Abstract: Described herein is a technique of protecting users against certain types of Internet attacks. The technique involves obtaining certificates from visited web sites and qualifying communications with those web sites based on the content of the certificates.

Abstract: Described herein is a technique of protecting users against certain types of Internet attacks. The technique involves obtaining certificates from visited web sites and qualifying communications with those web sites based on the content of the certificates.

Abstract: A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.

Abstract: In one implementation, form field(s) of a form of a website or application are populated with data obtained using a digital identity, and the populated form field(s) are submitted to the website or application. A form field specification specifying information about the form fields of the form is obtained. A user selects or creates a digital identity. Data is obtained using the digital identity, and the data is used to provide values to the form. The data is submitted to the website or application. In another implementation, a username and password are automatically generated. The username and password that are generated meet parameters that may be specified by the website or application. The username and password are submitted to the website or application for a purpose such as registration or authentication, and stored away for future authentication.

Abstract: A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.

Abstract: A method and system for determining whether to allow a network browser action when a transition occurs between security zones as a result of the action is provided. Gaining access to a local machine zone may be a goal for unauthorized entities attempting to improperly access a user's content. The present invention therefore may be initiated to block transitions from the security zones with stricter security restrictions to zones with less security restrictions. In addition, a selected alternative may be commenced depending on the relative weight of the security zones involved the zone transition. Depending on the relative weight of security zones, the transition between zones may be allowed, prevented, or the user may be prompted to decide whether to allow or prevent the action that results in the zone transition.

Abstract: The present invention improves the stability of a Web browser by identifying plug-in modules that cause failures. Data in memory at the time of a failure is analyzed, and a failure signature is generated. The failure signature is compared to a database of known failure signatures so that the source of the failure may be identified. If a plug-in module to a Web browser is identified as the source of a failure, options are presented to the user who may update the plug-in module with code that does not produce a failure or disable the plug-in module altogether.

Abstract: The present invention improves the stability of a Web browser by identifying plug-in modules that cause failures. Data in memory at the time of a failure is analyzed and a failure signature is generated. The failure signature is compared to a database of known failure signatures so that the source of the failure may be identified. If a plug-in module to a Web browser is identified as the source of a failure, options are presented to the user who may update the plug-in module with code that does not produce a failure or disable the plug-in module altogether.

Abstract: The present invention provides a method and system for providing a security element that is directed at inhibiting malicious activity by displaying a browser window in such a way that the user can trust and know the source of the window. Additional information and ornamentation is displayed on the window to help ensure that an end user is not confused or misled (“spoofed”) into believing that the window originates from a trusted source. When a call is made to open a browser window, the status bar is displayed by default. The status bar provides additional information, such as the security zone, to the user to help the user in determining the source of the content. The security zone informs the user the location from where the content is originating. This additional information helps to ensure that the user has the necessary information on whether or not to trust the source.

Abstract: The present invention is generally directed to improving the stability of computing devices by identifying plug-in modules and other programs that cause failures. More specifically, the present invention provides a method that traces program execution from an instruction that ultimately generated a failure to a code library that caused the failure generating instruction to be executed. The method traces execution of the computing device by obtaining the contents of memory at the time of the failure and traversing the stack data structure that stores data items necessary to execute function calls.

Abstract: An integrated program lookup browser provides an integrated system with an online program lookup web service that assists the user in finding these unrecognized files, protocols and web page objects by allowing the user to perform a program lookup on a web service that can search one or more databases and return the URL to download the appropriate application or protocol or return the actual program or protocol.

Abstract: Security identifiers are analyzed to mitigate the use of misleading characters. In some embodiments, a language-based character set determination is utilized and looks for characters that are different from those that a user and/or the user's system would expect to see.

Abstract: Various embodiments provide protection against web resources associated with one or more undesirable activities. In at least some embodiments, a method detects and responds to a user-initiated activity on a computing device. Responding can include, by way of example and not limitation, checking locally, on the computing device, whether a web resource that is associated with the user-initiated activity has been identified as being associated with a safe site. Furthermore, in at least some embodiments, the method checks remotely, away from the computing device, whether the web resource is identified as being at least possibly associated with one or more undesirable activities.

Abstract: Tools are described that notify a user of a security risk in a network browser. The tools can determine that a security setting of a network browser poses a security risk and notify the user of this risk. In some situations the tools also enable a user to reduce the security risk with a single user action. This single user action can alter one or multiple security settings responsible for the security risk.

Abstract: In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system's computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.

Abstract: In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system's computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.

Abstract: Described herein is a technique of protecting users against certain types of Internet attacks. The technique involves obtaining certificates from visited web sites and qualifying communications with those web sites based on the content of the certificates.

Abstract: A method and system for preservation of browser window integrity is disclosed. The position and size of script-created windows is adjusted as necessary to preserve critical data on the computer screen prior to rendering those windows. Popup windows are similarly adjusted so that window integrity is preserved. Popup window size is adjusted to be smaller than the vertical size of the popup's parent window. Popup window position is modified so that popups do not extend above the top, or below the bottom, of their parent window. Finally, the popup position in the z dimension is adjusted so that the popup appears immediately above its parent window.

Abstract: A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.

Abstract: The present invention is generally directed to improving the stability of computing devices by identifying plug-in modules and other programs that cause failures. More specifically, the present invention provides a method that traces program execution from an instruction that ultimately generated a failure to a code library that caused the failure generating instruction to be executed. The method traces execution of the computing device by obtaining the contents of memory at the time of the failure and traversing the stack data structure that stores data items necessary to execute function calls.