There are emerging vendors who offer a hardened web browser that only allows the user to access certain pre-vetted web sites. The one I saw demo'd today is based on the Mozilla code base. The UI looks like a stripped-down Firefox. While it's running all other Windows programs (inc. any key loggers or other malware) are more or less suspended. Only SSL communication is allowed. The browser also uses a private DNS server to avoid DNS poisoning and a signed URL list to avoid bookmark poisoning.
Sounds kind of like Safe Browsing?
>Michael McCormick, CISSP
>Lead Architect, Information Security Technology
>Wells Fargo Bank
>255 Second Avenue South
>MAC N9301-01J
>Minneapolis MN 55479
>*>> 612-667-9227 (desk) * 612-667-7037 (fax)
>( 612-590-1437 (cell) :-) michael.mccormick@wellsfargo.com (AIM)
>* 612-621-1318 (pager) * michael.mccormick@wellsfargo.com
>
>“THESE OPINIONS ARE STRICTLY MY OWN AND NOT NECESSARILY THOSE OF WELLS FARGO"
>This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.
>