lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Sat Jun 10 00:05:32 2006
From: dan at losangelescomputerhelp.com (Dan Renner)
Subject: Want to test this desktop barrier?,
	(Unauthorized offer) 0day protection

This is definitely has more luxury features, but couldn't you do pretty 
much the same with MSDN's DROPMYRIGHTS program?

It runs {whatever} program as a guest user, effectively dropping the 
capabilities of that program to do nefarious things.

----------------------------------

Sincerely,

Dan Renner
President
Los Angeles Computerhelp
http://losangelescomputerhelp.com
818.352.8700



full-disclosure-request@...ts.grok.org.uk wrote:

> Message: 9
>
>Date: Thu, 8 Jun 2006 10:14:21 -0700
>From: "Bill Stout" <bill.stout@...enborder.com>
>Subject: [Full-disclosure] Want to test this desktop barrier?
>	(Unauthorized	offer) 0day protection
>To: <full-disclosure@...ts.grok.org.uk>
>Message-ID:
>	<1FA45C2E5F2E4B46967415DA3A804FE83C3A1C@...l.greenborder.com>
>Content-Type: text/plain; charset="us-ascii"
>
>Hello All,
>
>We have an early release of consumer desktop safety software that I'd
>like some feedback on. 
>
>http://www.greenborder.com/earlyaccess/ 
>
>Our software runs on XP SP2, and creates an application-level virtual
>environment primarily (for now) for Internet Explorer.  This prevents
>modification of the base system by any content in the virtual
>environment.  We refer to the virtual environment as 'x-space', or
>'within GreenBorder'.  We apply access control from the virtual
>environment to; the filesystem, registry, user shell, COM objects, and
>system calls.
>
>Although only Internet Explorer and applications which open downloaded
>attachments are supported, other applications can be launched in the
>GreenBorder environment.  Any processes running or temporary files or
>temporary registry entries are wiped from the virtual environment by an
>application reset.  Files can be saved to a specific directory only, and
>applications in this environment are prevented from reading files
>outside this one directory (applies confidentiality).
>
>We don't determine what application running in the virtual environment
>is malicious or not, so therefore this is not a replacement for
>signature based protection systems.  Most anything can run in the
>environment, it just can't modify local resources.  This is great
>protection for 0-day exploits, and lets administrators wait to apply
>patches off-hours.
>
>Hammer on our software by running malware of your choice in the software
>environment.  Please email me or the marketing email of your results.
>If you're running intensive tests, I would still recommend using a
>scratch system.
>
>We also have an enterprise version which uses a central whitelist to
>determine in which environment to open a site requested or Outlook
>message received.
>
>Bill Stout
>www.greenborder.com
>
>
>Appended below is our marketing spiel:
>
>
>
>"We are very pleased to give you special, early access to GreenBorder
>Pro, the new consumer edition of our patented enterprise technology
>(that's already protecting thousands of users in some of the most
>demanding environments).
> 
>With GreenBorder Pro, NOTHING CAN BREAK INTO YOUR PC from the Web.  You
>can:
>  *  Search & browse ANY website-without putting your PC, files or
>private
>     identity data at risk (or leaving any trace on your PC of where you
>have been :)
>  *  Shop & bank in privacy-without anything spying on your personal
>info,
>     bank account and credit card numbers, passwords or online
>transactions
>  *  Use any downloads-without worrying about anything nasty hidden
>inside
>Simply click on the link below to get to the GreenBorder Pro VIP page.
>There, you can see a guided tour, learn about the software, and download
>your own copy. Here is a special VIP license key to copy & paste when
>you install: 
> 
>34422VS222222222222279429422K44W
>Click here to get GreenBorder Pro
><http://www.greenborder.com/earlyaccess> 
> 
>We would greatly appreciate any comments or suggestions you might have
>along the way. Just email us at vip@...enborder.com or click on the
>GreenBorder icon and select Contact Customer Support in the software
>itself!"
>
>-------------- next part --------------
>An HTML attachment was scrubbed...
>URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060608/e9340292/attachment.html
>
>------------------------------
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
>
>End of Full-Disclosure Digest, Vol 16, Issue 16
>***********************************************
>  
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ