Thank you for reply Melih,
Sure you should not reveal secrets. Mentioning technical details was not about that
But there is an existing technology you build upon. That is a MS Patch Guard and nothing we can do about it (currently) that brings problems for x64.
For 32bit you can do differently and it is proven to be quite solid despite not 100% (as usual) but close. Nothing like that is in x64 regarding SandBoxing and its reliability
But fine, you know what you are doing.
At the same time, you are talking about integration. From what we know now that is not what you wrote : “an option to use just the firewall on its own"
If that is the option similar to “No AV” during installation... but...
I don't want SandBox's slider and options inside. I don't want Firewall upgrades /reinstallations when something is changed for many reasons to come when SandBox's functionality being fixed / patched / improved ... etc.
Running unknown applications sandboxed by default? Good. Relying on Trusted vendors list / added trusted applications? signed application ...etc. Fine again.
But may I ask why for example we cannot have a component that is the “Apps List handler”?
Its function(s) is just managing such list and serve any other existing or newly developed components
That could be very helpful even by its own.
check any files whether they are signed or not (as with other Tools available);
see what vendors Comodo is supplying as Trusted;
Edit that list
many other things can be done irrespectively to the use of other parts of a Suite
As a component it has its Private Properties and Methods and there are the Public ones.
Then AV / Firewall /Sandbox (standalone) or anything else, as a matter of fact, that you may develop in the future can request information and exchange information using their methods and properties with that “Global List Object”.
The list of trusted is not an entity belonging to Firewall / AV or Sandbox per se. Any of the latter components just asking: “GiveItToMe” and the “DisplayIt” method will show it.
User have changed / set something in different Components regarding the Applications : “JustSendThat” - changes are done in the global list by the global list's methods.
Sure, that is a simplified example, but I hope you understand what I mean.
In this case I can indeed switch off anything I want completely and there is no difference in functionality of those components I am currently using, because there is no communication channels.
Needless to say, if you build everything around and based on such conceptual thing as applications known/trusted and unknown, and so on... I cannot and should not “switch off” that(!) module or object .
The integration this way is achieved, from outside, so to speak, but not by artificially integrating from “inside” as far as I can see it currently.
I honestly cannot see how such approach and running satandalone Sandbox can stand on the way of auto-sandboxing of unknown application as you pointed in #3
I wholeheartedly agree that everytime you introduce something new, you are running the danger of having issues. But we can't stop progress. We have to continue to innovate. I hope you can understand our situation.
I do understand the situation. You will continue to innovate. The progress is unstoppable indeed
...but my point was - different and more modular (object oriented) approach will dramatically decrease “dangers and issues” That is proven fact.
Well, if I am mistaken I will be just glad to know that and I'll stand corrected, if not there is no drama – I definitely cannot not make you change your mind, but I know another firewall and another SandBox (if I need) that are working as standalones
... despite I want to use Comodo Firewall with many improvements from the existing Wish List... but that probably will never happen unfortunately because developers are too involved and don't have time for that.
Thanks again for your time