Thanks a lot for your information, that already clarifies a lot about how Containment can be used.
Regarding registering Keystrokes, I assume that a contained application which is using standard API calls to read the keyboard will still work and that low-level Keyloggers are blocked from reading the Keyboard directly,
Regarding the Clipboard usage, I guess that multiple applications can be run in Containment at the same time (correct me if I’m wrong) and the clipboard (copy) function will work between the contained applications but the Clipboard (copy) function will not work between any Contained application and the host system, am I correct?
About the Restriction Levels, I understand that depending on the Level this can have an impact on how an installer or application behaves inside containment and that their functionality can be affected.
As for Services and Drivers, good to know that these can be installed in containment and be run in containment and that even after a reboot these contained services/drivers still continue to work, that’s really a great feature!
Reset The Container, that function is similar to other Sandbox products so that I’m familiar with.
I already found out that containment stores the virtual file system in "C:\VTRoot". The naming of the sub-directories (if you have multiple partitions on the HD) is something to get used to. The sub-directories are named “HarddiskVolumex” (x being the volume number starting from 0 for drive C:) instead of just using the drive letter assigned by the OS as a name for a sub-directory.
When an application is running in containment and that application makes changes to the virtual Registry (create/modify/delete keys) where are these modifications then stored?
Are those virtual Registry changes kept in RAM or also stored in a file in "C:\VTRoot"? (I didn’t checked that yet).
About the Shared Space (or non-virtualized directories) danger, when an application which is running in containment creates a child executable in the Shared Space (or in any other non-virtualized directory) and starts/runs that child executable from that location then that child executable is potentially able to access the host. If this is correct then this is something to pay attention to.
About Virtual Desktop and Secure Shopping, I have read the manual but to me all these features, compared to Containment, look more or less the same with respect to how they protect your data and the host system. For my better understanding I have a some questions.
- Do these features add extra protection layers to Containment or are these features based on another principle (apart from Containment)?
- If they are based on Containment and add extra protection to it what are these protections?
For example, what would be the difference between running a browser in containment and on the Virtual Desktop and in Secure Shopping?
An additional question, suppose one is using an email client and that email client normally stores all its received and sent emails in a local file on the HD. That file is text based and a malicious application could read its content. Could one of the Comodo features be used to protect or prevent this file from being read by malicious applications whether or not the email client is running? (And without losing the file content when the content is changed by the email client of course).
Thanks a lot.