GreenBorder is gone (Preannouncement)

An interesting observation relevant to this discussion that has yet to be mentioned is that firewalls are somewhat similar to these 'other' types of security software (HIPS, sandbox, virtualization, etc) in terms of user-friendliness, or the lack thereof. Firewalls in general, and their outbound protection in particular, are user-intensive in a manner similar to many HIPS programs in that they both often require significant user input in order to work properly. Most people I know have no idea how to properly use a firewall (with the exception being windows firewall as that is simply inbound protection and doesn't require much if any user input) yet this type of security software is mainstream. So what gives? If the lack of user-friendliness is the factor preventing these 'other' types of security software from being adopted by the big computer security companies and from becoming mainstream, then why are firewalls the exception?

EDIT: Sorry Bill for contributing to the hijacking of your thread, but I didn't start it and it is already in full swing.

 

This is very true: GreenBorder obvious missed the PR train


Regards,

Smokey

 

Because the firewalls have been made user friendly (and watered down)to an extent. For example, I used to use Norton Internet Security, then switched to PC Cillin back in the days before I came to this forum. As a relatively inexperienced user, I was able to use those products.

When I came ot his forum, I tried Outpost Pro. It was too complicated for me. It was a real firewall versus the watered down version in most suites.

So basically, security companies figured out how to make FW's "user friendly". The same is happening with HIPS (Prevx/Cyberhawk/Online Armor). It will just take a while.

 

My security is mainly based on non-security softwares and I use my security softwares to save the day as good as possible.
During reboot I remove all the mistakes of my security softwares and I have my clean computer back.
I don't spend my time on running 5-10 blacklist scanners, I spend my time on Image Backup, while my automatic Immediate System Recovery keeps my computer and my images clean.

 

Guys.. "GreenBorder is gone".

 

nor do a lot of the rest of us either, even if we use a classical approach....

Time spent is, well, time spent. Don't focus on the path, focus on the result. Lots of methods work perfectly well, including the one you're following. The mix of pros and cons are still there - they are for all approaches - they're just different, that's all.

Blue

 

Thanks for all the good wishes! I've learned many things while at GreenBorder. Some things I've learned for a second or third time; such as teamwork is critical (enables freely exchanged ideas), only launch solid products (early products were not compatible enough), and pay very close attention to users (such as this forum).

The company who bought GreenBorder is a very large search engine also located in Mountain View, CA. They wanted the technology, patents, and the core developers. I don't know why they're so quiet about this (no mention on any web pages), and the execs are disappointed there's no proof for their hard work in getting this done. The buyer is busy with many other buyouts, which is why it took so long to close. They also paid less than was invested. I left in February when the writing was on the wall (common stock wasn't worth anything), and briefly worked for another startup which had too much infighting to stay at. So like most of the other GreenBorder non-developers, I'm looking for work in the Silicon Valley area.

Normally I'm on mailing lists (bugtraq, firewalls, pen-testing, webappsec, etc). This is a great forum! Great ideas, thoughts, and constructive conflicts can be found here. I'll change my user name, and stick around for a few more years.

 

Do participate . I'm sure we will all benefit from your input- experience, knowledge, ideas. Good news mixed in here!

 

And what Is GOOGLE going to do with GreenBoarder??

Google Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043

 

Sad news, good luck to you Bill.

Just a thought : Isn't a "very large search engine based in Mountain view" supposed to be developping its own OS, browser, or something similar, according to rumours ?

...just extrapolating about coincidences...

 

Good decision You won't regret it.
I also wonder what Google is going to do with GreenBorder's tech.

 

I doubt that anyone here does that. I see no need for the hyperbole.

As to what Google might do with Greenborder's technology -- I have high hopes that Google will use that technology in a positive way. So far, it is my impression that the Google outfit is both innovative and ethical.

 

Maybe Google will do Linux with comprehensive driver support. And office software interoperability. Bye, bye M$

 

. Will be interesting to hear something from them about it. Glad your sticking around.

 

We were also wondering what their plans are.

Two years earlier the search company had hired a few of our top icelandic engineers who had very deep knowledge of the windows kernel. We were already making wild guesses about why back then.

I am not sure if I can name them (I don't believe I have any restrictions, and the sale already went through), but great deduction!

 

Extrapolating a little bit more : What about Greenborder technology to be used in the upcoming browser this "very large search engine based in Mountain view" is supposed to be working on, just in order to compete with Vista's IE 7 protected mode ?

Building on rumours, but that would make sense

 

That would be interesting. Protected mode is a way of lobotomizing something.

The current approach to browser security is a systematic process of disabling one feature after another (Active-X, Javascript, etc). When a sandbox technology secures entry points into the OS, browser features can be fully enabled. This would allow nearly unlimited capabilities in a browser/next gen browser/web app. One could even create a lightweight virtual computer (web machine?) that accesses your Internet applications and files from any computer.

That would be cool. Login to some site at a cyber cafe, run your subscribed applications and access your data, and no worries about data leakage.

 

The problem is still those events that are still possible inside the sandbox. XSS and his relatives.
Also, using a Google OS seems even more scary.

 

Way cool! I'm looking forward for that day when not a single bit of your data needs to hit your hard disk but just leaks... from your Google account to mine

 

Your login and password could be stolen this way.

 

Hi all,

What is Google going to do with greenborder?

They allready do:
1. Google Search (sponsored ads, add income)
2. Gmail
3. Google (feed) reader/News
4. Google talk
5. Google blogger
6. Google Calender
7. Picassa + Webalbums (pictures)
8. Google Video (+ recently bought You Tube = video's)
9. Google Music (iTunes competitor in the future)
10. Google books + Scholar (books)
11. Google Maps + Earth + Sketch up (3D)
12. Google Docs + Spreadsheet
13. Google Notebook (to save text, images URL your are intrested in)
14. Google Checkout (paying service)
15. Google Home (e.g. desktop widgets) + Desktop (content search)
16. Google Page creator (make your own webpage)
17. Google B2B pack (Co-op, Groups, Base for integration of dynamic aps)

They will do:
XX.Security (encapsulated browsing/central stored data protection)
YY.Their own OS (like thin client/webterminal idea of Oracle/Sun/et all)?

Looks like the web based version of Microsoft when you ask me

 

Hi buddy,
You have forgotten to mention about winpatrol plus which is an excellent tool for the novice and It works silently. Besides, winpatrol plus is considered a very effective hips.Otherwise, after june 07th, 2007 (comodo forecasted the preview date) will be launched the new comodo firewall 3.0 with hips included and is a firewall winner by the firewall testers.Thus, We'll get rid of hips like greenborders, DW and sandboxie. I bet it!

 

I really doubt in it. Almost non of the shareware applications are not digitally signed.

 

I think there's room for sandboxes (application virtualization) to grow.

There are three ways to sandbox; 1) prevent an app from accessing computer local resources, 2) prevent computer resources from accessing the app, 3) prevent sandboxed apps from accessing each other.

Most on this forum are interested in protecting their computer (1).

Others (e.g.; remote Citrix, centralized enterprise app users) are interested in protecting corporate apps from the computers (2). There are some products using U3 smart USB technology that are starting to protect remote data from a computer, it's hard to do this without protecting memory which is where products like gumstix could help.

Remotely accessing both untrusted (1) and trusted (2) applications at the same time or without scrubbing the sandbox between uses creates situation (3).

I've also experimented with signed apps, it's not difficult to sign an app. Most people don't validate the signature.

 

Yes, it is not difficult to sign up app. It is quite difficult to buy signature (as I guess, Comodo did their HIPS the way to make software companies buy their digital signatures- clever move). But! Have you ever heard about signed script files? I mean- .vbs, .cmd, .bat,... Each their run will cause popup window.