water cooler :: Security and the Zen of dodging malware
To-may-to or to-mah-to, I don't care what you call it, just gimme one, quick!
Seriously, though, IMHO, I am 100% against downloading and running unknown who-knows-what-they-do executables on my system. I *refuse* to run MSIE and Outlook in Windows just due to the malware risks. When I surf the web, I am primarily looking for information, not flashy eye candy and other such silliness. Most of the time I run Opera with image and popup downloading turned off, and I can't count the number of websites I've visited that try to change my homepage or install a bunch of useless b.s. on my system. I even hate visiting sites (usually by big corporations) where you can't navigate around without first downloading all their graphics.
With that said, your "software jail" sounds a lot like Java's "sandboxing" concept. Don't know if that helps, but maybe your "jail" could run inside a separate "virtual" OS (?).
Never surf the web as root or with Administrative privileges, as most Windows users do.
Run DSL from a frugal install and allow full downloading/executions (?). If your system gets FUBARed by some drive-by download, simply reboot. Still a bit of a pain, though.
To me, it all represents little more than wasted time, space, and CPU cycles.
original here.