Virtualization Technology News and Information
Article
RSS
Security software slaps IE in "Sandbox"

Quoting from IT News

GreenBorder Pro uses virtualisation-like technologies to separate IE from the rest of the system, so that if malicious software does execute, it doesn't actually touch the computer.

A California company better known for "sandbox"-style security aimed at enterprises on Tuesday launched consumer software that puts Internet Explorer in a protected virtual machine. The approach blocks some malware from reaching the operating system and lets users "wipe" the browser slate clean to return IE to a pristine state.

GreenBorder Technologies' same-named GreenBorder Pro uses virtualisation-like technologies to separate IE from the rest of the system, so that if malicious software does execute, it doesn't actually touch the computer. Instead, it runs only within the "sandbox," which can be "dumped" with a click.

"But this is much more than just virtualisation," argued Bernard Harguindeguy, GreenBorder's chief executive, as he cited other security provisions in the product, such as a feature that scrubs the system of personal data after an online transaction. The software also blocks keyloggers from capturing keystrokes, and cloaks all files and system resources so that they're invisible to attacks, and thus safe from remote access or modification.

The software, which is based on the developer's GreenBorder for the Enterprise product, is a better security solution, said Harguindeguy, than Windows Vista's upcoming User Account Control (UAC) feature, which also has a goal of making silent, drive-by malware downloads less dangerous.

"There's a trade-off in usability [with UAC]," he said. "But GreenBorder doesn't sacrifice the user experience. It never puts a question or a pop-up in front of users, and doesn't make them change their browsing behaviour in any way."

Changes made by malicious code during an IE session are automatically erased when the user logs off or clicks the "Clean and Reset GreenBorder" button. During an internet session with GreenBorder engaged, a small green frame encloses IE.

But GreenBorder Pro isn't a security panacea, as even Harguindeguy admitted. Socially-engineered attacks - such as the cons typically run by phishers to get users to bogus sites where they're duped into divulging bank or credit account numbers - are as effective as ever.

"We're like a bodyguard," said Harguindeguy. "We'll stop someone from stealing your wallet. But if you take your wallet out yourself and hand over cash, we can't do much about it."

Security analyst Richard Stiennon of IT-Harvest agreed, and then some. "It'll stop web attacks, and those that 'bleed over' into other vulnerable applications, but it can't do anything against phishing attacks," said Stiennon.

"Virtualisation like this has been a common [security] approach," he went on, "especially in high-security applications like the military. But it's never caught on in the enterprise or with consumers.

"It's just easier not to use Internet Explorer rather than use something like this."

GreenBorder picked IE to support straight out the gate for obvious reasons: new vulnerabilities are frequently added to Microsoft's list, and even with competition from Mozilla's Firefox, it remains the leading browser by a mile. But Harguindeguy said that support for IE rivals will be quick in coming, with Firefox next on the list.

GreenBorder Pro is sold in an annual subscription of $US49.95, but the company will give away a year's sub to the first 10,000 copies downloaded from its web site.

The program requires Microsoft Windows XP SP1 or SP2, or Windows 2000 SP4, and Internet Explorer 6.0 or later.

The original quoted source article is here.

 

Published Tuesday, June 27, 2006 10:38 PM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<June 2006>
SuMoTuWeThFrSa
28293031123
45678910
11121314151617
18192021222324
2526272829301
2345678