Security Software Slaps IE In "Sandbox" To Ward Off Threats

A California company better known for "sandbox"-style security aimed at enterprises on Tuesday launched consumer software that puts Internet Explorer in a protected virtual machine. The approach blocks some malware from reaching the operating system and lets users "wipe" the browser slate clean to return IE to a pristine state.

GreenBorder Technologies' same-named GreenBorder Pro uses virtualization-like technologies to separate IE from the rest of the system, so that if malicious software does execute, it doesn't actually touch the computer. Instead, it runs only within the "sandbox," which can be "dumped" with a click.

"But this is much more than just virtualization," argued Bernard Harguindeguy, GreenBorder's chief executive, as he cited other security provisions in the product, such as a feature that scrubs the system of personal data after an online transaction. The software also blocks keyloggers from capturing keystrokes, and cloaks all files and system resources so that they're invisible to attacks, and thus safe from remote access or modification.

The software, which is based on the Mountain View, Calif. developer's GreenBorder for the Enterprise product, is a better security solution, said Harguindeguy, than Windows Vista's upcoming User Account Control (UAC) feature, which also has a goal of making silent, drive-by malware downloads less dangerous.

"There's a trade-off in usability [with UAC]," he said. "But GreenBorder doesn't sacrifice the user experience. It never puts a question or a pop-up in front of users, and doesn't make them change their browsing behavior in any way."