Full Disclosure mailing list archives
RE: Want to test this desktop barrier? (Unauthorized offer) 0day protection
From: "Bill Stout" <bill.stout () greenborder com>
Date: Thu, 8 Jun 2006 18:07:27 -0700
<<Re: [Full-disclosure] Want to test this desktop barrier? (Unauthorized offer) 0day protection>> Hi Thierry, It is conceptually different than AV or AS products, which is which is why I fall back to analogies. Even experienced security folk automatically categorize something new with existing products, and presuppose there is nothing new under the sun. If you generally categorize anything that does virtualization as a sandbox, then it's a sandbox. I mean, some people consider virtual machines a way to create a sandbox. Wikipedia does. Personally I think running VMware or Virtual PC just to run a browser securely is way too intrusive for the average user. So to avoid the user experience of booting a virtual OS, why not create a virtual application instance that can't contaminate the computer? I say that like it's easy, but it requires kernel knowledge to develop. Otherwise you only virtualize a few directories and some registry entries, and are exposed to attacks which leverage system calls, COM objects, User Shell, etc.. I believe this list is read by some of the best and most aggressive hackers that exist, and this is the best place to expose a new security product. I am interested in what the list has to say. Bill Stout _____________________________________________ From: Thierry Zoller [mailto:Thierry () Zoller lu] Sent: Thursday, June 08, 2006 3:04 PM To: Bill Stout Cc: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Want to test this desktop barrier? (Unauthorized offer) 0day protection Dear Bill Stout, Your are posting to Full-disclosure, not your average mailinglist, you don't need stories about toddlers and gloves, or "shots". ;)
If you see a toddler about to touch a dead animal, it's best they're wearing gloves rather than being up to date on their shots.
First it's a bad analogy, second it's plain wrong.
We refer to the virtual environment as 'x-space', or 'within GreenBorder'.
let's stick to some standards should we ? S A N D B O X -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
--- Begin Message --- From: "Thierry Zoller" <Thierry () Zoller lu>
Date: Thu, 8 Jun 2006 15:04:10 -0700
Dear Bill Stout, Your are posting to Full-disclosure, not your average mailinglist, you don't need stories about toddlers and gloves, or "shots". ;)If you see a toddlerabout to touch a dead animal, it's best they're wearing gloves ratherthan being up to date on their shots.First it's a bad analogy, second it's plain wrong.We refer to the virtual environment as 'x-space', or 'within GreenBorder'.let's stick to some standards should we ? S A N D B O X -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
--- End Message ---
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Want to test this desktop barrier? (Unauthorized offer) 0day protection Bill Stout (Jun 08)
- Re: Want to test this desktop barrier? (Unauthorized offer) 0day protection Thierry Zoller (Jun 08)
- Re: Want to test this desktop barrier? (Unauthorized offer) 0day protection Anders B Jansson (Jun 08)
- RE: Want to test this desktop barrier? (Unauthorized offer) 0day protection Bill Stout (Jun 08)
- Re: Want to test this desktop barrier? (Unauthorized offer) 0day protection neil davis (Jun 09)
- <Possible follow-ups>
- Want to test this desktop barrier? (Unauthorized offer) 0day protection Joxean Koret (Jun 08)
- RE: Want to test this desktop barrier? (Unauthorized offer) 0day protection Bill Stout (Jun 08)
- Re: Want to test this desktop barrier? (Unauthorized offer) 0day protection Thierry Zoller (Jun 08)