Full Disclosure mailing list archives

Re: Want to test this desktop barrier?, (Unauthorized offer) 0day protection

From: Dan Renner <dan () losangelescomputerhelp com>
Date: Thu, 08 Jun 2006 10:32:51 -0700

This is definitely has more luxury features, but couldn't you do prettymuch the same with MSDN's DROPMYRIGHTS program?

It runs {whatever} program as a guest user, effectively dropping thecapabilities of that program to do nefarious things.


----------------------------------

Sincerely,

Dan Renner
President
Los Angeles Computerhelp
http://losangelescomputerhelp.com
818.352.8700



full-disclosure-request () lists grok org uk wrote:

Message: 9

Date: Thu, 8 Jun 2006 10:14:21 -0700
From: "Bill Stout" <bill.stout () greenborder com>
Subject: [Full-disclosure] Want to test this desktop barrier?
        (Unauthorized   offer) 0day protection
To: <full-disclosure () lists grok org uk>
Message-ID:
        <1FA45C2E5F2E4B46967415DA3A804FE83C3A1C () mail greenborder com>
Content-Type: text/plain; charset="us-ascii"

Hello All,

We have an early release of consumer desktop safety software that I'd

like some feedback on.http://www.greenborder.com/earlyaccess/

Our software runs on XP SP2, and creates an application-level virtual
environment primarily (for now) for Internet Explorer.  This prevents
modification of the base system by any content in the virtual
environment.  We refer to the virtual environment as 'x-space', or
'within GreenBorder'.  We apply access control from the virtual
environment to; the filesystem, registry, user shell, COM objects, and
system calls.

Although only Internet Explorer and applications which open downloaded
attachments are supported, other applications can be launched in the
GreenBorder environment.  Any processes running or temporary files or
temporary registry entries are wiped from the virtual environment by an
application reset.  Files can be saved to a specific directory only, and
applications in this environment are prevented from reading files
outside this one directory (applies confidentiality).

We don't determine what application running in the virtual environment
is malicious or not, so therefore this is not a replacement for
signature based protection systems.  Most anything can run in the
environment, it just can't modify local resources.  This is great
protection for 0-day exploits, and lets administrators wait to apply
patches off-hours.

Hammer on our software by running malware of your choice in the software
environment.  Please email me or the marketing email of your results.
If you're running intensive tests, I would still recommend using a
scratch system.

We also have an enterprise version which uses a central whitelist to
determine in which environment to open a site requested or Outlook
message received.

Bill Stout
www.greenborder.com


Appended below is our marketing spiel:



"We are very pleased to give you special, early access to GreenBorder
Pro, the new consumer edition of our patented enterprise technology
(that's already protecting thousands of users in some of the most
demanding environments).

With GreenBorder Pro, NOTHING CAN BREAK INTO YOUR PC from the Web.  You
can:
 *  Search & browse ANY website-without putting your PC, files or
private
    identity data at risk (or leaving any trace on your PC of where you
have been :)
 *  Shop & bank in privacy-without anything spying on your personal
info,
    bank account and credit card numbers, passwords or online
transactions
 *  Use any downloads-without worrying about anything nasty hidden
inside
Simply click on the link below to get to the GreenBorder Pro VIP page.
There, you can see a guided tour, learn about the software, and download
your own copy. Here is a special VIP license key to copy & paste when

you install:

34422VS222222222222279429422K44W
Click here to get GreenBorder Pro

<http://www.greenborder.com/earlyaccess>

We would greatly appreciate any comments or suggestions you might have
along the way. Just email us at vip () greenborder com or click on the
GreenBorder icon and select Contact Customer Support in the software
itself!"

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060608/e9340292/attachment.html

------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

End of Full-Disclosure Digest, Vol 16, Issue 16
***********************************************


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Want to test this desktop barrier?, (Unauthorized offer) 0day protection Dan Renner (Jun 09)
- Re: Want to test this desktop barrier?, (Unauthorized offer) 0day protection Christian Swartzbaugh (Jun 09)
  - Re: Want to test this desktop barrier?, (Unauthorized offer) 0day protection Cardoso (Jun 09)
- RE: Want to test this desktop barrier?, (Unauthorized offer) 0day protection Bill Stout (Jun 09)
  - Re: Want to test this desktop barrier?, (Unauthorized offer) 0day protection Morning Wood (Jun 10)