Question about SafeOnline protection

Discussion in 'Prevx Releases' started by dlimanov, Oct 29, 2009.

Thread Status:
Not open for further replies.
  1. dlimanov

    dlimanov Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    204
    Joe,
    Can you tell me if SafeOnline alone would protect against the following:
    - drive-by malware installation
    - buffer-overflow in browser itself or any browser-related component (Flash, Adobe, Java, etc.)
    - iframe or similar form manipulation or rudimentary XSS-like attacks
    - spoofing/phishing

    Thanks as always!
     
  2. dlimanov

    dlimanov Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    204
  3. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Sorry about that! :oops:

    Spoofing/phishing websites are detected/blocked within SafeOnline, but SafeOnline alone has currently not been designed to protect against drivebys although some aspects of its protection do inadvertently prevent certain drivebys. We are planning to add exploit prevention within SafeOnline but this is currently out of the scope of it as it is covered by the antimalware components (and automatically-heightened heuristics when untrusted files come from the browser).

    Essentially, SafeOnline protects the browser from the OS while Prevx 3.0 protects the OS from the browser (and elsewhere :))
     
  4. dlimanov

    dlimanov Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    204
    No worries, you're a busy man. :)
    Joe, can you elaborate on what exactly would SafeOnline block against or protects? I'm not sure if I understand "browser protection from OS" technique; is it like SandboxIE, where browser is sandboxed and no changes are written to disk?
    Thanks as always!
     
  5. Hugger

    Hugger Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    1,003
    Location:
    Hackensack, USA
    Joe,
    I had a trial license and used it for a day but then cleared up some issues w/hardware and installed W7. So I didn't get to play with it much.
    I'm wondering about the same questions as dlimanov.
    I didn't understand much from your response to his questions.
    IE-does it protect from iframes and xss?
    Thanks.
    Hugger
     
  6. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It is the inverse of Sandboxie - if malware exists on your PC, it is prevented from reading/tampering with the browser. It is still theoretically possible for malware to enter from the browser, but it would have to get past the other layers of Prevx protection first :)

    SafeOnline is not designed to protect against iframe/xss exploits - an in-depth third party review of SafeOnline can be read here: http://pxnow.prevx.com/zeroL/Immunity.pdf
     
  7. dlimanov

    dlimanov Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    204
    Joe,
    I read this review previously, but it looks like they are concentrating on Prevx + SafeOnline working together; my question is about SafeOnline alone. I understand the reverse SandboxIE idea, but what about protecting system from the browser part? I would like to know what exactly can SafeOnline protect the system against if it's installed alone, with no Prevx (or any other on-access scanner).
    Thanks much!
     
  8. Habakuck

    Habakuck Registered Member

    Joined:
    May 24, 2009
    Posts:
    544
    It protects you by blocking malicious websites.
     
  9. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Habakuck is correct - it will block malicious/phishing websites, but you can't install SafeOnline completely by itself: it is dependent on the rest of Prevx 3.0, which is why we've combined both technologies.

    However, if malware does enter your PC while using SafeOnline, it will be unable to steal data/modify your transactions, so, for banking trojans/identity-stealing-trojans/etc. the existence of malware is irrelevant (but the rest of the Prevx "suite" steps in when there is other forms of malware on the PC so you can still be protected/cleaned from those :))
     
Thread Status:
Not open for further replies.