The Live Web Sandbox, is a project aimed at securing Web 2.0. The Sandbox applies techniques from programming languages to inject an interception layer that in effect virtualizes the execution of untrusted code in the browser. Among other interesting things the interception layer also gives us an opportunity to normalize the DOM API exposed to developers

What does that even mean? Well its means that they have created a isolated enviornemtn to secure web applications from hackers.

Today web gadgets, mashup components, advertisements, and other 3^rd party content on websites either run with full trust alongside your content or are isolated inside of IFrames. As a result, many modern web applications are intrinsically insecure, often with unpredictable service quality. Live Labs Web Sandbox addresses this problem.

An increasing number of Web 2.0 applications incorporate 3^rd party content. There are two common patterns: via direct script inclusion or embedded in an IFrame.

• Components that are included directly execute with full trust and can access private information elsewhere on the page and site. The site is subject to intentional or non-intentional bugs that could compromise personal information or degrade the web application’s quality of service.
• IFrames offer isolation but not complete security. Malicious code can try to install ActiveX controls, redirect users, interrogate your browser history, degrading the quality of service. IFrames also make it hard to provide an integrated experience and share data across components.

Web Sandbox from Live Labs enables developers to test their code by using the Sandbox provided here. In addition to this, they have a couple of sample codes in place for you to try and hack out.

See what is all about here at the demo from PDC