GreenBorder Sends Bad Software To The Sandbox

Untrusted files and programs are walled off from the rest of the system, making it ideal for use with the notoriously insecure Internet Explorer.

InformationWeek Staff, Contributor

July 14, 2006

3 Min Read

Most software that protects against malware uses a signature-based approach that tries to catalog all bad software so it can be recognized. This has become a challenge as the pace of malware creation quickens.

GreenBorder's GreenBorder Pro takes a different approach, running programs and files that come from untrusted sources inside a sandbox, walling them off from the rest of the system. This makes it ideal for use with the notoriously insecure Internet Explorer.

When GreenBorder is installed, it takes a snapshot of your system setup. Any program run inside it makes its changes only to that snapshot, not to the system configuration. Even if an attacker uses an exploit that could potentially compromise system files, changes are made only to the copy. When you exit and reset GreenBorder, the changes disappear.

GreenBorder's tray icon provides status indications and a menu for changing options. A green border around any IE window you launch indicates that protection is in effect.

You have to get used to how GreenBorder operates. For example, when you browse in IE, it silently blocks the installation of ActiveX controls such as the Macro- media Flash viewer. This can be confusing, since there's no information about why installation failed.

(click image for larger view)Malware--nowhere to run, nowhere to hide

You can overcome this by running an unprotected IE session and installing the ActiveX control. Once installed, ActiveX can be used from within GreenBorder sessions, since it will then be part of the baseline snapshot that GreenBorder uses.

If you download a program and save it to disk while using GreenBorder, protection extends to the downloaded file. A green border around the file icon indicates that protection is active. When you launch the file, GreenBorder's tray icon will report that the program is being run with protection. In most cases, that means a setup program won't have the required privileges to make system changes, and it will fail to install--good news when the program is malicious. If you're sure the download can be trusted, you must right-click the file, select Remove GreenBorder Protection, and rerun the .EXE file.

For more protection, GreenBorder offers a Privacy Zone option that can keep data such as cookies, form entries, and cache files from being available to anyone but the site you want to use them at. When you start Privacy Zone in IE, a yellow border appears around the browser. You can then visit a site and enter whatever data you need to. By clicking a button or closing the browser, GreenBorder will remove any accumulated browser data.

GreenBorder works best with IE, but its online help offers a way to use it with Firefox 1.5. Right-click the Firefox icon and select Add GreenBorder Protection, and the icon gets a green border around it to indicate that Firefox will be started in GreenBorder.

Most users shouldn't replace their other security measures with GreenBorder, but instead use it as another layer of protection. The $50 annual subscription is a bit high. However, the company offers a free one-year subscription to the first 10,000 users.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights