CIS V6 Help bug reports and errors.

Comodo Internet Security Version 6.0 Help
Please note: This is for reporting bugs or errors with the online Help, not for program errors or feedback.

Please give as much information as you can about the bug or error and also the location.
Post links to the location or insert quotes highlighting the issue.
Highlight spelling/grammer errors or broken links.
Note: Some unfilled sections still require editing, these are not errors.
Thanks for your time.

For General discussion about V6 Help, please use the following link.
Feedback/Discussion for CIS V6 Help

Advanced Tasks – An Introduction/Advanced Settings/Security Settings/Manage File Rating-Unrecognized Files

“If no information is available, it will be indicated. You can submit the file to Comodo for analysis”
In the screenshot we see a file that is “? Unknown” but not “! Unknown”
So file has already been submitted …
They should change with A NEW UNKNOWN FILE.

There are still some screenshots of V5 , not V6

Probable mistake in default access restriction level noted by a user here: here.

Sandbox Tasks – An Introduction

Comodo Internet Security features a fully functional Sandbox - a virtual operating environment for running unknown, untrusted and suspicious applications. Applications executed inside the sandbox will not affect other processes, programs or data on your real computer. If configured in behavior blocker settings, all files and programs not recognized by Comodo will be automatically run in the sandbox. In addition to running suspicious applications inside the sandbox on an ad-hoc basis, you can create a specific list of programs that should always run in the sandbox.
This is only possible via a registry hack currently.

Sandbox Tasks – An Introduction

Applications in the sandbox are executed under a carefully selected set of privileges and write to a virtual file system and registry instead of the real system. This delivers the smoothest user experience possible by allowing unknown applications to run and operate as they normally would while denying them the potential to cause lasting damage.
This is the right way to define the sandbox I think but....
If the hash is not on the latest black-list or white-list then it remains as 'unrecognized'. CIS simultaneously takes two distinct but complementary actions -
    (1) It will run the unrecognized file in the local Sandbox so that it cannot access important operating system files or damage your computer, and

   2) It will leverage Comodo's Cloud Scanning technology to determine whether the file behaves in a malicious fashion.</blockquote>

This text has not been updated to reflect the idea that sandboxing=virtualisation. By default the unrec file will be BB’d not sandboxed. There are many other places on this page which also need updating. Probably this page needs relocating, maybe under file rating, and the default position (BBing) and option, via a registry hack of sandboxing explained.


There is one image, there should be two, one for sandboxing, one for BB’ing. Or maybe this is a program bug and there is only one notification.

Automatically sandboxed applications are run with 'Partially Limited' restrictions. More detail: Sandboxed applications are allowed to run under a specific set of conditions or privileges. In CIS, these are known as 'Restriction Levels'. There are four levels - Partially Limited, Limited, Restricted and Untrusted ('Partially Limited' is the default level for applications that are automatically placed in the sandbox). In part, sandbox restriction levels are implemented by enforcing or relaxing the native access rights that Windows can grant to an application. For example, the 'Limited' setting applies some of the supported operating system restrictions and grants it access rights similar to if the application was run under a non-admin user account. These restriction levels are fortified with certain Defense + restrictions that apply to all sandboxed applications (for example, they cannot key log or screen grab, set windows hooks, access protected COM interfaces or access non-sandboxed applications in memory. If the user enables virtualization, then sandboxed apps. can't modify registry keys or modify existing protected files either).
1. Now there is a virtualised level 2. Why is the example 'limited' when the default is 'partially limited'? 3. Sandboxed word is used to mean BB'd and/or sandboxed 4. Cannot log or screen grab, cannot access COM interfaces. This is no longer true. Actually now complex rules apply. 5. Can't modify registry keys or modify existing protected files. This is true for BB as well as virtulaisation. Exactly what happens in each case needs explaining.
Automatically sandboxed applications cannot be viewed or modified in the interface. Applications that were automatically sandboxed can only be removed if they become recognized as 'safe' by CIS (see conditions above).
Sorry don't understand what this means. Also is it true?
Sandbox - Other notes
Applications can be placed in the sandbox automatically by CIS or by adding the files to Sandbox. Users also have the option to run an application in the sandbox on a 'one-off' basis.
In addition to the Sandbox restriction level set for an application, Defense + also implements the following restrictions. A sandboxed application cannot:

    Access non-sandboxed applications in memory

    Access protected COM interfaces

    Key log or screen capture

    Set windows hooks

    Modify protected registry keys (if virtualization is enabled)

    Modify EXISTING protected file (if virtualization is enabled).</blockquote>

Essentially same misunderstandings indicated above.

The Virtual Kiosk is a sandboxed operating system inside of which you can run programs and browse the Internet without fear that those activities will damage your real computer. Applications running in the kiosk also leave no cookies or history behind on your real system, making it an extremely secure environment for Internet banking and online shopping

Sorry to have to say this but IMHO the VK really is not yet suitable for this purpose without special setup and user discipline. Please see the discussions regarding the possibility of malware infection and information leakage over the internet. Please also note there is no secure password manager, no default browser over-ride, no good way of disabling IE.

IMHO leaving cookies, history etc behind etc is not generally a problem with banking for most users, unless you are carrying out financial operations you are trying to hide I suppose. The main problems are phishing and password theft etc. How does the Kiosk help there? Secure DNS is a start, but IE is there as well and may or may not be set to use it. The keyboard is positive of course, but I’m not sure it adds up to enough to justify the claim.

It’s probably most suitable for trying out risky software and risky sites. Maybe that should be given as the example instead?

Quite a lot of this page is incorrect unless the behavior of the Kiosk is set to change in the next version. To run apps virtualised in the Kiosk you must not run them from the shared space. Apps run from the shared space run non-virtualised.

There are a number of ways to run things virtualised in the Kiosk. Please see my introduction to the 6.0 sandbox for details.

(All comments and corrections on that welcome too :slight_smile: )

I’m not sure but I think the notion that you can double click on data files in the shared space to run them virtualised is incorrect too. Not sure file associations are working. But maybe you know this has been fixed.

People are going to want to change their KIosk start menu. If there is a way to do this please include it here.

It would be good if this section could warn people that all processes are terminated when you exit the KIosk, and all data which is unsaved will be lost.

If you want to run the same application inside sandbox often then select the checkbox 'Create a virtual desktop shortcut' and click 'Choose and Run' to navigate to the program.
This should probably say 'If you want to run this application in future sandboxed, but from the KIosk'
Browse to the application and click 'Open'. In the example above, Open Office Writer is chosen.

Alternatively, you can run an application inside the sandbox by the following shortcut methods:

By dragging-and-dropping the application on to CIS Home screen

From the context sensitive menu

Running browsers inside sandbox</blockquote>

Also by starting it in the Kiosk, though not a shortcut method, probably worth mentioning else people get the idea Kiosk and sandbox are separate things.

http://help.comodo.com/topic-72-1-451-4740-Configure-the-Sandbox.html

Because the sandbox is effectively an 'operating system within an operating system'
This is not really true, though I understand why you say it. A VMware VM is an OS within an OS, CIS is more like a) Sandboxie who use the analogy of a layer of tracing paper over the OS, plus b) a limited functionality desktop launchpad - mainly shortcuts.

http://help.comodo.com/topic-72-1-451-4740-Configure-the-Sandbox.html

Shared Space Settings - By default, sandboxed applications are not allowed to access folders and files on your 'real' system. However, you can define exceptions to this rule in the 'Shared Space' area.
This is not true I think, unless the functionality has changed. Virtualsed apps can access data outside the sandbox, but they cannot modify or delete the original files, instead if they try, a modified copy of the file is created inside the sandbox, or (in the case of deletions) the sandbox stops showing the file, I guess.

The shared area has two main purposes:

  1. Exempting applications stored in it from sandboxing
  2. Exempting data files stored in it from sandboxing.

By default one share areas exists, but you can create more on this page.

The items accumulated on a long term usage will clog the sandbox and reduce its efficiency.
I doubt this is the main reason for doing this, though obviously the user's disk could get full.

Depending on the reason people are using the sandbox, they will probably want to reset it to delete a) malware b) private data. As the sandbox is currently designed people will probably normally want to reset on exit for secuirity reasons. (When multiple sandboxes are introduced this may be less true)

This section probably needs to point out all settings made while apps are sandboxed, and all aps installed sandboxed will be deleted as well as all data stored or changed while running sandboxed.

Also probably that the files deleted are not over-written, so anyone wit an undelete tool can access them.