Comments on: Security tool aims to stop drive-by installs

Security industry vets develop software to block attempts by bad sites to drop malicious code onto your PC as you surf.

[andyross]

CNet double-speak

I find it interesting reading a story about drive-by installs, and while reading it, CNet pops up a flash thing that scrolls across the screen asking me to click on it!!!

[Roman12]

Cool, but..

I think it's an interesting idea, but I don't completely understand how it works. He says:

"Before you can open a poisoned page and get infected, we can stop it,"

So it is like the Google Download Accelerator that pre-loads linked pages while you read? and check the page for threats?
______________________________
R.K.
http://www.Remove-All-Spyware.com

[cubicleslave1]

Does this make any sense?

I am a mac and windows XP Pro user. In both environments, I
surf only in LIMITED PRIVILEGE accounts (ie, non-administrative
mode). That means whatever tries to infect me, cannot, because
it lacks the privileges to install anything. Antivirus and other
security tools such as this latest one work under the premise of
trying to find and evict criminals from your house after they get
in, because all your doors are unlocked. The way I surf, it's
more like keeping the doors locked so they can't get in in the
first place. I don't run any security software, but I do have
software and hardware firewalls (those tools operate under the
"locked doors" usage model). I have never been infected with
even one trojan, virus, spyware, or popup ad, and I've been
using the internet since its inception!
The only possible vulnerability I had was malware based on the
buffer overflow exploit, but the latest cpu's from Intel and AMD
include the "nonexecute" feature, which closes that vulnerability.

[Pop4]

If I'm not mistaken this network tool is not even detectable .

Finding the expertise needed to protect my registry further from anything less than spyware is everything being spoken in this bioteck read. Certain console settings are not made clear in this article?
I'll bet thirty dollars at Target's music counter that this product is worth owning.

[alek_nedic]

product is worth owning.

http://www.analogstereo.com/volvo_740_owners_manual.htm

[wbenton]

It's called IDP or DPI and filtering by any other name.

It's not new technology at all. Numerous vendors offer that same protection... but they use standard names such as:

IDP: Intrusion Detection and Prevention
DPI: Deep Packet Inspection

One can filter sites known to be illegal and/or to hold malacious scripts. It works like a Real Time Blacklist updated hourly or daily, or what every they've programmed it to look for recent updates.

One can also look at signatures of viruses, trojans and other spyware by having a realtime updated list of things to watch for and block out to stave off attack attempts to your PC.

Thus it's really old technology... nothing new except for a recent name change.

FWIW