COMODO Internet Security 5.3.174622.1216 Released!

it depends take a look to this:
https://forums.comodo.com/news-anno...-discussion-t67211.0.html;msg479335#msg479335

https://forums.comodo.com/news-anno...-discussion-t67211.0.html;msg484105#msg484105

 

There's no virtualization in the auto-"sandbox". It works like the Run Safer feature of Online Armor. Only the manual sandbox ("Always Sandbox" items or context menu) utilizes virtualization.

 

k thanks.

 

Oh sorry then

I just read the description of the help files HAHAHAHA

 

Where do you see this info?

There is only one setting for Sandbox Virtualization. It doesn't talk about auto or manual sandboxes.

From the D+ settings - Sandbox Settings:

Enable file system virtualization - The sandboxed applications are not permitted to modify the files in your 'real' file system. Enabling file system virtualization instructs the Sandbox to create a virtual file system in your system. The sandboxed applications write any data only into the created virtual file system, instead of affecting and potentially causing damage to your real file system. If you disable this option, the sandboxed applications may not function correctly because they are not able to create the entries that they need too.

There is only one checkbox there. Either it's on or not. It doesn't say anything about auto or manual sandboxes or differences.

 

I think he meant that when Comodo Sandboxes a process it actually only cuts rights or blocks the file rights. But when you add a program to the "Always Sandbox" feature it actually sandboxes the process in a virtual environment.

This is NOT my opinion, i'm just trying to explain what he meant to say.

 

But that's the point I'm making. As per their help system, everything running in the sandbox is running in a virtual system. That's what their help says that I quoted above as in "The sandboxed applications are not permitted to modify the files in your 'real' file system."

Hmmmm...

 

well the help file is correct about the ondemand sandbox, but it does simply work as a right limited environment for the auto one.

 

Can you show me where it says that? It doesn't say anything about on demand in what I quoted. Guess I'm looking for some proof and why would they do that?

 

probly just not specific enough, idk why they didnt say that specificly, but its not like everyone at this forum is just pullin it out of their ~ Snipped as per TOS ~, it has been proven by plenty and pretty sure it was said on comodo forum as well, but i rarely visit there so i dont have a thread or post for it. perhaps someone else can "prove" it to u

 

I would like to know too, just out of curiosity

 

Well, you can roll your eyes all you like, but you are making statements with no proof, so if you have proof, great, otherwise, how are we supposed to believe what you say?

You can't just say things and expect people to take it for the truth. Show me the money...

 

I also read it somewhere on the Comodo forum.

The on demand sandbox is like a real sandbox with virtualisation but the auto sandbox is like the application control of KIS, it restricts access rights. This is why the Cmodo auto sandbox allows dropped files on the system in some cases.

Thanks

 

Well, I'm not saying I don't believe you, but I have yet to see proof of this. Please, if there is some documentation or something somewhere, I would like to see it, because it doesn't make sense. Why have two different sandbox styles?

 

Hmm.....virtualisation is not activated in the auto sandbox for compatibility reasons. As you know Comodo sandboxes every unknown files, so if virutalisation is used this might cause problems to the average users.

Found it.

https://forums.comodo.com/defense-s...onstruction-t61169.0.html;msg430226#msg430226

 

Thanks for the proof finally. I'm reading it over right now, but still not sure why they make it different quite frankly.

 

Because CIS's central feature and strength is it's HIPS and though they keep trying to augment this with various kinds & combinations of additional techniques & features in the quest for "usability", they are still struggling to match the intelligence, balance and poise of their most accomplished competitors.

 

So who is more accomplished and does AV, HIPS, Firewall and Sandbox better, in a free product?

 

I want to take a guess......but the answer is obvious..

 

Well spoken, Vladimyr.

 

Could you tell me where is the intelligence in the competitors if none of them is using the a sandbox and HIPS how Comodo is doing it?

Comodo is an HIPS, sandbox, local av, cloud av, cloud BB, firewall, and soon also a local BB and, a cloud "virus total", while many of the competitors just have an AV with a BB and maybe a cloud.

I would like to see the others "accomplished competitors" would use their intelligence to provide the same level of protection that Comodo is providing. For now only avast will try to do it with Avast 6, we will see the result.

I would say that their competitors are simple (many of them), they can have better/worse AV's or other technologies and therefore better/worse detection (not protection) but this has nothing to do with the intelligence, it's about how simple is the development is each product


BB= behaviour blocker.

 

cause for many it is simply overkill and unecessary, people dont want to have to deal with all that, particularly the HIPS part. *

 

"overkill and unecessary" you mean independent and not overlap layers of protection?
*
Now is the HIPS? don't you know that the HIPS does not produce popups anymore?

 

is elaboration really necessary? its quite obvious that im saying having all those modules is overkill, and many of it really is not necessary, particularly a classical HIPS.