Author Topic: Google acquires 'sandbox' technology for secure browsing (Read 2789 times)

FreewheelinFrank · « **on:** May 29, 2007, 10:46:37 PM »

Quote

Google is acquiring GreenBorder, a Silicon Valley startup that helps protect web users against malware.

Word of the acquisition comes a week after Google inaugurated a blog devoted to online security, indicating the search king's growing interest in fighting the malware scourge.

GreenBorder claims to work with both Internet Explorer and Firefox to form a protective barrier to prevent malicious code from installing programs or accessing sensitive files on a PC. Web content is shunted into a secluded area - or "sandbox" - where files can be flushed away. This is similar to the way temporary files are disposed of once a user closes the application they are associated with.

The GreenBorder website is no longer offering downloads, but we were able to acquire the company's program just fine on Download.com. GreenBorder is pledging to support all existing customers.

It's unclear exactly how Google plans to use the new technology. The most likely option is to make it available as a download for users to run on their machines...

http://www.theregister.co.uk/2007/05/29/google_security_acquisition/

drhayden1 · « **Reply #1 on:** May 29, 2007, 10:49:33 PM »

interesting freewheelinfrank-will just reading about it a-while ago
http://blog.outer-court.com/archive/2007-05-29-n85.html
and never even heard of it until today and not much on their website for info

http://www.greenborder.com/index.html
both links clean by dr.web

polonus · « **Reply #2 on:** May 29, 2007, 11:45:06 PM »

Hi you two I give you some nice raw spaghetti code to filter your tags, save as TagFilter.h in your browser's profile folder, adjust as preferred:

Code: [Select]

use HTML::TagFilter;
    my $tf = new HTML::TagFilter;
    my $clean_html = $tf->filter($dirty_html);
    
    # or
    
    my $tf = HTML::TagFilter->new(
        allow=>{...}, 
        deny=>{...}, 
        log_rejects => 1, 
        strip_comments => 1, 
        echo => 1,
        verbose => 1,
        skip_xss_protection => 1,
        skip_entification => 1,
        skip_mailto_entification => 1,
        xss_risky_attributes => [...],
        xss_permitted_protocols => [...],
        xss_allow_local_links => 1,
    );
    
    # or

    my $tf = HTML::TagFilter->new(
        on_finish_document =>sub {
                return "\n<p>" . $self->report . "</p>\n";
        }, 
    );
    
    $tf->parse($some_html);
    $tf->parse($more_html);
    my $clean_html = $tf->output;
    my $cleaning_summary = $tf->report;
    my @tags_removed = $tf->report;
    my $error_log = $tf->error;
my $tf = HTML::TagFilter->new(
    log_rejects => 1,
    strip_comments => 1,
    echo => 1,
    verbose => 1,
    skip_xss_protection => 1,
    skip_ltgt_entification => 1,
    skip_mailto_entification => 1,
  );
$self->xss_risky_attributes( qw(your list of attributes) );
$self->allow_tags({ p => { 'any' });
$self->allow_tags({ p => { none => [] });
$self->allow_tags({ a => { any => [] } });
    $self->deny_tags({ a => { onClick => [] } });
my $filter = HTML::TagFilter->new(
        on_start_document => sub {
                my ($self, $rawtext) = @_;
                $self->{_tag_stack} = [];
                return;
        },
        on_open_tag => sub {
                my ($self, $tag, $attributes, $sequence) = @_;
                push @{ $self->{_tag_stack} }, $$tag unless grep {$_ eq $$tag} qw(img br hr meta link);
                return;
        },
        on_close_tag => sub {
                my ($self, $tag) = @_;
                unless (@{ $self->{_tag_stack} } && grep {$_ eq $$tag} @{ $self->{_tag_stack} }) {
                        undef ${ $tag };
                        return;
                }
                my @unclosed;
                while (my $lasttag = pop @{ $self->{_tag_stack} })  {
                        return join '', map "</$_>", @unclosed if $lasttag eq $$tag;
                        push @unclosed, $lasttag;
                }
        },
        on_finish_document => sub {
                my ($self, $cleantext) = @_;
                return join '', map "</$_>", reverse @{ $self->{_tag_stack} };
        },
  );
 sub on_open_tag {
        my ($self, $tag, $attributes, $sequence) = @_;
        $$tag = 'strong' if $$tag eq 'b';
  }

  sub on_close_tag {
        my ($self, $tag) = @_;
        $$tag = 'strong' if $$tag eq 'b';
  }
 print $tf->filter( $pages{$_} ) for keys %pages;

polonus

mouniernetwork · « **Reply #3 on:** May 30, 2007, 09:08:20 PM »

Quote from: polonus on May 29, 2007, 11:45:06 PM

Hi you two I give you some nice raw spaghetti code to filter your tags, save as TagFilter.h in your browser's profile folder, adjust as preferred:
Code: [Select]
use HTML::TagFilter; my $tf = new HTML::TagFilter; my $clean_html = $tf->filter($dirty_html); # or my $tf = HTML::TagFilter->new( allow=>{...}, deny=>{...}, log_rejects => 1, strip_comments => 1, echo => 1, verbose => 1, skip_xss_protection => 1, skip_entification => 1, skip_mailto_entification => 1, xss_risky_attributes => [...], xss_permitted_protocols => [...], xss_allow_local_links => 1, ); # or my $tf = HTML::TagFilter->new( on_finish_document =>sub { return "\n<p>" . $self->report . "</p>\n"; }, ); $tf->parse($some_html); $tf->parse($more_html); my $clean_html = $tf->output; my $cleaning_summary = $tf->report; my @tags_removed = $tf->report; my $error_log = $tf->error; my $tf = HTML::TagFilter->new( log_rejects => 1, strip_comments => 1, echo => 1, verbose => 1, skip_xss_protection => 1, skip_ltgt_entification => 1, skip_mailto_entification => 1, ); $self->xss_risky_attributes( qw(your list of attributes) ); $self->allow_tags({ p => { 'any' }); $self->allow_tags({ p => { none => [] }); $self->allow_tags({ a => { any => [] } }); $self->deny_tags({ a => { onClick => [] } }); my $filter = HTML::TagFilter->new( on_start_document => sub { my ($self, $rawtext) = @_; $self->{_tag_stack} = []; return; }, on_open_tag => sub { my ($self, $tag, $attributes, $sequence) = @_; push @{ $self->{_tag_stack} }, $$tag unless grep {$_ eq $$tag} qw(img br hr meta link); return; }, on_close_tag => sub { my ($self, $tag) = @_; unless (@{ $self->{_tag_stack} } && grep {$_ eq $$tag} @{ $self->{_tag_stack} }) { undef ${ $tag }; return; } my @unclosed; while (my $lasttag = pop @{ $self->{_tag_stack} }) { return join '', map "</$_>", @unclosed if $lasttag eq $$tag; push @unclosed, $lasttag; } }, on_finish_document => sub { my ($self, $cleantext) = @_; return join '', map "</$_>", reverse @{ $self->{_tag_stack} }; }, ); sub on_open_tag { my ($self, $tag, $attributes, $sequence) = @_; $$tag = 'strong' if $$tag eq 'b'; } sub on_close_tag { my ($self, $tag) = @_; $$tag = 'strong' if $$tag eq 'b'; } print $tf->filter( $pages{$_} ) for keys %pages;
polonus

I'm sorry but I don't quite understand what this code does could you clarify it ?

Thabks

Al968

polonus · « **Reply #4 on:** May 30, 2007, 09:34:22 PM »

Hi al968,

What this filter does is, it will remove unwanted html tags and attributes from a piece of text; this filter guards against cross site scripting attack, and it's main action is obfuscation in a fine-grained way. So it could be seen as a sort of blocker for cleaning and denials, e.g.:

Code: [Select]

deny=>({{$Hidden1._ViewState}}), etc.

polonus