Filed under: Internet, Security, Microsoft
Microsoft's BrowserShield to nullify malicious sites
Researchers at Microsoft have built a prototype framework called BrowserShield that "promises to allow IE to intercept and remove, on the fly, malicious code hidden on Web pages, instead showing users safe equivalents of those pages," according to eWeek. "If a patch isn't available, a BrowserShield-enabled tool bar can be used to clean pages hosting malicious content," says Helen Wang, the project's leader. You can read Microsoft Research's paper on Browser Shield at the MSR web site (scroll down to Publications). The paper says BrowserShield's approach is "to rewrite HTML pages and any embedded scripts into safe equivalents before they are rendered by the browser. The safe equivalent pages contain logic for recursively applying run-time checks to dynamically generated or modified web content, based on known vulnerabilities." The advantage of this approach over actually patching the vulnerabilities isn't immediately clear, though perhaps it would allow a faster response to threats.
So, just how good at time waster games are you? Think you've got the stuff? Well, The World's Hardest Game 2.0 doesn't think you do.
Yes, amazingly, it's possible to have a sequel to a game called "The World's Hardest Game". It doesn't seem logically possible, since if the first one was actually the world's hardest, how could another one come along and share the moniker? It made me doubt the name in the first place. That is, until I tried the game.
The mechanics of the game are very simple. You are a small red square, ...
Reader Comments (Page 1 of 1)
Fabulo said 2:01PM on 9-05-2006
"...based on known vulnerabilities"
1. Then you have to know about the threats in advance? How is it different from firewall/ids/filtering/antivirus already in place?
2. Who ever thought that any app (especially a web browser) should download random code from unknown parties and run it would be a good idea?
We definitely brought that one on ourselves. And Microsoft is double guilty for unleashing the evil ActiveX on us.
Reply
Uso said 10:16AM on 9-06-2006
Why would anyone care to have a site "safely" re-rendered that contains malicious content? Why not just stay freakin' away from such sites?
Reply