Haute Secure launched moments ago: it’s a new browser plugin that the company says will detect and block malware before it has a chance to infect your computer. The timing couldn’t be better as news spreads of more Windows-based vulnerabilities.
Haute Secure is free and relatively non-intrusive to the browsing experience. Like Site Advisor, acquired last year by McAfee for a rumored $80 million, users will be warned about sites that may contain malware.
But Haute Secure is also different from Site Advisor, and can provide more protection to users. Site Advisor focuses only on entire sites, labeling them good or bad. That works for some sites, but not for, say, MySpace, where hackers have been able to take over accounts and add malware to popular pages. Haute Secure looks at each page on a site individually and blocks those pages which are bad. Site Advisor also doesn’t try to block malware, just warn the user of it. Haute Secure blocks it.
Haute Secure is also a P2P solution, and the detection software is included in the plugin (Site Advisor does not use its plugin to detect malware). As soon as you locate new malware code, the plugin notifies the Haute Secure servers, which then send the information out to all other plugin users. This effectively increases the amount of web space the service can analyze quickly, adding more protection to users.
Haute Secure also analyzes advertisements, a common vehicle for delivering adware. This triggers warnings on a number of sites that include ads from networks known to carry malware.
Here’s a good example of Haute Secure in action: a malware site at lindsay-lohan.org (do not go to that site) pops up on yahoo search as the third result for a search on that popular actress. Site Advisor gives it a “green” rating, meaning they think it’s clean. But Haute Secure has detected malware on the site and blocks it.
The founding team includes Steve Anderson (acting CEO), Frank Swiderski, Iain Mulholland and Rob Vucic. They’ve raised just $500,000 in funding from Baseline Ventures and Ron Conway.
For a deeper dive on the technology side by a security and kernel expert, see Alex Ionescu’s beta review
And what this has to do with the Zooomr logo? Did i miss something?
Oh well it has been corrected I see.
“And what this has to do with the Zooomr logo? Did i miss something?”
Michael’s machine must have been infected with the Zooomr malware, which automatically uploads the Zooomr logo anytime you try to post an image on the Internets. Once he installed Haute Secure the problem was resolved.
Hmm - how do they do this - is it parsed as you browse? I can only imagine how slow that is. Or do they use some kind of cache? That would be worthless because the malware’rs will just change it randomly to appear clean.
Are there any negatives with using this Michael? Can you expand on “relatively unobtrusive”?
I would love to learn more about how they look at pages and how they differ from a spyware/malware/virus already running on a person’s pc. Why is this better, etc.?
There is a possibility that once VISTA is perfected - it may do this automatically and eliminate the need for add-ons.
People insist on signing on the computers as Admins. If they would not do this when not necessary, so many problems could be avoided
It gives 3 warnings with you visit TechCrunch. One for Eurekster, one for Google syndication and one for Feedburner. It’s a browser plugin that gives warning pop-ups in the upper right corner. If the site has a lot of malware, it will give you a splash page telling you not to proceed.
No firefox support?
Not that it needs it as badly but come on…code faster
Yeah but will it force us in the middle of something to re-boot, stand on our heads and right mouse click all icons to work…?…
Catherine, the redhead
How to get pay about $70,000- $200,000
All you have to do is program anti-malware or security programs.
Like Google brought postini.
we need security companies soo bad
I guess I’m pretty much a nerd when it comes to my websurfing, but I haven’t gotten any “malware” in ages… Guess I’m not doing enough L. Lohan searches
Pretty sweet. I like the idea, though hopefully our anti-malware applications would provide the needed protection against these threats?
This is really sweet, Couple of hours ago my home machine had a message that we successfully downloaded and updated the security patch from microsoft and restarted the machine.
Vijay
Allen - ya, parsing would not work for all the reasons you point out. The install is really a kernel level driver so it resides low in Windows–low enough to catch root kits and the like and keep the latency unnoticeable. its hooks a number of processes and watches them for malicious behavior. more on how it works “here”.
Catherine- Unfortunately, the only way to ensure to ensure that the install is not compromised by malware is to start fresh, which requires a re-boot. A pain indeed, but necessary (but you don’t have to do it immediately). -Steve
Hey David M. — You’d think (or hope) your current anti virus/malware app would keep you safe while browsing but unfortunately they do not–really at all. “This article has a great explanation” The truth is that most have built businesses around removal. Unfortunately, removal is too late to protect you and that assumes it can be found, which today is a challenge. For instance, there is a root kit out right now that once its on your PC, the chances of finding it “are almost zero”. It was distributed through compromised web pages and ads to thousands of unsuspecting users. This is why we founded Haute–to prevent these attacks from affecting users.
and what is their business model since they sell nothing?
oops it blocked feedburner!
- create a loyal customer base and things happen / you dont have to sell something right out the door..
- that is so - brick and mortar thinking….
Unbeknownest to many of us, Feedburner is one among many sites being used by the bad guys to distribute malicious code to unsuspecting users who click on those links via feedburner feeds. Haute doesn’t block Feedburner, but it does warn you that this is going on and wil block the malicious links if clicked on.
This is cool, but removal has to be a part of any security solution. Proactive is only proactive once an exploit has occurred, has been identified, and a solution has been distributed. So, I would question a) how long is the turnaround time for a definition, or id of a threat to hit all users of this solution, and b) how many people can be affected during that time? Also, there is a lot of IP gray area with this solution….like tons.
Christian,
We don’t use signatures or definitions because of their shortcomings, which you enumerate very well. On top of that, you probably know some of the lastest rootkit technologies are virtually impossible to find and remove once they install. (like the Srizbi trojan currently circulating). Our solution is based on the premise that real-time prevention is the only way to stay safe from this new generation of attacks. We do this with behavior filtering down at the kernel api level. This is explained in greater detail in our forums in posts from our architects if you would like to learn more.
Hi Michael-san,
At TechCrunch Japanese site, translation of this entry including some wrong link and typos.
I wish you check that translation.