Microsoft Tests a Secured Edge Browser For Business (techradar.com) 66
An anonymous reader writes: Microsoft is in the testing stage of a new feature in its Edge browser for Windows 10 that is malware-proof as it partitions the browser window from the rest of the computer. This will be a welcome addition for users who are worried about the legitimacy of sites they want to visit. The new feature, catchily dubbed Windows Defender Application Guard, is part of the recently launched Windows Insider Previews. In order to access it you'll need to be a member of Microsoft's business service Enterprise, and have your settings calibrated so you're in the testing group called Fast Ring. Application Guard works by creating a virtual PC that is entirely separate from all storage, other apps, and the Windows 10 Kernel, meaning that the browser should be completely impervious to malware.
Is it only me that reads this as (Score:5, Insightful)
"Microsoft attests Edge browser is insecure by nature" as it does try to develop a separate "secure one"?
Re: (Score:2)
That's the way I read it, too.
Re: Is it only me that reads this as (Score:1)
Re: (Score:2)
i read it as: "only enterprise customers can browse porn safely"
Re: (Score:2)
Re: (Score:2)
Edge-tanic (Score:1)
And we dub it Edge-tanic. Meanwhile, the rest of us wonder why only businesses get a malware proof browser.
Re: (Score:2)
yeah, no (Score:5, Funny)
Re: (Score:2, Funny)
What do you suggest?
Not visiting Haiti?
Re: (Score:3)
No, just bring your mistress instead of hiring prostitutes!
Re: (Score:3)
'That time I hired a call girl to do my taxes while I fucked my accountant' - McAfee
Re: (Score:1)
1st RULE: You do not talk to your wife about FUCK CLUB.
2nd RULE: You DO NOT talk to your wife about FUCK CLUB.
3rd RULE: If someone says "stop" or goes limp, taps out the fuck is over.
4th RULE: Only two guys to a fuck.
5th RULE: One fuck at a time.
6th RULE: No shirts, no shoes.
7th RULE: Fucks will go on as long as they have to.
8th RULE: If this is your first fuck at FUCK CLUB, you HAVE to fuck.
So in other words... (Score:3, Interesting)
It's a copy of Edge running in a virtual machine. How else would it be "separate from the kernel"?
Re:So in other words... (Score:5, Insightful)
Re: So in other words... (Score:1)
Re: (Score:1)
Re:So in other words... (Score:4, Insightful)
Well if you (and I know this is slashdot) RTFA...
"Application Guard works by creating a virtual PC that is entirely separate from all storage, other apps, and the Windows 10 Kernel, meaning that the browser should be completely impervious to malware."
Except.. .you still need to be able to download files and I presume those would be in shared spaces outside the VM and install web apps/plug-ins which have to be saved outside the VM too. (Presuming you destroy/recreate the VM if it gets corrupted as you'd still want to keep the apps, cookie settings, bookmarks, passwords etc between nuke and paves so they have to be stored outside the sandbox.) That's still the exact same security risk as browsers have now... they're just moving the access points.
Re: (Score:2)
Yup. Infecting the VM is just as bad, unless you want to sacrifice having any permanence of anything (settings included) in the browser.
Re: (Score:3)
https://www.qubes-os.org/video-tours/ [qubes-os.org]
It's almost like MS watched some of the videos...
Businesses don't need to download files (Score:2)
Re: (Score:2)
Look, but don't touch.
Sounds like you will only be able to work in the cloud.
Microsoft has just invented the Chromebook!
Re:So in other words... (Score:5, Funny)
Psychical machine?
A PC that is bat-shit crazy? One that can divine future events and talk to dead people?
Your ideas intrigue me and I would like to subscribe to your newsletter.
Riiight... (Score:3)
Because nobody has escaped a VM [wikipedia.org] before. It may be difficult, but to say "impossible" is only challenging the hackers of the world.
Re: (Score:3)
Still trying to force feed browsers... (Score:4, Insightful)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2, Insightful)
I'm not able to remove Safari from my iPhone. How is this different?
Re: (Score:1)
iOS doesn't have the vast majority of marketshare in mobile?
Re: (Score:1)
Cool story. Doesn't change the fact that Apple has no monopoly on mobile phone OSes.
Re: (Score:2)
MS never learns. they are still trying to force feed their browser and are probably going to get slapped by the EU commission and possibly a few others fro anti-trust violatios. Windows 10 S was a real interesting POS. "Get Windows 10 Professional to get default browser change ability".
Why? How can you violate anti-trust on a product with 0% market share?
"Challenge Accepted" (Score:3, Insightful)
Re: (Score:1)
"malware-proof"... What better challenge is there?
New business model (Score:2)
If you don't want to get owned like a poor end user by our insecure malware pay us more money and we'll give you a version that's secure.
Personally I think it's going to take more than adding another layer of indirection. https://en.wikipedia.org/wiki/... [wikipedia.org]
Firefox is on a better track using language imposed constraints (e.g. Rust) to improve security.
Re: (Score:2)
Malware Proof (Score:2)
Sounds like "Fool Proof", which I always wondered if it truly meant something was: 1) unassailable by fools, or 2) legal proof that there are, in fact, fools.
Re: (Score:1)
http://www.imdb.com/title/tt0562875/quotes [imdb.com]
"for Business"? (Score:2)
Strange market (Score:2)
Maybe the feature is "for users who are worried about the legitimacy of sites they want to visit" AND CLICK ANYWAYS?
Or maybe the summary is wrong, and it's really a feature for the security team, and not the user.
The problem with browsers and comanies... (Score:3)
is that there are too many software packages in use by organizations that require legacy support that won't work within many new browsers. My company has software that requires IE9 with outdated plugins that haven't been developed since 2003. It's the only software that the company makes avaivable to interface with their engines. And the same employees have requirements for newer versions of IE, Firefox or Chrome. Then there are the Java apps that won't run in Firefox or Chrome anymore even with the latest Java release installed.
It's a fricken nightmare anymore.
Re: (Score:2)
is that there are too many software packages in use by organizations that require legacy support that won't work within many new browsers. My company has software that requires IE9 with outdated plugins that haven't been developed since 2003
That rhetoric used to be true but not anymore. I hate to tell you, your company is the minority and it's becoming more of a minority every day [statcounter.com]. Several problems with your argument are IE9 runs on which version of Windows again? Oh the one that Microsoft doesn't support anymore. Sources:
http://www.directionsonmicroso... [directions...rosoft.com]
https://support.microsoft.com/... [microsoft.com]
I guess you hope you're on Windows 7 and have the extended support. For the rest of us, we're not in the dark ages anymore. It's 2017 for crying out
Now, if only they supported this in Windows Server (Score:2)
Windows Server and Windows IOT don't support Edge. Those releases only support Internet Explorer. So it is awesome that they are adding security, but can they please add it to all OS editions? It's silly that servers and small devices are still vulnerable.
Nothing is secure if everyone is inside the fence (Score:2)
Microsoft is in the testing stage of a new feature in its Edge browser for Windows 10 that is malware-proof as it partitions the browser window from the rest of the computer.
Whew! So nobody can see my info except Microsoft, Microsoft's computers back at the ranch, their official keystroke reporter, screen snapshotter reporter, and anybody who pays for Microsoft advertising, including government agencies.
Finally some security.
Great idea (Score:2)
This will work well, as long as you never access sensitive information through the web browser. Because nobody ever does that.