RE: Looking for security tool testers (GreenBorder product license inside)

["Bill Stout" <bill.stout () greenborder com>]

I've been asked about what tests could be run with this software.

Testing External threats:  Within a protected browser, you should be
able to browse to any sites which install spyware, contain viruses,
exploit pages, etc without infecting the local computer.  Any processes
running in the protected environment can be wiped by a reset from the
task bar icon.  Also, to apply confidentiality, any files within My
Documents and 'Desktop' cannot be read from the environment or
applications running in the environment.

There are options to tighten security further, by preventing access to
local network services and local network shares.

Testing Local threats:  Any infected files downloaded to the GreenBorder
files directory should not be able to modify local resources
(filesystem, registry, perform protected system calls, access open
documents via COM, etc).  If cmd.exe is launched from the environment,
commands should not be able to modify local resources (regedit, del,
etc).

The software lets you browse all those gaming and video sites you've
been afraid to browse.  The enterprise version also allows you to open
any untrusted email or attachment without worry of infection.

Bill Stout

-----Original Message-----
From: Bill Stout [mailto:bill.stout () greenborder com] 
Sent: Thursday, June 15, 2006 11:23 AM
To: security-basics () securityfocus com
Subject: Looking for security tool testers (GreenBorder product license
inside)

Hi Guys,

I've gotten good feedback from Full Disclosure list on our desktop
barrier early release product.  Some of the feedback I'm receiving is
that it might also serve as a malware analysis tool if we improve
logging messages.   Also that it provides 'chroot for Windows'.  I
thought members on this list may also want to try this out, and
hopefully reply with feedback.  

This is the text I've posted to Full Disclosure:

Our software runs on XP SP2, and creates an application-level virtual
environment primarily (for now) for Internet Explorer. This prevents
modification of the base system by any content in the virtual
environment. We refer to the virtual environment as 'x-space', or
'within GreenBorder'. We apply access control from the virtual
environment to; the filesystem, registry, user shell, COM objects, and
system calls.

Although only Internet Explorer and applications which open downloaded
attachments are supported, other applications can be launched in the
GreenBorder environment. Any processes running or temporary files or
temporary registry entries are wiped from the virtual environment by an
application reset. Files can be saved to a specific directory only, and
applications in this environment are prevented from reading files
outside this one directory (applies confidentiality).

We don't determine what application running in the virtual environment
is malicious or not, so therefore this is not a replacement for
signature based protection systems. Most anything can run in the
environment, it just can't modify local resources. This is great
protection for 0-day exploits, and lets administrators wait to apply
patches off-hours.

Hammer on our software by running malware of your choice in the software
environment. Please email me or the marketing email of your results. If
you're running intensive tests, I would still recommend using a scratch
system.
We also have an enterprise version which uses a central whitelist to
determine in which environment to open a site requested or Outlook
message received.

Here is a 28-week license and the download URL:

T34PWW229YLTS22IKIOP7D2E773323E9
http://www.greenborder.com/earlyaccess/ 

The license includes a 'safe file' option - right-click on any
executable or questionable file to open it in virtual space.  Note: Many
but not all programs will run in virtual space, support for Firefox, IM,
and other networking programs is not official and have not been fully
QA'd.  

Bill Stout
www.greenborder.com

Appended below is our marketing spiel:


"We are very pleased to give you special, early access to GreenBorder
Pro, the new consumer edition of our patented enterprise technology
(that's already protecting thousands of users in some of the most
demanding environments).
With GreenBorder Pro, NOTHING CAN BREAK INTO YOUR PC from the Web. You
can:
* Search & browse ANY website-without putting your PC, files or private
identity data at risk (or leaving any trace on your PC of where you have
been :)
* Shop & bank in privacy-without anything spying on your personal info,
bank account and credit card numbers, passwords or online transactions
* Use any downloads-without worrying about anything nasty hidden inside
Simply click on the link below to get to the GreenBorder Pro VIP page.
There, you can see a guided tour, learn about the software, and download
your own copy. Here is a special VIP license key to copy & paste when
you install: 

(see above)

We would greatly appreciate any comments or suggestions you might have
along the way. Just email us at vip () greenborder com or click on the
GreenBorder icon and select Contact Customer Support in the software
itself!"