Does sandbox security really protect your desktop?

Tests question vendor claims of meaningfully improved security, though not everyone agrees

Web surfing for dummies

The tradeoff -- or the blurring of red and green zones -- lies at the heart of the controversy. "Part of the quandary is trying to make that compromise between usability and functionality," says Charles Kolodgy, research director of secure content and threat management products at market researcher IDC. "People are going to want to download items, so you can either block all of it or warn them."

And it's a dubious proposition to put control in the hands of everyday Web surfers. For instance, many people believe that they can download files with impunity on a reputable site. Both Mossberg and Grimes tested products at known malicious Web sites, yet most malware today infects people through legitimate Web sites. "There's a good chance a popular site has been exploited in the last year or two," Grimes says.

Even when ForceField warns people that they're about to download potentially malicious code, this may not stop them. A Microsoft security intelligence report released in May showed some incredulous behavior: 88 percent of users chose to ignore a warning about BearShare, a software bundler, and continued to download the file; 68 percent ignored a warning about adware ZangoSearch Assistant; and 23 percent ignored a warning about a Trojan downloader.

"I guess they really wanted that [revealing] picture of Britney Spears," Grimes says. "You just can't leave trust decisions with end users."

Even security pros get duped. A couple of years ago, Kolodgy clicked on a link after conducting a Google search and -- wham! -- got hit by a drive-by Web attack. This attack requires the user to merely visit a malicious Web site. "It took me a while to clean the spyware off my machine," Kolodgy says. "I think ForceField would have protected me because the [spyware] never would have gotten to my registry."

Getting your head out of the sand

Unlike Grimes, Kolodgy believes virtual red-green computing holds promise. Because security analysts often go to nefarious Web sites, Kolodgy now uses a VMware Workstation virtual machine to visit them. Afterwards, he wipes the computer clean by punching the reset button.

"If you can do [virtual red-green computing] in a browser, it saves a step," Kolodgy says. "Desktop virtualization is going to be a benefit for security, and we're going to see more and improved products." In fact, security software vendors report that some malware will not execute if they detect they're running in a virtual machine. That's because many vendors use VMS for testing the exploits.

Regardless of virtual red-green computing's future, sandbox browsers today are not the secure products that many vendors make them out to be, Grimes says. "Security products in general are over-hyped, but these products seem to be much more so."

Judge for yourself. ForceField's promotional copy reads: "A protective layer around your browser, shielding you from drive-by downloads, browser exploits, phishing attempts, spyware and keyloggers. So your passwords, your confidential information, and your financial data remain protected."

Is this hyperbole aimed at the foolish consumer? The Test Center thinks so. "These new-fangled security client software products clearly don't work on the level that the vendors claim," Test Center's Dineley says. "They're basically asking you to flirt with disaster under the illusion that disaster can be averted."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tom Kaneshige

InfoWorld
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?