BLADE (Block All Drive-by Download Exploits)

I have been reading about a program being tested by researchers called BLADE (Block All Drive-by Download Exploits). It is not yet available to the public. It checks whether or not the download was explicitly authorized by the user and if so, the file is allowed to execute. If not, the file is quarantined and not allowed to execute. BLADE will not prevent social-engineering attacks nor malware that is completely in memory. What is your opinion about the implementation of BLADE? IMO CIS is better because it prevents Buffer Overflow exploits, thereby preventing drive-by downloads and remote code execution. For social engineering, CIS will sandbox the malware and use cloud techniques to determine if the file is indeed malware. So, CIS is superior to the yet-to-be-released BLADE.

It’s hard to compare, but it would be a nice compliment to be added :-TU

Hi IBadget ,

Thanks for the info

Indeed

Then, this new development has a very specific target, which may help to reduce the number of bad outcomes when the describe type of attacks occur.
It’s developed for browsers. As soon as you are using those – you are basically on your own and many (most ? :slight_smile: ) of security are missing such attacks especially 0-days.

Despite the reviews are good it’s premature to make strong conclusions. At the same time, definitely that can be an interesting and helpful additional layer of security,
including the fact that Comodo sandbox does not provide virtualization, so processes can escape… and the cloud has too many FPs (similar to CAV), etc.

So basically, I agree with jay2007tech – you cannot compare those two

Here is another review

Cheers!

That’s the same video as linked to in the main Blade page IEBadget links to.

It does look very interesting!

And with funding by the NSF, the U.S. Army, and the Navy, I would expect it to be pretty solid.

Hi HeffeD,

I just deleted the note about the video from my reply a few seconds before you posted the comment ;D Cheers!