ViraLock takes a different approach to securing a users' email system from the ravages of viruses and other malware. Rather than prevent a virus infection, the software is designed to work with existing anti-virus applications and firewall systems to prevent a users' mailbox from being compromised by an executable of any type.
The idea behind ViraLock is relatively simple - encrypt a user's email addresses to prevent any naughties. In use, the software sits between a user or company's email client software and the mail server, encrypting email addresses in address books and email folders on incoming mail, and decrypting them for outgoing mail.
Messages sent using a mail client with the software installed have a footer saying "ViraLock. Zero Escape for Email Viruses" a message that cannot be changed unless you're running the full version.
Although the idea behind ViraLock is simple, its execution is quite complex, since it has to dovetail itself tightly with users' existing email environment. The software is available for controlled download on a 30-day trial basis on SentryBay's web site. Users must register their details in order to start the download. They will also receive a serial number which enables use of the trial version of the package.
During the installation, users must not open their email software, because of the way in which ViraLock encrypts the email software database. However, we found that, after following the web site's instructions to the letter, we had to open our email software during the software's installation process to read the trial serial number into the package - giving a potential 'catch 22' situation.
We also found ViraLock's installation routine thought that a copy of Microsoft Instant Messaging software (specifically MSNMSGR.EXE) was really a copy of Outlook Express and repeatedly asked us to close this application down. Since MSNMSGR.EXE is designed to operate automatically in the background on the PC, this was only possible by manually shutting the agent down using a CTRL/ ALT/DEL key routine under Windows XP. Had we known, the solution would have been to uninstall the Instant Messaging software prior to the installation of ViraLock.
All this is, of course, a reflection on the complex set of procedures that ViraLock has to undergo during installation. Basically the software has to be idiot-proof in order to prevent anyone's email software from being disabled due to a problems during the installation.
The installation routines were also expert-proof in that we could not bypass the installation error messages caused by MSNMSGR.EXE. Once the 2.2Mb self- executing download has installed, a process that can take up to a half an hour because of the databases that have to be encoded using 128-bit encryption, the program is ready to run.
Users must select a three-character or greater password to secure ViraLock, and there is also an aide memoir entry to help the forgetful users among us to remember their password.
ViraLock uses the simple approach of routing all email transmissions, both inbound and outbound, via its basic local host facility, which effectively adds an extra layer of handling for inbound and outbound email. For users running, say, Outlook Express into an SMTP/POP-3 accessible email service from their ISP, this is a relatively trivial change in their procedures, though a potential source of slower transmission. But provided that ViraLock is loaded alongside the mail client, the software works well, and it results in only a minimum delay on the actual email transmissions.
Can ViraLock be beaten by malware? The answer, we think, is yes, and especially by a virus such as Klez that uses direct MAPI technology to control a copy of MS-Outlook or Outlook Express. In fact, if ViraLock becomes popular, we fully expect to see malware that manipulates, or takes advantage of loopholes in, ViraLock itself.
It is important to realize here that ViraLock is only one building block in the arsenal of an IT security wall that companies and individuals must use against malware of all types. The software is not designed to be a standalone security application on a user's desktop or notebook PC. The program's author, Dave Waterson, has gone on record as saying he fully expects users to have anti-virus and firewall software also installed and working on their machines.
We expect many company users will install this software on their notebook machines, mainly because of the need to access the internet on a dialup basis while out and about. The big question is how long it will take before other IT security companies start including ViraLock- facilities on their anti-virus software.
Other popular anti-virus/IT security packages on the market for standalone users already include third-party POP-3 routing as standard, so it can only be matter of time before email address encryption arrives on such applications. Until it does, however, ViraLock cheaply plugs a very real gap in the wall required to protect PCs against the rising threat of malware.