Reverse-sandbox helps IE users surf safe

Wintutis, a Victoria-based start-up is about to launch an add-on for Internet Explorer that can not only stop the browser from being hijacked by spyware, it can protect users from keyloggers that have already infected the computer.One of the biggest issues facing users of Windows is spyware infestation, which can make it risky using a browser to access confidential services such as online banking.

Wintutis, a Victoria-based start-up is about to launch an add-on for Internet Explorer that can not only stop the browser from being hijacked by spyware, it can protect users from keyloggers that have already infected the computer.

One of the biggest issues facing users of Windows is spyware infestation, which can make it risky using a browser to access confidential services such as online banking.

Although Microsoft -- and a number of alternative firms -- have been working to protect users from infection, Chandan Kudige, Wintutis's co-founder, believes that the company's vPure product provides a new approach.

Kudige told ZDNet Australia in a phone interview on Tuesday that vPure is a -wrapper" which creates a "reverse-sandbox" and stops IE from running anything that could cause damage. This means that any malware attempting to make changes to the browser -- such as adding a toolbar or altering the homepage -- or infect the operating system will be stopped.

Kudige explained that in a traditional sandbox, you can run whatever you like and it will not be allowed to affect the rest of the system. However, he said this would not protect the user from a keylogger that may have already infected the computer.

"A [sandbox] doesn't really help because when you are running IE, probably the spyware is unlikely to access any files -- it will just log your keystrokes," said Kudgie. "Ours is actually a reverse-sandbox -- we don't let anything run inside IE that does not come as part of the system. Only the system files run and you are not putting any restrictions on what can run inside IE."

So even if a piece of malware was to exploit an unpatched vulnerability in IE, it may be able to shut down the browser but it would not be able to infect it, or the operating system. vPure, according to Kudgie, will protect the user from infection by any new spyware and also from any keyloggers that may have already infected the computer.

"You would click on the [malicious] link and most probably your browser would shut down -- because we are not stoping the buffer overflow -- but whatever was created on the disk from the exploit does not get loaded.

"The first and most common way a keyloggers work is by injecting code into IE, which we stop. We basically stop any way in which data can be siphoned out of the browser by another process," he said.

vPure was developed by Kudgie and the other co-founder of Wintutis Dilip Naik, who is a 12-year veteran of Microsoft and listed on the software giant's Most Valuable Professional (MVP) Web site.

Kudgie admits the application is not perfect -- the company is still working on a method of protecting users from spyware that collects screenshots instead of keystrokes -- but he hopes to have a solution for that problem in the very near future.

A beta version of vPure is available for download from the Wintutis Web site and a full version is expected in "about two weeks".

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All