Linked by Thom Holwerda on Tue 25th Sep 2012 22:40 UTC, submitted by Anonymous Coward
Windows NeoSmart Technologies has released a new version of EasyBCD, the free bootloader editor for Windows which supports Windows 8, the latest GRUB2 distributions, EFI machines, and comes with all-new support for 13 different languages. If you have a Windows-based multiboot machine, you really need EasyBCD. It's a fantastic application.
Permalink for comment 536640
To read all comments associated with this story, please click here.
RE[7]: Good link
by darknexus on Thu 27th Sep 2012 09:02 UTC in reply to "RE[6]: Good link"
darknexus
Member since:
2008-07-15

The problem with all these approaches that try to add sandboxing functionality to existing OSs, is that sandboxing is only useful if users and developers are aware of its existence and ready to deal with it.

Even then, it won't be effective. No matter how tightly you sandbox something, you're eventually going to have to give it permission to access something. Whether it's a wordprocessor that you need to let access your documents folders (both local and remote) or a VOIP application that a user wants running on start-up, you will have to give it permission to access something outside of its own resources unless you want to end up like the Apple app stores. That approach works to an extent, but forces a massive inconvenience on more knowledgeable users. Not only do we not have access to the filesystem (which I could live with if I had to) but we can't send a file across to another application. Say I have an audio project which I'm recording. I then want to send portions of it over to an audio editor rather than a multi-track recorder program… oops, can't do that with iOS.
The long and short of it is that you will never have a perfect security mechanism. It doesn't matter how well you sandbox. When users are involved, you cannot prevent them from doing something stupid. It's rather like various systems of government in that respect: they look great on paper, but then you get people involved and somehow it never turns out as expected.
I think the best approach would be iOS-style sandboxing (notice I did not say having a locked down app store) but you need to allow either filesystem access or the ability to otherwise share data between applications. The instant you do that, you've essentially broken your sandbox. You have no choice however, if you want a fully-functional, productive environment. A balance between security and usability is, I think, the best we can ever hope for.

Reply Parent Score: 2