“User interactions - clicking a link on your Facebook wall, or opening an email attachment - spawns a new task, which is assigned its own virtual machine with the resources necessary to complete that task. However, these ephemeral VMs are untrusted by the host operating system, and therefore unable to access it or the CPU itself. As an example, an instance of your IE browser running Facebook.com can only access the browser cookie for Facebook, and the untrusted web, but cannot access any other files, or reach deeper into the enterprise network or access USB devices connected to your PC. Unlike Trusteer, Bromium doesn’t claim to be able to sort out malicious versus legitimate application behavior. Instead, it provides a secure container for malicious applications to run in that won’t compromise valuable and trusted assets and resources. Once a particular task is killed, the hardware-isolated task is discarded and, with it, any malware.”
Antivirus's star fades, letting new technologies shine
That is nearly that what Comodo told since many years
Comodo seems to be a step ahead of all those popular security “Giants” as stated in the article. Comodo has Signatures but doesn’t rely on them 100%.
Saw this article a while ago.
“Antivirus software isn’t doing its job, even though it sucks up around 30% of IT security budgets.”
The Q here is when we will move away from the AV and step into the future? Not soon… Many security vendors now seem to understand the issue but they are not willing to move away from the “AV comfort zone”.
from what i can see they are just hyping some old (or just not new) proactive technology or alternative for antivirus
the first one seems to be a behavior blocker minus the whitelist from the way i understand ( kinda like avg identity protection which is already apart of avg free 2011)
the second one seems to be a sandbox or sandbox wiith behavior blocker ( kinda like avast autosandbox in avast 6 or is it 7)
well this is just my opinion though but then again it is still possible that the methods or implementation may be better or more advance or new way of implementation
and here is an old post that links to what is behavior blocker
Even behavior blockers are fast becoming out-paced. After having trusted threatfire for quite some time, it would seem that it became less and less necessary as malware takes on less conspicuous forms. To make matters worse, it would seem that they’re becoming more and more focused on targeting the greatest vulnerability: the users. No need to steal data or infiltrate systems if the user is more than willing to do it for you.
Cyberwarfare, well, that’s a totally different story and one I’m not very familiar of. But if it were me, I would really just employ people to make a distro specifically for the sheer purpose of handling a particular job. In other words, an entirely new OS made open-source greatly limiting vulnerabilities. I just don’t like the idea of giving people I can’t even see face-to-face the security of my most precious files.