Google Buys Anti-Malware Security Startup

← Back to Stories (view on slashdot.org)

Google Buys Anti-Malware Security Startup

Posted by Zonk on Tuesday May 29, 2007 @04:01AM from the securing-the-border-by-any-means-neccessary dept.

J Tomas writes "Google has quietly made its first anti-malware acquisition, snapping up GreenBorder Technologies, a venture-backed company that sells browser virtualization security software. GreenBorder's software creates a DMZ (demilitarized zone) between the Windows desktop and programs downloaded from Web pages or opened from e-mail messages in Microsoft Outlook. The early speculation is that Google will add the sandbox technology to the Google Toolbar or release a rebranded version as a standalone download."

24 of 125 comments (clear)

Min score:

Reason:

Sort:

Thanks... by Anonymous Coward · 2007-05-29 04:06 · Score: 5, Funny

GreenBorder's software creates a DMZ (demilitarized zone) between the Windows desktop and programs downloaded from Web pages or opened from e-mail messages in Microsoft Outlook.

Dear GreenBorder,

Thank you for doing work we should have done years ago.
Unfortunately this level of work requires considerable resources
which would drive down our bottom line and
shareholder confidence.

William Gates III
Microsoft Corporation
ALERT! ALERT! by LiquidCoooled · 2007-05-29 04:08 · Score: 3, Funny

Harry Kim: "Borg Attack!"
Janeway: "Raise shields"
Paris: "Its no good, they have adapted, they are firing sunloungers"

--
liqbase :: faster than paper
Google is the new Microsoft, etc. etc. by athloi · 2007-05-29 04:08 · Score: 5, Insightful

...proving that corporations aren't evil, but trying to stay on top when you're top dog might corrupt absolutely. This would not have happened in "Lord of the Rings."

I refuse to demonize corporations, because I know that people run them and do the best they can with an often paradoxical set of goals. I remember when one boss I worked for sold his company to a larger technological concern, and suddenly all the rules changed. Image became more important than reality. We did everything we could to inflate figures. And the guy who once spent hours thinking about "the next cool thing we'd all like to use" stayed up late looking over spreadsheets, metrics, indicators and other spaced-out crap that has no relevance to reality.

We might call this time "the devirginization of Google," as they are inducted to the weird malevolent world of corporate politics as the top dog in the Darwinian internet struggle for virtual world domination.

--
technical writing / development
1. Re:Google is the new Microsoft, etc. etc. by palewook · 2007-05-29 04:18 · Score: 2, Interesting
  
  or the new yahoo. in a few years we'll be using something else for a search engine. google is buying so much crap and utilizing so little of it. example: google buys dodgeball and leaves it for dead, along comes twitter. so now google buying doubleclick then buys an anti malware company. go figure. theres a few kids in school at the moment that will be millionaires in a few years after they start a new search engine that doesnt have bloat and doesnt sell listing results. google gets to join yahoo in the also ran seat soon.
2. Re:Google is the new Microsoft, etc. etc. by Paulrothrock · 2007-05-29 06:55 · Score: 4, Insightful
  
  Corporations aren't evil in the same way that sharks aren't evil. They're just doing what comes naturally. Sharks eat furry little sea lions; corporations make money. If either stopped doing what came naturally, they'd die.
  The key is to harness the corporation in such a way that it improves the lives of individuals without running roughshod over society. And that is the point of regulation. Well, that *should be* the point of regulation.
  
  --
  I'm in the hole of the broadband donut.
virtualization DMZ.. by rs232 · 2007-05-29 04:10 · Score: 4, Funny

When did Linux steal this innovative technology and rename it chroot.

--
davecb5620@gmail.com
Marketingspeak: DMZ vs. Sandbox... by xxxJonBoyxxx · 2007-05-29 04:12 · Score: 3, Funny

GreenBorder's software creates a DMZ (demilitarized zone) between the Windows desktop and programs downloaded from Web pages or opened from e-mail messages in Microsoft Outlook. The early speculation is that Google will add the sandbox technology to the Google Toolbar or release a rebranded version as a standalone download.

So...is it like the plain old Java sandbox?
"But in my tests, some minor spyware modifications, such as desktop shortcuts and new menus, did make it to the underlying host. GreenBorder says this is because the malware mimicked a normal user's modifications too closely, as compared with most malware's programmatic accesses. Still, the fact that malware can modify the host desktop at all means there are other potential weaknesses." --http://www.infoworld.com/article/05/03/18/12TCgr eenborder_1.html

Hmmm...I guess not. GreenBorder's "sandbox" appears to have some pretty big holes.
1. Re:Marketingspeak: DMZ vs. Sandbox... by rs232 · 2007-05-29 05:20 · Score: 3, Funny
  
  Wouldn't that suck .. For fuck's sake, just stop using Windows
  
  Well yea, but the average Windows wouldn't notice. And the average non technical user flies in to a technological panic when confronted with anything new. For instance a writer who is still on Wordperfect on Windows 98. She copies and pastes into her email prog to send, otherwise her clients can't read the doc .. :)
  
  Did I mention the one who has msWord set at 75% zoom and the fonts at 20, as she never learned to adjust the font size. At print out she selects 'reduce by 60%' ..
  
  --
  davecb5620@gmail.com
2. Re:Marketingspeak: DMZ vs. Sandbox... by 99BottlesOfBeerInMyF · 2007-05-29 06:57 · Score: 2, Interesting
  
  They wouldn't notice that all their documents the apps and they installed are gone? Do you think the "average WIndows user" is an Alzheimer's sufferer or something?
  I do run Windows in a VM and do revert to a clean version once a day. Windows has read/write access to a version controlled directory for storing data, but it cannot delete the history thereof.
3. Re:Marketingspeak: DMZ vs. Sandbox... by Some_Llama · 2007-05-29 08:39 · Score: 2, Interesting
  
  "WITHOUT the hoops you need to jump through to keep it clean."
  
  Why is it so hard to keep your windows box clean? I run XP semi updated (every so often i check for updates, not regularly) and don't have "MASSIVE" problems that i hear people like you complaining about all the time...
  
  Maybe it is because i am careful? I use firefox (because i prefer it over IE), I scan anything i download or get emailed with online scanners and i use a lot of game/program cracks, i don't scour the net for pron, and i have my boxes (4 of them, all windows, none with these "problems") behind a hardware firewall. I don't even have antivirus installed on my systems, meh...
  
  Once in a great while one of them will get some spyware because of what my kids have done and i can clean it up, but for the most part i'm not rootkitted, full of spayware/viruses, crashing, etc...
  
  Maybe you should be looking at your own actions when using windows instead of complaining about it being such a problem?
  
  (side note) I work in IT personally, and pretty much 90% of the problems that are software are due to user misconduct/error... Windows has come along way since 95...
Great ... :-S by SplatMan_DK · 2007-05-29 04:12 · Score: 5, Insightful

Great!

Yet another piece of software that interferes with my network layer, slows my PC, and eats half my CPU cycles just to keep malware from infecting my machine.

When will we see a REAL solution to these problems, and stop implementing obscure security work-arounds that eat more resources than the applications themselves? Anyone?

When more than 50% of the CPU cycles in my PC go to security software (Antivirus, Antiphising, Antispyware, Antiadware, Antifraud, heuristics scanning, SPAM filter, personal firewall, strange DMZ browser-thingeys) during the display of a simple HTML page in a browser i would say that our current approach is broken. Totally.

I need an Anti-security-bloatware product. And fast!

--
My security clearance is so high I have to kill myself if I remember I have it...
1. Re:Great ... :-S by Anonymous Coward · 2007-05-29 04:18 · Score: 2, Insightful
  
  A fantastic solution exists -- it's called "not using Microsoft products".
2. Re:Great ... :-S by grub · 2007-05-29 04:22 · Score: 2, Insightful
  
  When will we see a REAL solution to these problems, and stop implementing obscure security work-arounds that eat more resources than the applications themselves? Anyone?
  
  You would have to ask Microsoft that. These bandaids fix a lot of MS' screwups. Or you could switch operating systems and use Windows only when necessary (games, etc.)
  
  --
  Trolling is a art,
3. Re:Great ... :-S by grub · 2007-05-29 04:38 · Score: 3, Insightful
  
  It's still pretty lame though...
  
  Yeah, absolutely. However Mom & Pop will still run down to BestBuy and buy a new "Norton IntraTubes MegaDefender 2008 Plus" for $69.99 instead of learning something new and refreshing. It's that kind of inertia that keeps a lot of the clowns in greasepaint and goofy wigs.
  
  --
  Trolling is a art,
4. Re:Great ... :-S by apathy+maybe · 2007-05-29 04:40 · Score: 3, Insightful
  
  I know, it is just an added bonus of using a more secure browser (because of less functionality) with a more secure OS.
  
  As I said, you have the choice of security or functionality, and in many cases you can't even have either (the scenario of having all the anti-malware products eat up your CPU time, but still doing a crappy job).
  
  If you want real security, you unplug your computer from the network and remove all other forms of accessing it (including the keyboard). It just depends on what you are willing to put up with.
  
  Of course, it is perfectly possible to have a functioning MS Windows PC connected to the Internet and even have a decent browser and have no worries. You just need to have security culture and a firewall the rejects all connections from outside (except those related to web browsing, so that would be everything except port 80, and maybe whatever port FTP is on).
  
  A security culture is the most important thing, and comes from not randomly downloading and installing everything, deleting spam, not opening executable attachments in emails (including in some cases such things as Word Documents!),or at least verifying that the person who sent them to you, really did.
  
  My mother has managed to only (I think) get one virus (or worm, I'm not sure what it was actually) for years. Yet she runs MS Windows XP (SP1 I think). She has a firewall (outdated ZoneAlarm free I think), and she doesn't use IE (rather Mozilla, again outdated). No worries, because she practices security culture (to the best of her ignorant ability). She has an anti-virus, except because the signatures take so long to download (only slow dial up, no broadband in the country) it doesn't get updated so often. No worries though, because she doesn't run random stuff, doesn't go to random websites and doesn't use IE.
  
  Security culture will get you everywhere.
  
  (Also important if you are an anti-state activist. Got to watch out for them police...)
  
  --
  I wank in the shower.
5. Re:Great ... :-S by bvankuik · 2007-05-29 04:42 · Score: 2, Insightful
  
  You don't need any of it. Just work with a user account (not administrator/root), use firefox, thunderbird and don't install all that crapware.
6. Re:Great ... :-S by SplatMan_DK · 2007-05-29 05:23 · Score: 2, Insightful
  
  Actually they don't. Thats half of the problem. They expect me to come fix things when they stop working - but spend 69.99$ on a security app that really "does nothing" as far as they are concerned? Never!
  
  So to make matters worse, *I* am the one going down to BestBuy to pick up the latest Trend Micro Take-A-Pill PCCillin (Superinfused edition) because I get tired of saving their machine from the software pests they collect online... :-S
  
  --
  My security clearance is so high I have to kill myself if I remember I have it...
Google... by Mockylock · 2007-05-29 04:18 · Score: 3, Insightful

Now, if only they would filter out the sites that CAUSE the malware and spyware. Not only that, but so many garbage/search sites come up when you search for simple things like drug names and such. You would think they could block out other automated crawlers that clog up bandwidth as well.

--
"Please, shut up. Just when I think you can't say anything more stupid, you speak again." -Archie Bunker.
Re:The term DMZ by Volante3192 · 2007-05-29 04:19 · Score: 4, Informative

A firewall, however, would block it. DMZs are areas inside the first firewall to keep the majority of the intruders out, but outside the second, more locked down, firewall that protects the internal network. Technically the area inside the first firewall isn't "safe," it's just "safer." DMZs can still be subject to malicious traffic because boxes inside DMZs, like webservers, by design have to keep certain known ports open.

I think the ideal term for what Google picked up is sandbox, where stuff can run and it doesn't impact the rest of the system so you can see what it is beforehand, but DMZ looks like it could apply.

Interesting idea if it does what I think, at least. Would have figured a sandbox for a plugin was rather intensive processor wise.
Neo-security Methodology by Nymz · 2007-05-29 04:23 · Score: 5, Funny

1) Install every anti-virus, firewall, virtual sandbox DMZ, and toolbar that you can.
2) Sustain 99% CPU usage.
3) Protected!
Test by setrops · 2007-05-29 04:51 · Score: 4, Informative

Well I was asked to evaluate this product 2 years ago. At the time it was not very useful as there were some problems. But last year when they did their update it was a good improvement on speed and memory foot print. For what it does the product works well. And with Googles money and resources behind it, it can only get better.
Re:The term DMZ by Lord+Faust · 2007-05-29 05:19 · Score: 2, Interesting

Interesting idea if it does what I think, at least. Would have figured a sandbox for a plugin was rather intensive processor wise

One thing however, is that on Vista you already have Internet Explorer running in a sandbox (most of the core system services appear virtualized, according to Task Manager), isolated from the kernel. I'd imagine a virtualized virtual machine is a pretty nasty beast on performance.

Definitely a neat idea; especially on an XP box where you don't have the innate ability to run a virtualized IE.
Sandboxie by Nappa48 · 2007-05-29 05:35 · Score: 2, Informative

Read about this ealier, and as nice as it is, i'll probably stick with Sandboxie. Does the same thing as this, but also protects other programs.

If you donate to the project, you can unlock a few more features that allow you to start any program under sandbox ALL the time, even without it being started before the protected program. (well, the main program, not the service)
Its pretty good, but the file browser that comes with it could do some with some work... tends to lock up sometimes in large directories.

Although, with this, if Google does find malware and crap like that, they could easily tag a site and alert a user/kill connection whenever it comes up, killing a connection only on cases where there isn't really a site to go to.
Still don't want that horrible green border, sorry, that is just plain ugly. (Sandboxie just does [#] Window Title [#] on any sandboxed windows FYI)
Re:I guess a newb submitted this by empaler · 2007-05-29 08:26 · Score: 2, Insightful

Well, I bet we've all read /. summaries with abbreviations that we've wondered about. The summary just courteously saved those people a lookup, even if just to brush up.