can lead to confusing and paradoxical actions or outlooks, like [[2045|Randall's struggle with his social media accounts in the comic immediately following this one]], or Zach Weinersmith's complaints in the [https://www.smbc-comics.com/comic/the-problem SMBC comic] released the same day as this one.
| |
| | | | |
| | {{comic discussion}} | | {{comic discussion}} |
| − |
| |
| − | [[Category:Comics with color]]
| |
| − | [[Category:Charts]]
| |
| − | [[Category:Computer security]]
| |
