Slashdot Mirror
Microsoft Research Builds 'BrowserShield'
SteelyBen writes "Researchers at Microsoft have completed work on a prototype framework called BrowserShield that promises to intercept and remove, on the fly, malicious code hidden on Web pages, instead showing users safe equivalents of those pages. The BrowserShield project, an outgrowth of the company's 'Shield' initiative, could one day even become Microsoft's answer to zero-day browser exploits such as the WMF (Windows Metafile) attack that spread like wildfire in December 2005."
... Will just get a new name: zero-day browser-sheild exploits.
Sigs are for the weak.
Unfortunately, I wrote it directly into my program without giving it another name, since I didn't realize I could sell the security separate from the program.
Innovation at its finest I suppose.
How will this even help? Will the browser shield require signatures and/or heuristics like virus scanners, and thus get outdated? If manpower needs to be invested in this technology, wouldn't the same manpower be better invested in solving the problem, rather than patching it?
Visit http://ringbreak.dnd.utwente.nl/~mrjb/growingbettersoftware to download your free copy of the book
... so their answer to poorly written software that is security-hole ridden is to layer more software written by the same people on top of it? Wouldn't it be easier to just write good software in the first place then actually fix, in a timely manner, anything that crops up? I'm failing to see how more bloat is going to help.
Jeremy Logan's Website.
So, instead of removing Internet Explorers ability to run code, they add another layer to filter out the code to prevent IE from running it. Does this mean that IE - like Windows - has become so complicated that noone dares remove the offending code, so all development will be addition of more "features"?
I bet it's going to do nothing for the latency of loading web pages either.
They never, ever have believed in, and have only on a few occasions under very great pressure given in to, *removing* software (Clippy?); they just keep on adding instead. They must have missed that one important rule that everyone in a creative profession must once discover; 'writing is scratching', or 'prepare to throw one away' as it's called in software-land. If MS were a person, he'd be declared anally retentive; some many layers of compatibility, so many stick-on solutions that are supposed to work from below. Please guys - this is a seductive, but wrong approach - think again.
Religion is what happens when nature strikes and groupthink goes wrong.
DRM has nothing to do with controlling the message of content. It controls access to content.
And quite frankly, there are far easier ways of implementing such a sinister plot in a much more comprehensive fashion.
Reduce, reuse, cycle
There goes MS again. Let me guess: it will show a big ass shiny shield with a really cool animated graphic and ask "Are you sure you want to execute this malicious code?" and when the user clicks the Ok button it will ask once more just to be sure.
Personally I'm very affraid about MS sniffing my code. Experience shows that it will let tons of lines of malicious code pass, while locking down many good codes out there.
When those people will learn to stop trying to do magic tricks and be serious? A solution to browser flaws already exists and it's not magical at all, but technical: it's called "patch".
Er Galvão Abbott - IT Consultant and Developer
WTF? This is the kind of approach that would be used on someone else's propriatary legacy software, or on some piece of hardware to keep it working without altering the thing itself. What are m$ saying? 'Our browser code is such a POS that we don't know how it works anymore'? 'We lost the source code ages ago and we cannot be bothered doing the job right'? 'We have so much market share that we really don't give a crap anymore, pass the crack pipe and the stock options'?
They whose government reduces their essential liberties for temporary security, receive neither liberty nor security.
I think it's just an effort to modularize code, but they need a new commercial name to get people excited. It's easier to write an parser + validator than to write parser + validator + render + javascript interpreter in one bunch. If they're nice, they would even offer outputting validated HTML code for non-IE browsers to use. IANAMP (I am not a Microsoft programmer), and IANHW (I am not Helen Wang) but I think that's the idea of this framework.
About inspecting the script for malicious run-time behavior, I don't think that's going to fly far (think halting problem).
I once had a signature.
The research group tested BrowserShield against eight IE patches released in 2005 and found that BrowserShield--when used in tandem with standard anti-virus and HTTP filtering--would have provided the same protection as the software patches in every case, Wang wrote in a research paper.
I'm afraid without more information this sounds too much like magic. "Vulnerability-driven filtering should prevent all exploits (of a flaw) and should not disrupt any exploit free pages."
How is the technology filtering, what is it filtering, and how will it differentiate exploit free from exploit-ridden pages? If it can simply detect them why not just block them?
Microsoft Research has produced amazing technologies in the past and most of their current research is also very promising, in the area of GUI design, security, algorithms and so on. I just hope they are in tune with what Microsoft is already doing in Vista to avoid redundant layers of technology.
Also there's always the danger of Microsoft slapping a technology on IE for pure PR reasons ("haha Firefox has no filter!").
But I believe we have a case of poorly written article here. It's not uncommon that reporters simply have no idea what they are covering and coming up with wrong conclusions on what fundamentaly the shield is.
I'd say wait for the opinion to "mature" a bit on this technology.
So they are trying to build a machine that can decide whether arbitrary code is malicious or not - I highly doubt that this is possible in respect to Rice's Theorem. It basically says that every aspect of an complex system cannot be decided. A well known example is the halting problem: You cannot decide whether a turing machine (or an algorithm running on it) will ever come to a stop, or is going to loop forever. And since binding processing time via infinite loops could be considered malicious behaviour, and most script languages are turing complete, an automaton will never be able to decide if a specific piece of code will harm your system. It is possible that certain aspects of a program (opening files in strange places, writing to files that should not be written to) raise suspicion, and certain chracteristics of code might also leed to detection similiar to the work virus scanners do - but I still prefer the good ol' evil bit.
Life is just nature's way of keeping meat fresh.
1. create product with security leaks
2. receive complaints
3. do not solve security leaks but instead, build a wall around them
4. go to sleep and forget about 1.
*sigh* So they are STILL trying to put bandaids on their old, insecure, highly-patched (and therefore low quality) software rather than ditching insecure communications protocols and writing a simpler browser that is secure from the gound up.
Yep - Microsoft is all in favor of security - so long as it maintains backward compatibility and they don't have to throw anything away.
English -- gotta love it! / The engineers refuse to refuse the rocket until the refuse is removed from the launch pad.
No, that's why we need a Free Software substitute for Windows (*) and every proprietary app.
(*) For me, those are there: I use kubuntu for almost all my computing needs.
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
That definition encompasses a far greater set of concepts than DRM does. Your definition includes things as ubiquitous as the login prompt.
DRM is a set of technology which enforces rules governing the access or use of content, typically in a manner enforcing a contract previously agreed upon by both parties. Nothing more, nothing less.
What people like you don't typically like is that technology now enables the contract to be enforced on more than a good-faith basis.
What happens when you mix this with Digital Restrictions Management that goes down to the hardware level?
The answer is: absolutely nothing.
What I'm getting at is, what if it's not malicious code that is being replaced by a "safe equivalent", but perhaps a controversial story on a news website, or an important email between governments?
The technology will not patch plain text content, it'll patch vulnerabilities. Of course this is obvious to most people worth a damn out there, but you get modded up anyways. It's almost as if this is Slashdot.
Could they be targeting AJAX pages and the like that do not submit to the "MS" standard of AJAX. I wonder if Google Maps will still function properly with this 'security feature.'
There are no loopholes. It's either legal or it's not.
I know we all love to hate MS but this is a good idea.
First off, I have seen first hand some of MSResearch fairs and they is a lot of great stuff coming out of them. Anything that comes out of those labs is worth at least some thought before you dismiss it.
That aside, stripping nasties using a simple system before they reach a more complex system isn't really a bad idea. All of our mail servers have some sort of filter that does this (granted, more for dumb users). IIS 5 did this using a tool that was later built into IIS 6. Hell, firewalls aren't a much different idea. Most of us already run some sort of proxy software to block popups, scripts, or ads. All MS is proposing here is the equivalent of proximity or similar proxy software.
Do we just hate this idea b/c MS is doing it?
Why not have the browser do this in the first place? What's the point of having a different program doing it?
Inventions have long since reached their limit, and I see no hope for further development.-- Frontinus, 1st cent. AD
What he is saying, if that there is a possibility for this to be abused. What is the difference for search for a vulnerability in a html page (ie some malicious javascript or activex) and searching for some text...nothing.
All this from the same people that brought you a spam-free hotmail inbox!!!!!! Buy now and rejoice that, soon, the only web pages you'll see in the course of your day are the ones specifically designed to get through the filter, while the useful pages that commit some innocent foul are rejected at the door.
Jester
Warning: This sig may be legally binding in England.
And the MicroSoft implementation seems to be a limited sub-set. It won't even block ads.
.. paranoid crackpot leftover from the days of Amiga.
Of course if you could detect signatures instead of actually fixing bugs, you might be able to get the new signature out at about the same time as the exploit instead of (as you said) three weeks later.
Intuitively, though, I'm not keen on something that rewrites the HTML that I receive. It seems like there's a lot of potential for abuse, like that infamous Internet Explorer linking thing that automatically sprinkled links to Microsoft-friendly sites into the page content you received. Is this just a trojan horse for the likes of that cropping up again?
D
Hmm, so I should trust MS to know what content I want them to "clean"? No thanks. MS has a lot to do to earn back my trust and I would bet the same goes for many other computer users.
What can I say except I'd hate to live in your isolated little made up "omg MS is coming to get me" world.
No matter what the society turns to be, there'll be always people to build inexplicably complex and ridiculous conspiracy theories that all link to the same "ultimate" enemy. Does it make you feel smarter that you saw this intricate plan of Microsoft to ban your blog noone gives a damn about either way?
But it's really not that cool to throw unsubstantiated FUD around as it used to be. We call it trolling, and it's mostly unwelcome.