ZoneAlarm ForceField Beta x64

I've just stumbled across this.
http://download.zonealarm.com/bin/free/beta/forcefield/index.html

How does this compare with Sandboxie/GeSWall/DefenseWall?

It's great to finally see a 64-bit capable sandboxing software.

It's supposedly free as well.

Any comments or reviews from guys here?

 

H,,, thanks for the headsup - was wondering for ages about a sandbox for my os

 

Tested Forcefield 1.3.140.0
with default security settings (not private browser)
on OS Vista 64Bit SP1
Browsers IE7 and FF3.0.8
No further security soft installed.

passed= nothing logged

Against AKLT 3.0
GetKeyState ...passed
Get AssyncKeyState...passed
GetKeyboardState...passed
DirectX...passed
LowLevelHook...passed
JournalRecord Hook...passed
Screenshot1...passed
Screenshot2...passed

Against Aplin Software-through-the-eyes-of-a-keylogger_v1_0_0
Keylogger...passed
Clipboard...NOT passed (logged) SAME in PRIVATE BROWSER mode
Screenshot...passed

Nice add-on banking tool, just do NOT put any passwords in the clipboard

 

Does this in anyway reduce performance for the browser? can someone show speedtests conducted

 

no noticable performance reduction.
Not like Bufferzone, which noticable reduces performance.

 

Seem's it has come out of beta? is there a trial for this

 

A free 15 day trial for the newly released retail 64 x version is available on the ZA website.

http://www.zonealarm.com/security/en-us/trial-download-zonealarm-forcefield-browser-security.htm?d=y

 

I did the same test on Windows Vista SP1 x86, IE 8, no additional security software, and it fails them.

How did you perform the test? I started each individual test and pressed a few keys, and they were recorded.

 

The 'copy' is logged but not the paste

Cheers,
Fax

 

Are you testing within the browser?

Cheers,
Fax

 

What do you mean?

After I installed ZoneAlarm ForceField, I rebooted (just in case), then I started the AKLT keylogger test, then opened IE 8.

I started the individual tests, and then pressed keys inside the browser.

I think that ForceField should have blocked the keys logging, considering it claims to create a barrier between the the Internet and the system. So, it should prevent key logging both ways?

I may have performed the tests in a wrong way. But, I believe I did it right.

Anyway, Keepass Password Safe does a better job (in my testing, flawed or not) at preventing the AKLT from logging the keys.

 

Pressed keys were?
Ok, IE 8... Were you writing inside a web form? or were you writing something in the address bar?
Pressing random key with a open window is not really the way to test it

Cheers,
Fax

 

I wrote in both web form and address bar. Not random keys. I wrote URL addresses, and typed a word inside web forms.

ForceField didn't block anything. Even if just a random key, as you mention, it should stop that key from being logged. If it logs, then it logs. It could be logging just half a key; it was still logging.

After all, Checkpoint claims

(http://www.zonealarm.com/security/en-us/zonealarm-forcefield-browser-security.htm)

Being so, it should prevent keylogging inside or outside the web browser session. At least, that's the way I see it.
Otherwise, it's nothing but misleading advertisement, leading people to believe they're being protected from possible keyloggers already in their systems.

 

Then it does not work on your machine...
FF protect your browser ("protective layer around your browser") no other software.
I can't really see how can you interpret otherwise from the quote.

Fax
EDITED: to complete the answer

 

Maybe so...

Of course. Nor would I, or anyone, expect anything else from such tool. But, by protecting the browser the way it claims to protect, wouldn't it be able to prevent keys from being recorded, whether some key logger is already in the system, or tries to record key strokes while browsing (As in, not in the system yet.)?

That's what I would expect from such tool. Otherwise, it's useless, and people will be wasting money for nothing, when they can get that sort of protection (against key loggers) for free, whether they're in the system or not.

P.S: I'm not saying that ForceField should prevent key loggers from recording key strokes when someone uses their e-mail client or anything else. That's not what it is meant to protect. But, it should prevent key strokes from being recorded, while users are browsing (IE or Firefox), whether or not the key loggers are in the system.

 

Yes, that is what it does here... protect the browser jamming keyloggers present in the system or not...
In your case it does not work as it should, your system does not like it? No idea... sorry

Btw, the main feature of FF is the sandbox, not the antikeylogger. BUt of course the package is nicely put together (phishing, keylogger and screencapture jamming, sandbox, and link checking)

Cheers,
Fax

 

Or... "It" doesn't like my system.

Yes, but, if it claims to stop key loggers, then it should. I don't like picky tools.

 

Could be .. yes
Fax

 

Tested within IE7 and FF.
In all kind of fields:
1. URL field
2. Search field
3. Within the login fields on a http page of this forum and on a https page of my bank

Passed all but clipboard.
Don't know what happened with your setup?

 

Maybe it doesn't support IE8 completely.

 

I guess so. I tested it against Zemana's keylogger tester, and it records the keystrokes.

 

Nope, latest version support IE8
Tried it here... works fine.

http://download.zonealarm.com/bin/free/information/forcefield/releaseHistory.html

Cheers,
Fax

 

Is there a free version available?

 

Nope... only trial.

Fax