Google Buys Anti-Malware Security Startup 125
J Tomas writes "Google has quietly made its first anti-malware acquisition, snapping up GreenBorder Technologies, a venture-backed company that sells browser virtualization security software. GreenBorder's software creates a DMZ (demilitarized zone) between the Windows desktop and programs downloaded from Web pages or opened from e-mail messages in Microsoft Outlook. The early speculation is that Google will add the sandbox technology to the Google Toolbar or release a rebranded version as a standalone download."
Malevolence (Score:1, Funny)
Thanks... (Score:5, Funny)
GreenBorder's software creates a DMZ (demilitarized zone) between the Windows desktop and programs downloaded from Web pages or opened from e-mail messages in Microsoft Outlook.
Dear GreenBorder,
Thank you for doing work we should have done years ago.
Unfortunately this level of work requires considerable resources
which would drive down our bottom line and
shareholder confidence.
William Gates III
Microsoft Corporation
I guess a newb submitted this (Score:1, Funny)
Re: (Score:1)
Re: (Score:1)
Re: (Score:2, Insightful)
Re: (Score:1)
Oh, and I find it necessary (not "nessesary") to say - only a newb would try to BS us by saying that the term 'newb' is not derogatory (not "deragatory"). Maybe that lie works with your intellectual peers but we know better. So does Wikipedia, the Urban Dictionary and many other sources.
Back under your bridge, newb.
Re:Google ignores yet another Memorial day, politi (Score:2)
Re: (Score:2)
ALERT! ALERT! (Score:3, Funny)
Janeway: "Raise shields"
Paris: "Its no good, they have adapted, they are firing sunloungers"
Google is the new Microsoft, etc. etc. (Score:5, Insightful)
...proving that corporations aren't evil, but trying to stay on top when you're top dog might corrupt absolutely. This would not have happened in "Lord of the Rings."
I refuse to demonize corporations, because I know that people run them and do the best they can with an often paradoxical set of goals. I remember when one boss I worked for sold his company to a larger technological concern, and suddenly all the rules changed. Image became more important than reality. We did everything we could to inflate figures. And the guy who once spent hours thinking about "the next cool thing we'd all like to use" stayed up late looking over spreadsheets, metrics, indicators and other spaced-out crap that has no relevance to reality.
We might call this time "the devirginization of Google," as they are inducted to the weird malevolent world of corporate politics as the top dog in the Darwinian internet struggle for virtual world domination.
Re: (Score:2, Interesting)
Re:Personally (Score:1)
Re: (Score:1, Troll)
Re:Google is the new Microsoft, etc. etc. (Score:5, Insightful)
Corporations aren't evil in the same way that sharks aren't evil. They're just doing what comes naturally. Sharks eat furry little sea lions; corporations make money. If either stopped doing what came naturally, they'd die.
The key is to harness the corporation in such a way that it improves the lives of individuals without running roughshod over society. And that is the point of regulation. Well, that *should be* the point of regulation.
You make a good point, [offtopic] (Score:2)
virtualization DMZ.. (Score:5, Funny)
Marketingspeak: DMZ vs. Sandbox... (Score:4, Funny)
So...is it like the plain old Java sandbox?
Hmmm...I guess not. GreenBorder's "sandbox" appears to have some pretty big holes.
Re: (Score:2)
How about running the whole OS in virtualization mode, that gets flushed at each boot.
Re: (Score:2)
Wouldn't that suck.
For fuck's sake, just stop using Windows. This is ridiculous. I can't believe things are getting to the point where people start to seriously consider what is essentially a fresh install of the OS at every boot.
-matthew
Re:Marketingspeak: DMZ vs. Sandbox... (Score:4, Funny)
Well yea, but the average Windows wouldn't notice. And the average non technical user flies in to a technological panic when confronted with anything new. For instance a writer who is still on Wordperfect on Windows 98. She copies and pastes into her email prog to send, otherwise her clients can't read the doc
Did I mention the one who has msWord set at 75% zoom and the fonts at 20, as she never learned to adjust the font size. At print out she selects 'reduce by 60%'
Re: (Score:2)
They wouldn't notice that all their documents the apps and they installed are gone? Do you think the "average WIndows user" is an Alzheimer's sufferer or something?
-matthew
Re: (Score:3, Interesting)
I do run Windows in a VM and do revert to a clean version once a day. Windows has read/write access to a version controlled directory for storing data, but it cannot delete the history thereof.
Re: (Score:2)
-matthew
Re: (Score:2)
So what does it take to install applications and have them around when you "revert?" Sounds like a huge, unnecessary pain the ass to me.
If I want a new application I install it and save a new VM image, then make that my default. It only takes a minute or so more than it normally would. There could be an issue if I was compromised by malware after I started the session but before I installed the new app, but I generally will restart the session from a know good copy before I install anything.
Sounds like a huge, unnecessary pain the ass to me.
Security is not my primary motivation. I'm running Windows on top of OS X. I only use Windows for a handful of applications, mostly for compatibili
Re: (Score:2)
So basically your situation is relatively unique and has very little relevance to regular Windows users. But thanks for sharing.
-matthew
Re: (Score:2)
So basically your situation is relatively unique and has very little relevance to regular Windows users. But thanks for sharing.
Anyone looking to run Windows securely is a huge exception. People with a clue as to how to go about it are even rarer. Running the entire OS in a VM is one way, probably one of the very few ways a normal or slightly above average user could do it and still have all the functionality they expect. It is quite a bit better than simply "don't run Windows" as that is not a viable option for a great many of us.
Re: (Score:2)
Not all the functionality. I presume you're using Parallels on a Mac for your VM. And in my experience the video acceleration is pretty poor. Not suitable for games.
Re: (Score:2)
Not all the functionality. I presume you're using Parallels on a Mac for your VM. And in my experience the video acceleration is pretty poor. Not suitable for games.
It is rue enough that neither of the major players (Parallels and VMWare) have the video acceleration working in their current releases, although both claim it as "coming soon."
How about "don't run Windows as your primary OS" then? It is definitely a lot easier to keep a system clean if it isn't your primary desktop even without maintaining a "clean" VM. I mean if you're only running Windows/Parallels for IE to access your Bank and some obscure, but irreplacable Win32 app, then there really isn't much room for infection no matter what you do. Especially since Parallels puts your VM behind NAT by default.
Being behind a NAT does not protect you from Web-based exploits, nor from all of the current crop of automated worms that attack services you may be running. If you're using a VM already, I consider restarting from a clean image to be pretty low hanging fruit when it comes to security.
Re: (Score:3, Interesting)
Why is it so hard to keep your windows box clean? I run XP semi updated (every so often i check for updates, not regularly) and don't have "MASSIVE" problems that i hear people like you complaining about all the time...
Maybe it is because i am careful? I use firefox (because i prefer it over IE), I scan anything i download or get emailed with online scanners and i use a lot of game/program cracks, i don't scour the net for pron, and i have my bo
Re: (Score:2)
It isn't hard, per se. It is just annoying. I could keep a WIndows box clean if I *really* wanted to. I just don't want to. Simple as that.
Well hurray for you. You get a biscuit.
Maybe. But I'd rather move out of a dangerous neighborhood that be "careful" my w
Re: (Score:2)
Then why are you complaining about it so LOUDLY?!? I would have thought that with as much to say against it you would have been familiar with it...
"It isn't hard, per se. It is just annoying."
Well actually, it isn't either, but i guess you wouldn't know since you "rarely" use it.
"Maybe. But I'd rather move out of a dangerous neighborhood that be "careful" my whole life. But I suppose if that dangerous neighborhood is what you c
Re: (Score:2)
How much have I really said against Windows? That I find it annoying to have to be so "careful" when using it? I think that is about it. Are you confusing me with someone else?
I never said "rarely." Don't quote me on something I didn't say. I use Windows enough to be annoyed
Re: (Score:2)
Which is obvious with the recent MOAB...
Mac OS has flaws, so does unix, every piece of manmade software is vulnerable but i would say Windows is a target due to the high market share as virus writers are not the fame seekers of old but rather looking to create botnets.. hard to do with ~8% of the market.
Re: (Score:2)
So because you can find an explanation for *why* Windows is a more dangerous platform, that is supposed to make up for the fact that it is? I don't really care if it is Microsoft's fault, the user's fault, spammers' fault, global warming's fault
Re: (Score:2)
Nope, it also doesn't bother me that I have to cook pork thoroughly or look both ways before I cross the street. I guess you like a false sense of security.
Do you also tell people not to buy door locks but cement all holes in their walls because someone might break in and steal stuff?
I don't think it is a more dangerous platform, i don't have problems with it, you're the one who can't use windows because it's scary. Just because you say something is a fact doesn't make it so,
Re: (Score:2)
Given two streets, a quiet country road and a busy 6 lane freeway, which one would you allow you children to cross on their own (assuming they are of age to be outside on their own in the first place). Heck, which one would YOU want to cross on a regular basis?
What is false about it? If I am not getting infected by viruses and spyware, I'm not getting i
Qemu (Score:2)
Re: (Score:1)
I think in TFA or elsewhere I've read that papers were signed about two weeks ago. Just about the time I was reading some stuff about the http://www.usenix.org/events/hotbots07/tech/full_p apers/provos/provos.pdf [usenix.org] "The Ghost in the Browser".
Reckon the guys are using Greenbox as part of their malware tests - they run malware within a virtual machine to monitor the malwares actions.
If they continue to use the system as described in the doc to test, evaluate and thus detect malware seems to
Re: (Score:2)
Ok, sure, if you've downloaded it to the desktop and tried to run it it should sandbox but let's assume you've installed something to "programs/theTool". theTool should have full disk access to that folder and THAT's IT.
if it needs to store per-user details on a multi-user machine let it use cookies. an app could cleverly save a user-cookie that tells itself the name of a sub directory IN
Great ... :-S (Score:5, Insightful)
Yet another piece of software that interferes with my network layer, slows my PC, and eats half my CPU cycles just to keep malware from infecting my machine.
When will we see a REAL solution to these problems, and stop implementing obscure security work-arounds that eat more resources than the applications themselves? Anyone?
When more than 50% of the CPU cycles in my PC go to security software (Antivirus, Antiphising, Antispyware, Antiadware, Antifraud, heuristics scanning, SPAM filter, personal firewall, strange DMZ browser-thingeys) during the display of a simple HTML page in a browser i would say that our current approach is broken. Totally.
I need an Anti-security-bloatware product. And fast!
Re: (Score:2, Insightful)
Re: (Score:2)
Of course, it doesn't protect you from stupid acts, such as downloading scripts, 'chmod +x'ing them and running them.
But then again, having GNU/Linux (or whatever) enables you to use chroot (or whatever) to test these u-beu
Re: (Score:1)
Hmm... With all respect, "sequrity by obscurity" (using an obscure OS with an obscure browser) doesn't really get any better by using an opensource OS. It is still not real security, and it is still a bad approach. I want a solution! An implementation, design pattern, method, whatever, that actually fixes the problem. Not a tip on how to use software nobody knows about. The lack of widespread use is not "security".
Re:Great ... :-S (Score:4, Insightful)
As I said, you have the choice of security or functionality, and in many cases you can't even have either (the scenario of having all the anti-malware products eat up your CPU time, but still doing a crappy job).
If you want real security, you unplug your computer from the network and remove all other forms of accessing it (including the keyboard). It just depends on what you are willing to put up with.
Of course, it is perfectly possible to have a functioning MS Windows PC connected to the Internet and even have a decent browser and have no worries. You just need to have security culture and a firewall the rejects all connections from outside (except those related to web browsing, so that would be everything except port 80, and maybe whatever port FTP is on).
A security culture is the most important thing, and comes from not randomly downloading and installing everything, deleting spam, not opening executable attachments in emails (including in some cases such things as Word Documents!),or at least verifying that the person who sent them to you, really did.
My mother has managed to only (I think) get one virus (or worm, I'm not sure what it was actually) for years. Yet she runs MS Windows XP (SP1 I think). She has a firewall (outdated ZoneAlarm free I think), and she doesn't use IE (rather Mozilla, again outdated). No worries, because she practices security culture (to the best of her ignorant ability). She has an anti-virus, except because the signatures take so long to download (only slow dial up, no broadband in the country) it doesn't get updated so often. No worries though, because she doesn't run random stuff, doesn't go to random websites and doesn't use IE.
Security culture will get you everywhere.
(Also important if you are an anti-state activist. Got to watch out for them police...)
Re: (Score:2)
Re: (Score:2)
So what? If it works, it works. Why does it have to be "real" security? Is the security ideal worth more than your personal comfort and/or sanity?
You don't even need to go so far as using lynx in a text console. Simply running OS X or Linux is generally enough to sidestep the vast majority of nastiness that is out there. As fo
Re: (Score:2, Insightful)
When will we see a REAL solution to these problems, and stop implementing obscure security work-arounds that eat more resources than the applications themselves? Anyone?
You would have to ask Microsoft that. These bandaids fix a lot of MS' screwups. Or you could switch operating systems and use Windows only when necessary (games, etc.)
Re: (Score:1)
It's still pretty lame though...
Re: (Score:3, Insightful)
It's still pretty lame though...
Yeah, absolutely. However Mom & Pop will still run down to BestBuy and buy a new "Norton IntraTubes MegaDefender 2008 Plus" for $69.99 instead of learning something new and refreshing. It's that kind of inertia that keeps a lot of the clowns in greasepaint and goofy wigs.
Re: (Score:2, Insightful)
So to make matters worse, *I* am the one going down to BestBuy to pick up the latest Trend Micro Take-A-Pill PCCillin (Superinfused edition) because I get tired of saving their machine from the software pests they collect online...
Re: (Score:2)
http://free.grisoft.com/ [grisoft.com]
Re: (Score:1)
Re: (Score:2)
Re: (Score:1)
Speaking of buy outs I wonder when MS will finally suck it up and buy Yahoo
Webmaster, http://www.seowebsiteadvice.com/ [seowebsiteadvice.com]
Re: (Score:2)
We have a solution. It's called capabilities, and it's implemented on Linux through an Open Source system called SElinux, developed by the NSA and released to the public. It's available for a number of Linux implementations, including Ubuntu [ubuntu.com] (although no implementation of SElinux seems to have a decent userland/interface.)
Re: (Score:2)
We have a solution. It's called capabilities, and it's implemented on Linux through an Open Source system called SElinux, developed by the NSA and released to the public. It's available for a number of Linux implementations, including Ubuntu (although no implementation of SElinux seems to have a decent userland/interface.)
The end user can make modifications to enable additional access. Hence, it's not a solution, but effectively just another layer of "are you sure" dialog boxes.
(Not to mention the probl
Re: (Score:2)
When will we see a REAL solution to these problems, and stop implementing obscure security work-arounds that eat more resources than the applications themselves? Anyone?
When will we elect politicians who are not so easily bribed and who will break up MS's abusive monopoly and restore competition to the desktop OS market? When will people educate themselves and vote the bums out? When will there be a level playing field for desktop OS's so vendors have to rely upon competing for our dollars by giving us the features we want and need instead of relying upon the fact that users are locked in?
Maybe the EU will solve the problem for the US. I'll consider it payback for the h
Re: (Score:2)
When will we elect politicians who are not so easily bribed and who will break up MS's abusive monopoly and restore competition to the desktop OS market?
First we need some competitors.
When will people educate themselves and vote the bums out? When will there be a level playing field for desktop OS's so vendors have to rely upon competing for our dollars by giving us the features we want and need instead of relying upon the fact that users are locked in?
Maybe you need to tell your vendor what features y
Re: (Score:3, Insightful)
DAMNATION! (Score:1)
I forgot the Anti-crapware software! Why did you have to remind me of that!
Aaaawwww....
Re: (Score:2)
Re: (Score:1)
It's not an easy problem to solve, because the source is the human nature and the will to make more money, get more power, annoy more people, you name it...
a REAL solution .. (Score:2)
Install DRDOS on Novell Netware circa 1993 and run Netscape off of diskless clients.
Re:Great
Re: (Score:1, Insightful)
Just this weekend, and largely due to my previous purchase, my dad decided to buy two macs to deal with his frustration.
None of my immediate family uses MS now. Time to work on my aunts and uncles and friends.
Of course, I also surf alot on my linux box too, without the bloat.
I wonder what cpu % I spend on the protections. It isnt near 50%.
Make the switch. MS will be plagued by this for a long time to come. Switch now before you go Vista, imho.
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
What do you expect when the asylum is run by those who should be the inmates??
On a more serious note: All adds up to turnaround, and there we are at the core of all cycles involved.
Squid, SpamAssassin and ClamAV (Score:2)
Re: (Score:2)
For the vast majority of us; the question is - HOW?
Is there a cheap, easy to set up piece of hardware that doesn't take up a lot of space, and doesn't burn 100+ watts? Is there a "Linux home network proxies for Dummies" book out there?
Two Problems (Score:2)
The way I've solved this problem.
1. Use Firefox as your default browser with adblock and Noscript, ditch IE.
2. Use a router with a firewall and d
Re: (Score:2)
In the case of computers, there is *no* easy way to stop malware without a strong defense. The problem stems from the fact that malware is usually a social engineering problem. Despite what many people think, majo
Re: (Score:2)
When will we see a REAL solution to these problems, and stop implementing obscure security work-arounds that eat more resources than the applications themselves? Anyone?
A technical solution ? Never, because the *problem* largely isn't a technical one.
Re: (Score:2)
Google... (Score:3, Insightful)
Yea, Google is evil .. (Score:2)
That would be the responcibility of the ISPs and the host providers.
"so many garbage/search sites come up when you search simple things like drug names and such"
Try the Product Search [google.co.uk]
Google search on viagra (the high blood pressure drug formerly knows as sildenafil citrate and remarketed as an aphrodisiac)
was Re:Google...
Re: (Score:1)
What I was actually referring to is simple searches on interactions or vital information without advertisements.
I search for interactions between sleep meds and other sorts of drugs for myself, and it gets a bit frustrating with nothing but web crawler sites.
Google spam .. (Score:2)
Yea, a lot of hits are to fake pages with nothing but adverts and links to other search results. But that to do with website promotion where they put a lot a fake stuff in the meta tags.
Re:Yea, Google is evil
Neo-security Methodology (Score:5, Funny)
2) Sustain 99% CPU usage.
3) Protected!
Re: (Score:1)
5) Profit!
Re: (Score:1)
Huh? I don't see that. But kernel_task seems to be taking a lot of CPU... maybe I'll kill tha-#$%@NO CARRIER
Re: (Score:1)
No wonder Windows is so unstable - there's no way to be sure what runs and what doesn't!
Test (Score:4, Informative)
Conflict of interest? (Score:1)
Re: (Score:1)
obligatory (Score:1)
Sandboxie (Score:2, Informative)
If you donate to the project, you can unlock a few more features that allow you to start any program under sandbox ALL the time, even without it being started before the protected program. (well, the main program, not the service)
Its pretty good, but the file browser that comes with it could do some with some work... tends to lock up sometimes in large directori
Re:Sandboxie link? (Score:2)
For the lazy, here's a link: www.sandboxie.com
I can only wonder... (Score:1)
Ultimate Goal (Score:1)
New Business Model (Score:2)
More unstable security software (Score:2)
Once, I had a bug in my program that caused my XP development system to bugcheck (BSOD). It puzzled me how a bug in my lowly non-Administrator user-mode program could bring down the entire system. I attached a serial cable to WinDbg it and traced to the system calls. It turns out I was passing a bad pointer to a system
Re:The term DMZ (Score:5, Informative)
I think the ideal term for what Google picked up is sandbox, where stuff can run and it doesn't impact the rest of the system so you can see what it is beforehand, but DMZ looks like it could apply.
Interesting idea if it does what I think, at least. Would have figured a sandbox for a plugin was rather intensive processor wise.
Re: (Score:2)
You can already run your browser (and email, if not Outlook) in a very effective sandbox with virtually no CPU overhead - Run them as a separate user with only guest privilages.
That does have a down-side, of course (most notably, it takes a herculean effort to print from such a session, at least under XP), but works very well at preventing malicious sites and plugins from do
Re: (Score:2, Interesting)
Interesting idea if it does what I think, at least. Would have figured a sandbox for a plugin was rather intensive processor wise
One thing however, is that on Vista you already have Internet Explorer running in a sandbox (most of the core system services appear virtualized, according to Task Manager), isolated from the kernel. I'd imagine a virtualized virtual machine is a pretty nasty beast on performance.
Definitely a neat idea; especially on an XP box where you don't have the innate ability to run a
OT: DMZ specs / whitepaper? (Score:1)
I've looked aroud, but havn't found anything that comes from a reputable source, but remains simple enough for the network guys at my work to understand
A bit of background - I work for an organisation with several web applications that are accessed by external users by them first logging into our network through a VPN, then separately logging into whichever web app they need. Not the best situation I think you'd
Re: (Score:1, Insightful)
http://www.osnews.com/comment.php?news_id=9654&off set=15&rows=30 [osnews.com]
RUNNING IE in a "runas limited user class" sandbox effect:
"It is actually possible to run IE securely: just create a throwaway restricted user account for IE use alone. The restricted account user can't install software and can't access files of other users, so even if IE autoexecutes any nastiness, it can't do any damage.
Of course, it's a hassle to log in as a different us
Re: (Score:2)
Re: (Score:2)
There IS a way to "sandbox" IE, and iirc, it even works on IE7:
http://www.osnews.com/comment.php?news_id=9654&off set=15&rows=30 [osnews.com]
Note that on Vista this is not necessary, as Vista automatically sandboxes any running IE instance with Protected Mode enabled in Internet Options (or for that matter, any app which uses the protected mode API - Microsoft keep asking the Opera team to implement this).