tag:blogger.com,1999:blog-7347279.post857481959460819338..comments2023-08-26T05:04:33.009-04:00Comments on anti-virus rants: snake oil based lubricants should not be used with your browser condomkurt wismerhttp://www.blogger.com/profile/03810635947269551517noreply@blogger.comBlogger6125tag:blogger.com,1999:blog-7347279.post-81978225362468780032007-05-05T11:49:00.000-04:002007-05-05T11:49:00.000-04:00well, i'm glad you think the more reserved claims ...well, i'm glad you think the more reserved claims are reasonable...<BR/><BR/>as for the applicability of the halting problem, it actually applies everywhere (including win32 usermode)... <BR/><BR/>i think there are a number of misconceptions here - i think, first and foremost that you have too narrow a definition of both program and execution... you assume that malware acquired through browsing from a sandboxed environment will also run in the sandboxed environment and that's not necessarily true...<BR/><BR/>i think there's also a misconception about the scope of the threat that malware can pose to a system... i'm sure you've heard of the CIA triad (confidentiality, integrity, and availability)... assuming the barrier that your sandbox erects between the sandboxed environment and the host environment is <B>perfect</B> (and we all know nothing is perfect) it still only protects the integrity of the data on the host environment, it does not protect the confidentiality of that data (a keylogger running within the sandboxed environment can still capture keystrokes and communicate them to a 3rd party)... furthermore, when operating within the sandboxed environment, both the availability and integrity of the host environment's data can <I>seem</I> to be compromised and sometimes in unnoticeable ways (imagine a trojan that modifies your bookmarks/favourites so that the link that used to point to your bank now points to a phishing site - your real bookmarks are unaltered but within the sandboxed environment you see forged bookmarks)...<BR/><BR/>finally, as you yourself pointed out, a virus running inside the sandboxed environment can propagate... whether or not it can get from the sandbox to the host system is immaterial as it can still spread from your sandbox to other systems...<BR/><BR/>fundamentally, if the malware can run at all then you're not protected from it... a sandbox protects the integrity of the host system, but there are other threats malware can pose that don't affect integrity...kurt wismerhttps://www.blogger.com/profile/13189186727476710218noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-77191175818003887902007-05-05T08:25:00.000-04:002007-05-05T08:25:00.000-04:00Hi kurt,Thanks for the data about the halting prob...Hi kurt,<BR/><BR/>Thanks for the data about the halting problem, but what i could understood, is this:<BR/><BR/>This is not applicable to win32 usermode architecture. <BR/><BR/>When you run a program in windows you are running inside a subsystem called win32.<BR/><BR/>So there are only few ways well documented or undocumented for accessing to raw devices. like memory, and disk.<BR/>And ofcourse we are Vappware, monitor this calls.<BR/><BR/>So the halting problem is not aplicable for this subsystem. (win32 usermode)<BR/>because there are few ways to achieve things.<BR/><BR/>In kernelmode, you are right and the halting problem its possible but in usermode, is not.<BR/><BR/>The Browser Condom, like other sandboxes approach, and do not permit load any kernel mode module.<BR/><BR/> <BR/>Whatever, i will use your suggested claims to the product, because are reasonable.<BR/><BR/>Thanks again, and again i wish you nica and long life.S3S!OWhttps://www.blogger.com/profile/17650435652587754776noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-70670388452092700202007-04-12T13:36:00.000-04:002007-04-12T13:36:00.000-04:00hmmm... looks like maybe i should have tagged this...hmmm... looks like maybe i should have tagged this post with "halting problem" so that it would be easier to find other references to that on this blog... i've added that tag now, but visiting <A HREF="http://anti-virus-rants.blogspot.com/search/label/halting%20problem" REL="nofollow">here</A> and/or <A HREF="http://en.wikipedia.org/wiki/Halting_problem" REL="nofollow">here</A> might give you a little more background on what it is...<BR/><BR/>as for vappware's claims - fixing them is really quite easy... just modify them so that they don't imply browser condom is perfect... for example, instead of saying you can run any software without risk of infection, say you can run most software with a greatly reduced risk of infection... i don't know if that's actually true (maybe browser condom isn't that good, i haven't tried it) but at least it's a more reasonable claim...kurt wismerhttps://www.blogger.com/profile/13189186727476710218noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-60694739914861157782007-04-12T11:22:00.000-04:002007-04-12T11:22:00.000-04:00OK, could you tellme how the claims must be?And pl...OK, could you tellme how the claims must be?<BR/><BR/>And please could you refer me to a link to read this thesis of the the halting problem theoretically proven.<BR/><BR/>Meanwhile i try to understand what you say, please could you rewrite the claims to be acurate as you think in the Vappware Web Pages.<BR/><BR/>Then i could discuss to you.<BR/>But now, you are right i dont know nothing about it.<BR/><BR/>Thanks in advance.<BR/>i hope have u in my customers<BR/><BR/>ByeS3S!OWhttps://www.blogger.com/profile/17650435652587754776noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-69006414299933312552007-04-12T09:48:00.000-04:002007-04-12T09:48:00.000-04:00"I ll try to explain our technology, if you think ..."I ll try to explain our technology, if you think that is not all secure"<BR/><BR/>when i say someone is peddling snake oil, it's not a matter of there being something wrong with their product, it's a matter of there being something wrong with the <B>claims</B> made about the product...<BR/><BR/>the claims made about browser condom are that it completely eliminates the risk posed by malware (direct quote "... run any kind of software in your computer without risk of being infected ...") - and since it is theoretically impossible to do so (and mathematically proven more than 20 years ago) i therefore label such a claim as snake oil...kurt wismerhttps://www.blogger.com/profile/13189186727476710218noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-30853146611302994892007-04-12T07:44:00.000-04:002007-04-12T07:44:00.000-04:00Hi my friend.First of all, hope u are fine, and i ...Hi my friend.<BR/>First of all, hope u are fine, and i wish you a nice and long life.<BR/><BR/>But now, after my wishes, i ll introduce myself.<BR/>Im mswiczar a fellow of Vappware.<BR/>I ll try to explain our technology, if you think that is not all secure, please contact me to mswiczar@vappware.com to chat with me and tell me your ideas and complaints. whatever, <BR/><BR/>The way that our technology works is issolate the programs running inside the condom.<BR/><BR/>So if you have virus, and this virus are inside the condom, they could propagate, but, they cant infect programs nor archives outside the condom. Because we have a firewall between the programs running inside the Condom and the other programs.<BR/><BR/>If you get a virus from and email o just browsing the web, it will trash, when you trash the condom.<BR/><BR/><BR/>Feel free to contact me to ask more question regards our technology.<BR/>or just read this those links<BR/><BR/>Our technology mechanism<BR/>http://www.vappware.com/vapp/index.php?option=com_content&task=view&id=20&Itemid=65<BR/><BR/>Our Changelog.<BR/>http://www.vappware.com/vapp/index.php?option=com_content&task=view&id=36&Itemid=71S3S!OWhttps://www.blogger.com/profile/17650435652587754776noreply@blogger.com