Microsoft Research Builds "BrowserShield"
Posted by Steven Parker on 05 September 2006 - 08:25 · 24 comments & 25263 views
About the Author
Full name: Steven Parker
Forum name: Neobond
Contact: via forum PM
Submissions: Normal · Headline
Full name: Steven Parker
Forum name: Neobond
Contact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
#1 Posted by Unplugged on 05 Sep 2006 - 08:56
- Awaits for it to "break" legitimate pages by stripping out code that is not malicious but needed to make the page work properly.
-
#2 Posted by kaiwai on 05 Sep 2006 - 08:57
- Now that is awesome; I just hope that maybe when 7.x rolls around, we'll start to see these security initiatives roll in.
With that being said, who the hell goes to these dodgy websites? the only sites I go to are blogs, which use boilerplate code from the blog company itself, and news sites such as neowin, osnews.com, zdnet.com, macsurfer etc. which don't use malicious code.
-
(7 replies)
#3 Posted by carpediem on 05 Sep 2006 - 08:59
- Already available in another browser
Maxthon 2.0
Not only can it strip or modify, it can add whatever code too... All before the code reaches the rendering engine. -
#3.1 Posted by Colin-uk on 05 Sep 2006 - 09:53
- AM browser has this functionality too, and im sure firefox has a plugin for it
Wang is a great name for a surname, isnt it though
I wonder if they have a daughter called iLove
-
#3.2 Posted by GP02X on 05 Sep 2006 - 11:28
- Quote - Colin-uk said @ #3.1AM browser has this functionality too, and im sure firefox has a plugin for it
Wang is a great name for a surname, isnt it though
I wonder if they have a daughter called iLove
it's a chinese last name my little brainless friend -
#3.3 Posted by carpediem on 05 Sep 2006 - 12:51
- Quote - Colin-uk said @ #3.1AM browser has this functionality too, and im sure firefox has a plugin for it
Wang is a great name for a surname, isnt it though
I wonder if they have a daughter called iLove
There is no way to make an extension for Firefox with proxy like behaviour, no way. I don't find any evidence on AM Browsers homepage that is has a built in proxy either. Ad blocking is not the same as having a proxy built in, in case you thought that. -
#3.5 Posted by carpediem on 05 Sep 2006 - 15:37
- Quote - Kushan said @ #3.4Greasemonkey and, at a pinch, adblock.
Is not a proxy... A proxy intercepts the traffic BEFORE it reaches the browser while adblock removes it after. -
#3.6 Posted by Croquant on 05 Sep 2006 - 21:47
- Quote - carpediem
There is no way to make an extension for Firefox with proxy like behaviour, no way. I don't find any evidence on AM Browsers homepage that is has a built in proxy either. Ad blocking is not the same as having a proxy built in, in case you thought that.
Um, Firefox doesn't need to defend itself against the kind of exploits that 'BrowserSheild' supposedly defends against: Firefox is not full of holes like MSIE is. As for proxy extensions, you only need to look at the official Firefox Extensions pages to see how many proxy extensions people have written for it. -
#3.7 Posted by carpediem on 06 Sep 2006 - 05:37
- Quote - Croquant said @ #3.6Quote - carpediem
There is no way to make an extension for Firefox with proxy like behaviour, no way. I don't find any evidence on AM Browsers homepage that is has a built in proxy either. Ad blocking is not the same as having a proxy built in, in case you thought that.
Um, Firefox doesn't need to defend itself against the kind of exploits that 'BrowserSheild' supposedly defends against: Firefox is not full of holes like MSIE is. As for proxy extensions, you only need to look at the official Firefox Extensions pages to see how many proxy extensions people have written for it.
Again, those are not proxys because they cannot intercept the traffic before it has reached the rendering engine hence they can not stop a possible attack on a vulnerability. A proxy extension doesn't equal a proxy... For that you need either Maxthon 2.0, Proxomitron, Ad Muncher (not a real proxy, but close), Privoxy, etc.
Firefox has had more security patches than IE in 2006 in case you didn't know so take off that fan suit of yours and step out in the real world. No browser is perfect.
-
#4 Posted by Dirtie on 05 Sep 2006 - 09:56
- Good idea as long as it works like it should.
-
(1 reply)
#5 Posted by Interize on 05 Sep 2006 - 10:03
- The ultimate BrowserShield: Dont use Internet Explorer
//Puts flame retardant suit on and runs... -
#5.1 Posted by EduardValencia on 05 Sep 2006 - 22:10
- "Throws a bucket of water on suit"
nah,i won't leave IE even if everybody becomes a stupid FF or opera fanboy
-
(2 replies)
#6 Posted by Digital Oracle on 05 Sep 2006 - 10:24
- Browser Shield I like and works great - Ad Muncher
Microsoft could learn a lot from this person's software and is great at stopping the crap getting on to my PC -
#6.1 Posted by RealFduch on 05 Sep 2006 - 11:59
- What about brains?
They help me a lot at stopping the crap getting on to my PC. -
#6.2 Posted by Digital Oracle on 05 Sep 2006 - 16:21
- Not everyone has useful grey matter. I've never had security issues, but I know people who have and don't know how to cross the road (metephorically) on the internet
-
#7 Posted by Intelman on 05 Sep 2006 - 10:49
- Why not, if it makes things safer. Wasn't there also a shield for vulnerabilities for windows. Where it would block ports of the exploit and what not to protect the system.
-
#8 Posted by Kushan on 05 Sep 2006 - 14:35
- To be honest, I don't really see the point in this. If your browser is up to date, then you should be relatively safe. But at the same note, what if this browsershield thing ISN'T up to date? Doesn't that just defeat the purpose of the whole thing? It just means you have ANOTHER component to keep up to date, which I think will end up just causing even more trouble.
-
#9 Posted by CheeseCow on 05 Sep 2006 - 14:46
- Will it work like a proxy server and do this for other browsers as well then? To me it looks like it will cause a huge slowdown while rewriting your DOM, and possibly breaking web pages as well.
What about building a secure browser and operating system instead, so that these things can't get in? I've been using Opera and Firefox for several years now, and have not seen a single piece of adware on my computer.
The only thing that makes me a bit worried is when MSN insists on opening hotmail in IE, but that's a site I at least don't think will force adware on me.
-
#10 Posted by lurid on 05 Sep 2006 - 16:09
- as with everything else microsoft does, it sounds good on paper. however, development will be half-assed and they'll cut corners all over the place, which not only hurts their credibility in the security department, but we [users] suffer as well. however, we keep giving microsoft another chance, so are we really that innocent too?
-
(1 reply)
#11 Posted by lbmouse on 05 Sep 2006 - 18:40
- Hopefully it will shield against crap like this. One of the many reasons I switched to Firefox. This has been a known problem for over a year! MS has a long way to go with IE before I'll use it again.
-
#12 Posted by war on 06 Sep 2006 - 08:14
- lbmouse, IE 7 RC1 does not crash on that page, but yea IE 6 SP2 does.
-
#13 Posted by ray73864 on 06 Sep 2006 - 08:25
- yeah, i just found that, IE 7 RC1 doesn't crash at all on that site.
personally, i think people should check before they post crashbug sites like that, since newer versions might fix those problems.
The BrowserShield project—the brainchild of Helen Wang, a project leader in Microsoft Research's Systems & Networking Research Group, and an outgrowth of the company's Shield initiative to block network worms—could one day even become Microsoft's answer to zero-day browser exploits such as the WMF (Windows Metafile) attack that spread like wildfire in December 2005.
"This can provide another layer of security, even on unpatched browsers," Wang said in an interview with eWEEK. "If a patch isn't available, a BrowserShield-enabled tool bar can be used to clean pages hosting malicious content." BrowserShield, described by Wang as a tool for deleting embedded scripts before a Web page is displayed on a browser, can inspect and clean both static and dynamic content. Dynamic content has become a popular vector for Web-borne malware attacks of late, security experts have said.
The framework could work particularly well, as it could provide a safety net, protecting many Web surfers from themselves. Malicious hackers typically embed scripts on Web sites and then use social engineering techniques to trick unsuspecting visitors into downloading Trojans, bots, spyware programs and other harmful forms of malware.
With BrowserShield, Wang argues, many such attacks could be blocked. BrowserShield can be used as a framework that rewrites HTML pages to deny any attempt at executing harmful code on browsers.
"We basically intercept the Web page, inject our logic and transform the page that is eventually rendered on the browser," Wang said. "We're inserting our layer of code at run-time to make the Web page safe for the end user." If the prototype is eventually folded into a Microsoft product, it could also protect against drive-by attacks that target flaws in IE, which is used by approximately 90 percent of Web surfers worldwide.BrowserShield is one of many security-related projects coming out of Microsoft Research.