Security Experts:

Terra Privacy Product Uses Dynamic Whitelisting to Block Attacks

Terra Privacy announced on Wednesday a new product that uses dynamic whitelisting to block malware and phishing attacks. A free beta version of the endpoint security product is available for testing.

Terra Privacy was founded by Michael Wood, the cryptographer who designed the REDOC II encryption system. The company’s latest product, Hacker Deterrent Pro, uses dynamically-generated whitelists to ensure that web browsers and other applications only communicate with the servers they are supposed to.

Hacker Deterrent Pro has three main features: Two-Factor Browsing, App Firewall, and DNS Shield.

Two-Factor Browsing ensures that the browser only communicates with trusted domains. To achieve this, the product creates a real-time transient whitelist that contains only the names of webpages opened by the user and the names of other sites from which content is pulled, while any other connection attempt is blocked.

This prevents browser-based threats from communicating with their command and control (C&C) servers, and it can also be used to block commercial trackers.

Traditional whitelisting can be impractical as users have to manually add each website. Hacker Deterrent aims to address this problem by creating transient whitelists that are empty when the web browser is first opened. Each time the user visits a website, that site is automatically added to the whitelist and removed from the whitelist when the page is closed.

This method can also be efficient against sophisticated phishing attacks as Hacker Deterrent Pro will block unauthorized domains even if they look legitimate. The vendor demonstrated its product’s capabilities by showing how it could block phishing sites that use a recently disclosed Unicode-based technique.

According to the company, the solution can also block non-browser Trojans that inject themselves into running processes by preventing them from communicating with domains other than ones belonging to the hijacked app’s developer. For example, the explorer.exe process, which is often targeted by malware, should only be allowed to communicate with Microsoft servers.

The app firewall initially blocks all applications from accessing the Web, and provides information about the app and the host it wants to connect to, allowing users to determine if the connection should be allowed.

The product’s DNS Shield allows users to select DNS servers based on their personal preferences, blocking ISPs from adding their own list of DNS servers. For instance, users can choose DNS servers that reject connections to IPs that are known to host malware.

The beta version of Hacker Deterrent Pro can be tested for free. The commercial version of the product, expected to become available in mid-July, will cost $39.99 per year per endpoint. The solution works on Windows PCs using the Chrome and Firefox web browser.

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.