Another Grimes gripe concerned the reset button. Sandbox browsers have a reset button that the user can push if he suspects that the browser has been compromised. The button resets the browser to a clean state, often to a snapshot of the virtual browser before the Web session started. Of course, if the virtual browser is infected with something that can get to the operating system, the reset button option may be too late to protect you.

These reset buttons don't actually fully reset the browser; they leave some user settings alone, such as bookmark lists, between sessions. But ForceField's reset button kept resetting Grimes' home page. That's an annoyance compared to GreenBorder, which didn't actually reset its browser, so malware remained even after he triggered the reset button, Grimes recalls. "E-mail worms would start spamming other people on your network until you reset it -- and a reset wouldn't even get rid of it all."

Check Point fires back: a flawed test?

Check Point has been trying to replicate Grimes' ForceField test (and results) without success. "We're just not sure how the product was actually tested," says Jordy Berson, product manager of ZoneAlarm ForceField. "There are cases with ForceField where a threat is stopped -- it never hits the computer but is captured in the virtualized layer -- and it may appear to the tester that it's actually been successful."

Moreover, the sandbox browser was never meant to run on a system without patches, firewalls, or anti-virus software. ForceField simply adds another layer of protection and has never claimed to be full-proof, contends Berson. Indeed, Grimes' test didn't show whether or not ForceField could improve security of a fully patched system.

Sky King, product leader at ForceField, admits that the underlying virtual red-green computing model requires trade-offs. "We are virtualizing the core browser, but there are some exceptions you have to make for usability," he says. Users will want to download Web browser plug-ins like Beatnik, QuickTime, RealPlayer and Shockwave, as well as cookies and other software files, that need to tap into the computer's file system to be used regularly.

Here's how the trade-off works: ForceField's decision engine looks at every downloading file to determine whether the user solicited it. If the engine decides that the user solicited the file, it will likely allow the file to pass through the virtualization layer. "But if something comes down from the browser that the user has not solicited, then it goes straight to virtualization to die," Berson says.

For user-solicited files, ForceField offers some protection. When a user clicks a link to download a file, ForceField analyzes the file and runs it against a database of millions of good and bad applications. "If we detect it to be a known bad application, we'll warn the user to prevent it from crossing the virtualization layer," King says.

Grimes agrees that ForceField provides good value in these cases. "In my test, I found that a fully patched system prevented all attacks but didn't alert you about the attacks," he says. "[Sandbox browsers] at least alert you a lot of the time, just not perfectly."