Feeds

back to article HP loads PC with nonexistent web browser

HP is now offering desktop PCs with virtual web browsers. Today, the hardware maker unleashed the HP Compaq dc7900, a business desktop with a version of Firefox that isn't really there. Developed in tandem with Symantec, the Firefox for HP Virtual Solutions browser operates in a runtime netherworld that's separate from the rest …

COMMENTS

This topic is closed for new posts.
Pirate

This says something about HP's confidence in Firefox

"SVS [...] virtualizes individual applications, installing them in packages that remain separate from a machine's registry."

SVS seems to reinvent what user accounts already do on Windows. At least, what non-admin accounts already do on Windows, that is, isolate the app from the operating system itself. Even the Explorer shell and IE are isolated from the OS in this manner. Want new settings? Log on with a different non-admin account.

HP is telling me here that they don't trust Firefox to play nicely. Or they're assuming that their users are going to run Firefix (sic, heh heh) as admin. This might be a valid assumption, but it's still the wrong solution to it.

0
0
Ed

But really...

But really, this is a problem with the OS that's just being solved like this. The OS should be responsible for ensuring that browsers (and other apps) aren't able to access things they shouldn't...

0
0
Thumb Up

This is wicked!!

Guess I'm the first person to state what a bloody great idea I think this is!!

Wonder if I'm overreaching by suggesting that this could very well spell the death of malware?

Sounds promising...

0
0
wsm
Joke

Registry

Separate from a machine's registry? As if it didn't need one to run an application? What kind of operating system could do that?

0
0

Well done HP...

... for trying to solve some of the shortcomings of the OS.

0
0
Gates Halo

Hasn't this been done before?

Sounds similar to Softricity to me :)

0
0
Coat

Re:This says something about HP's confidence in Firefox

Actually it says a lot about HP (and any admin) confidence in Windows user accounts. I agree - the functionality offered by SVS should be a part of the base OS. However, as we all know it is there only on paper. In reality, MSFT has continuously failed to deliver.

0
0
Thumb Up

Title

Surely this is the sort of security that should have been present from genesis?

The fact that applications can litter every part of my system, linger after uninstalls, alter the registry and system folders is wrong.

They should all be contained within one directory alone per program, and easily reset and removed.

i welcome etc.

0
0
Thumb Up

it's ok but...

It's ok as a concept but I have a number of criticisms of SVS

Firstly that version of Firefox is 1.5. So we're running a slow and obsolete browser in a virtual sandbox. Presumably that won't be running particularly quickly then...

Secondly, technology like this should be open source. Something as useful as SVS would benefit from being developed by a large community rather than a small firm - so that bugs can be ironed out asap, so that exploits and vulnerabilities can be detected and fixed asap. Closed source we only have their word for it that the application is running in a sandbox...

Thirdly it appears to be the case that you can only use applications that have been pre-packaged for the SVS - it doesn't seem to be possible for example to install an SVS container then install Microsoft Office into that container. This would be useful as MS Office is so vulnerable to attack that it would surely benefit from being installed in as tight an environment as possible - especially one which can be reverted back to original state when bad things start to happen as they invariably do.

Still it's a brilliant idea and hopefully as others have said will spell the beginning of the end for certain types of malware

0
0
Silver badge
Coat

Sound familier to UNIXers?

Hey, guess what. HP have just re-invented the chrooted environment.

We've been doing this in UNIX land for 30+ years.

Nothing is really new nowadays. Especially my coat!

0
0
Thumb Down

@DrewHew

"this could very well spell the death of malware?" ... not while IE exists in a windows environment, full stop.

This is fixing the symptom not the cause, poor system security patched by running a virtualised sandbox. Did they get this idea from the iPod 'jailbreak' concept perhaps.

0
0
Silver badge
Paris Hilton

I think this is a great idea

This sounds great to me for one reason - admin access. Have a program that refuses to work without admin access? No problem, user logs on with their own limited credentials and the admin access program runs riot quite happy in its own sandbox.

Paris, her sandbox often runs riot.

0
0
Flame

Sounds familiar

This just sounds like a chroot, something unix systems have had and taken for granted for years...

Why is windows always last to get features that were basic and standard in any other os? and even then often implemented by a third party...

0
0
Flame

At last

...some real protection for the PC. The OS has been so piss poor in the past at protecting the PC (except in the early days). I guess the fact that all these stupid modern browsing features that allow access to plug-ins and worse still, write to files is the real problem. Lets hope HP open sources it so we can all benefit.

0
0

Firefox is great, turfers are shite

"HP is telling me here that they don't trust Firefox to play nicely. "

If Internet Explorer is safer then why didn't HP offer Internet Explorer as their safe solution? Your logic is of the same quality as the logic used to design Internet Explorer, take that how you will. :)

0
0
Stop

Thinstall

Thinstall have been doing this for years... and Symantec/HP think it's news? App virtualisation arrived a long time ago. Get with the program, HP.

0
0
Anonymous Coward

not a particularly new concept.

One of my friends, who ran a cyber cafe, used to have everything running in a virtual machine. No matter what was done to them by the customers, they would revert back to a pristine state every time they were restarted.

0
0
Anonymous Coward

excellent

sandbox apps are going to be the shape of things to come

web based apps were always going to be a non starter for the simple reason that it gave no consumer advantage, sandboxing however, particularly connected apps. now this has real potential

punctuation? no thanks!

0
0
Paris Hilton

..and everything under the sun

Not new- some existing implementations are:

http://www.sandboxie.com/

http://www.trustware.com/

doesn't mean it's not a good idea, though :)

0
0
Go

Sounds good to me.

Sounds good to me. Well done HP for making up for MS's shortcomings.

I agree with Ed that the OS should be protecting itself from the user, but the average home Windows user runs as administrator anyway and even restricted Windows users seem to be able to install things they shouldn't (my old man managed to install a questionable dial up connection from his restricted XP account!)

I've not used SVS but have used OS virtualisation products and the only thing I'd be worried about is if the virtual app was running a lot slower than the 'native' version and hogging excessive memory.

0
0
Thumb Down

Sandboxie

I've been using www.sandboxie.com to do this sort of thing for ages.

0
0
Silver badge
Happy

RE: Gordon Fecyk

Agreed, this is the lazy answer which tech people will laugh and point at. But, you are forgetting that many of the HP "corporate PCs" end up being sold to smaller businesses and the public via such websites as Amazon and DABS. And most of those small businesses and private users don't have a clue about M$ security. I have seen small businesses with a dozen desktops/laptops, no central fileservers so no centralised management, and everyone their own XP login as an administrator account. For companies like those, anything that automates or adds security without requiring an invetsment in time and resource in learning better techniques is a boon. Susprised that Symantec/Mozilla let HP use it as an exclusive but then it has given it some nice publicity.

0
1
Silver badge

So the main trick is virtualisation of the registry?

Have I understood that correctly? If so then it sounds like a neat trick (I guess it amounts to running one user's applications on another's desktop?), but a bit Windows specific. Would a similar approach be useful on OS X or whatever, or is it mostly to address the manifold issues with the Windows registry?

0
0
Anonymous Coward

@Gordon Fecyk

"SVS seems to reinvent what user accounts already do on Windows. At least, what non-admin accounts already do on Windows, that is, isolate the app from the operating system itself. Even the Explorer shell and IE are isolated from the OS in this manner. "

You seem to be missing the point somewhat. If your HKCU hive is fooked then it's not just one app that's fooked, potentially it could be all your apps. The solution to this could be deleting the whole user profile, and then restoring all the bits you need to keep. Hardly something your average end user would want to do frequently.

"Want new settings? Log on with a different non-admin account." Great solution. Your average non technical user will be perfectly happy setting up multiple user accounts and switching between them at will, while still managing to share things like the My Documents folder between these accounts.

It's not a flawless solution, however it does go some way to addresses the problems inherent in Windows and it's horrible, horrible, horrible registry.

0
0
Anonymous Coward

Admin rights...

As already mentioned, this is a job for admin rights.

Even though, I run in Admin all the time using windows, too much hassle to mess around every time I need something, and at the end of the day, reinstalling a machine (I got better options for that, cloning) takes very little time.

Will this help us when checking them dodgy downloads? (virtual box, its free)

0
0
Bronze badge
Thumb Down

Non-existent?

It sounds funny, but your categarisation of virtualised applications and machines as non-existent is a bit of a misnomer surely? Since ALL software is really just bits of data in transit, running those in a virtual layer instead of within the host operating system isn't really fundamentally changing their state of existence is it??

0
0
Flame

News?

Perhaps the headline should be 'large company copies some software which has been around for ages'

I've been using a program called Sandboxie for a while now which does exactly the same. You can run any app you want in a sand box & it can only read files from your hard drive. All new files which are written go in to the sand box. If you want to keep a file you have to go in to the sand box and move it out yourself.

So Symantec have finally copied it & HP are installing it as standard on a new laptop, whoop-de-do. I bet like all toher Symantec crap it's bloated & slow to run.

0
0
Linux

Spin spin spin!!!!

An application in a sandbox? that would be local application streaming then. Hardly news is it? Nice work by the marketing department though

0
0
Coat

Can we combine it with the Dell offer?

Can we mebby not get Firefox but in Spanish for only 0.01euro?

0
0
Linux

For Windows Only !

For other OS's: not required.

0
0
Thumb Up

need a consumer version now

as a user of norton 360 2.0 they need to create a module for the home pc that would be great!!

0
0
Flame

Perfect for an Anti-MS dig!

Right lets get this in before anyelse.

"Why did they pick FF? Oh yes, the source is available to POC this little idea, unlike closed source IIE!"

Fantastic idea, sounds like a great way to stop little Johnny from click-click-clicking Mum and Dad's PC into malware oblivion. Of course they could run Linux/MAC to stop it in it's tracks....

0
0
Thumb Up

This is wicked!! 2.0

I agree with DrewHew, this seems like a very sound idea. I am not uber-tech so I may not be following this correctly, but this must mean that all the Web 2.0 crap shiny nothingness so beloved of FBook and it's kin can run safely. I for one welcome our crap shiny nothingy overlords so long as they don't screw us from behind with malware et al and reduce browsing speed to a crawl.

0
0
stu
Bronze badge

thinstall

title says it all. owned by vmware now. I use it all the time for the same reason and/or portability of apps.

stu

0
0

sandbox

HP engineers finally let world+dog know where they kept their heads while sandboxie got up to release 3.30.

Yeah, you got it. In the sandbox.

On the other hand, since it's already been available for a while, there are ample margins for early birds to be granted a patent for it by USPTO.

0
0

So basically....

It's running in a chroot..... so whats new about that? You could also single serve the app from an isolated RDP/Citrix/SeamlessRDP/X11 server and just have it auto-format every night.

You could run your workstations on live CDs....or heaven forbid...thin clients!

0
0
Anonymous Coward

@ DrewHew

Yes, you are. As long as stupid people are allowed to use computers, there will be malware, viruses and phishing.

0
0

Is it not the same as

just using Portable Firefox on a USB Stick? Or even using Portable Firefox in a Folder on a PC?

Maybe I am just missing something

0
0
Tom
Silver badge

This is revolutionary!

Wait a sec! ...

man 4 jail

0
0

I too use Sandboxie

And I have had about 2 dozen of my users and clients using it without major incident for about 3 months. What I particularly like about it is the configurability (like being able to give access rights selectively to trusted programs) and the option to run ANY program inside the sandbox - which means you can test for nasty side effects before it screws up your system.

Only last night, ferinstance, I used it to test what RealPlayer 11 wanted to install on my system before I let it do so for real. (Answer: 1217 files in about 100 new locations, most of which were utterly unnecessary)

0
0
Pirate

So now we know what it takes

... to fix the problems of the Windows registry. What a engineering disaster that thing is. Somebody had one good idea and then implemented it just as poorly as they possibly could.

0
0
This topic is closed for new posts.