ZoneAlarm ForceField Beta x64

Discussion in 'sandboxing & virtualization' started by yashau, Mar 29, 2009.

Thread Status:
Not open for further replies.
  1. yashau

    yashau Registered Member

    Joined:
    Oct 13, 2008
    Posts:
    151
  2. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    H,,, thanks for the headsup - was wondering for ages about a sandbox for my os
     
  3. coen99

    coen99 Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    55
    Tested Forcefield 1.3.140.0
    with default security settings (not private browser)
    on OS Vista 64Bit SP1
    Browsers IE7 and FF3.0.8
    No further security soft installed.

    passed= nothing logged

    Against AKLT 3.0
    GetKeyState ...passed
    Get AssyncKeyState...passed
    GetKeyboardState...passed
    DirectX...passed
    LowLevelHook...passed
    JournalRecord Hook...passed
    Screenshot1...passed
    Screenshot2...passed

    Against Aplin Software-through-the-eyes-of-a-keylogger_v1_0_0
    Keylogger...passed
    Clipboard...NOT passed (logged) SAME in PRIVATE BROWSER mode
    Screenshot...passed

    Nice add-on banking tool, just do NOT put any passwords in the clipboard ;)
     
  4. R3XNebular

    R3XNebular Registered Member

    Joined:
    Sep 15, 2008
    Posts:
    58
    Does this in anyway reduce performance for the browser? can someone show speedtests conducted
     
  5. coen99

    coen99 Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    55
    no noticable performance reduction.
    Not like Bufferzone, which noticable reduces performance.
     
  6. R3XNebular

    R3XNebular Registered Member

    Joined:
    Sep 15, 2008
    Posts:
    58
    Seem's it has come out of beta? is there a trial for this
     
  7. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
  8. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I did the same test on Windows Vista SP1 x86, IE 8, no additional security software, and it fails them.

    How did you perform the test? I started each individual test and pressed a few keys, and they were recorded.
     
  9. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,729
    Location:
    localhost
    The 'copy' is logged but not the paste ;)

    Cheers,
    Fax
     
  10. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,729
    Location:
    localhost
    Are you testing within the browser?

    Cheers,
    Fax
     
  11. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    What do you mean?

    After I installed ZoneAlarm ForceField, I rebooted (just in case), then I started the AKLT keylogger test, then opened IE 8.

    I started the individual tests, and then pressed keys inside the browser.

    I think that ForceField should have blocked the keys logging, considering it claims to create a barrier between the the Internet and the system. So, it should prevent key logging both ways?

    I may have performed the tests in a wrong way. But, I believe I did it right.

    Anyway, Keepass Password Safe does a better job (in my testing, flawed or not) at preventing the AKLT from logging the keys. ;)
     
  12. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,729
    Location:
    localhost

    Pressed keys were? :blink:
    Ok, IE 8... Were you writing inside a web form? or were you writing something in the address bar?
    Pressing random key with a open window is not really the way to test it :)

    Cheers,
    Fax
     
  13. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I wrote in both web form and address bar. Not random keys. I wrote URL addresses, and typed a word inside web forms.

    ForceField didn't block anything. Even if just a random key, as you mention, it should stop that key from being logged. If it logs, then it logs. It could be logging just half a key; it was still logging.

    After all, Checkpoint claims
    (http://www.zonealarm.com/security/en-us/zonealarm-forcefield-browser-security.htm)

    Being so, it should prevent keylogging inside or outside the web browser session. At least, that's the way I see it.
    Otherwise, it's nothing but misleading advertisement, leading people to believe they're being protected from possible keyloggers already in their systems.
     
  14. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,729
    Location:
    localhost
    Then it does not work on your machine... :)
    FF protect your browser ("protective layer around your browser") no other software.
    I can't really see how can you interpret otherwise from the quote.

    Fax
    EDITED: to complete the answer
     
    Last edited: Apr 2, 2009
  15. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Maybe so...

    Of course. Nor would I, or anyone, expect anything else from such tool. But, by protecting the browser the way it claims to protect, wouldn't it be able to prevent keys from being recorded, whether some key logger is already in the system, or tries to record key strokes while browsing (As in, not in the system yet.)?

    That's what I would expect from such tool. Otherwise, it's useless, and people will be wasting money for nothing, when they can get that sort of protection (against key loggers) for free, whether they're in the system or not.

    P.S: I'm not saying that ForceField should prevent key loggers from recording key strokes when someone uses their e-mail client or anything else. That's not what it is meant to protect. But, it should prevent key strokes from being recorded, while users are browsing (IE or Firefox), whether or not the key loggers are in the system.
     
  16. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,729
    Location:
    localhost
    Yes, that is what it does here... protect the browser jamming keyloggers present in the system or not...
    In your case it does not work as it should, your system does not like it? No idea... sorry :)

    Btw, the main feature of FF is the sandbox, not the antikeylogger. BUt of course the package is nicely put together (phishing, keylogger and screencapture jamming, sandbox, and link checking)

    Cheers,
    Fax
     
  17. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Or... "It" doesn't like my system. :D

    Yes, but, if it claims to stop key loggers, then it should. I don't like picky tools. ;)
     
  18. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,729
    Location:
    localhost
    Could be .. yes :D
    Fax
     
  19. coen99

    coen99 Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    55
    Tested within IE7 and FF.
    In all kind of fields:
    1. URL field
    2. Search field
    3. Within the login fields on a http page of this forum and on a https page of my bank

    Passed all but clipboard.
    Don't know what happened with your setup?
     
  20. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    Maybe it doesn't support IE8 completely.:doubt:
     
    Last edited: Apr 9, 2009
  21. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I guess so. I tested it against Zemana's keylogger tester, and it records the keystrokes.
     
  22. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,729
    Location:
    localhost
    Nope, latest version support IE8 :)
    Tried it here... works fine.

    http://download.zonealarm.com/bin/free/information/forcefield/releaseHistory.html

    Cheers,
    Fax
     
  23. progress

    progress Guest

    Is there a free version available? :doubt:
     
  24. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,729
    Location:
    localhost
    Nope... only trial.

    Fax
     
Loading...
Thread Status:
Not open for further replies.