I’m not so sure about these on-line installers. Sure they can save some time by not downloading things you’re not intended to install anyway, but from my personal experience I have to say that these on-line installers often DO NOT work as they are supposted to. I recall that many of these online installers refuse to work on my computer claiming that there is SOME error and installer needs to exit, BUT off-line installer of the same software (exactly the same version) worked flawlessly. So if Comodo chose to provide on-line installer for they products, they definitelly should provide off-line installer as well.
Would it be possible/feasible to use a form of CDS combined with Threatcast and OTHER to create a sort of virtualized installation specific sandbox?
My thinking what sometimes people download an app and install it, only to find out after the fact that it’s bad.
If the installation could be done in a virtual environment and the installation process analyzed, the user could then be presented with the option to commit the changes if they are found to be OK or warned about what the app was trying to do.
This, IMHO, would help keep users safe and also help build Threatcast and build TBA technologies.
What think?
Ewen 
You mean an application virtualisation on the lines of Altiris svs ? Except that with Altiris the installation can’t be un-virtualised.
Sort of.
Altiris is designed for the ongoing usage of an app. My intention was to virtualize only the installation process so the app and its install methods could be analyzed and verified (using several TBA methods).
If there was malware found or suspicious activity occuring during the virtualized install, the user could be advised and the results can be added to Comodo’s DB of bad guys. If, OTH, the install was OK, the user would be presented with that info and offered the option of making the install permanent, where it would somehow be de-virtualized and committed to the physical disks.
Thereafter it could be virtualized using Altiris or similar or just run as a normal app.
My intent was to ensure that software installs aren’t introducing garbage that we would just have to clean out later.
Ewen
I like this idea… its a great usage scenerio for CDS…
Melih
I second that! It’s an interesting concept to place applications into a virtual quarantine for a period,until they’re verified safe. :BNC
I like the idea of a virtual quarantine as well. But it would need to display a list of all registry keys and files created/modified in the virtual environment so the user can see what it is doing completely. Also, all files it creates after the installation would be quarantined as well.
Let’s give the example MS Word. 
This would be in the virtual Program Files, or Program Files (x86) for the 64 bit people, and then when you create a Word document it would go into the virtual Documents folder. All registry and file modifications would be tracked, so, for example, MS Office SP1 can be installed into that same virtual quarantine as Word. All the changes would be logged for review of the user. Then when it’s time to take it out of quarantine, CFP would just transfer all the files to the real locations and export the registry into the real registry. It should be too hard to un-quarantine something.
This is a really great idea. It saves installing a program twice.
The only potential problem I can foresee would be that programs installed virtually would suffer no conflicts/incompatibilities with other stuff on the ‘real system’ ,however once it’s just exported to that system there could be issues with dlls and the like.One of the main strengths of Altiris is the ability to run entirely incompatible software due to the isolation.Certainly with any security or system-based software operating at a deeper level there’d need to be some form of rollback included in the case of BSODs for example.
Andyman, you have have a good point there that I didn’t think of. Maybe the best scenario would be to install Windows, then install CFP with the virtualization, and just have most things kept in the virtual environment. Allow things like patches and other updates to be installed in the applications own virtual environment and somehow allow apps to talk to each other across virtual environments as well. The difference to SVS would be that the Applications cannot be moved to a different PC, thus avoiding any possible conflict with the App’s EULA. This would also ensure that conflicts didn’t happen and would actually make the system run better than a system without this.
To uninstall an app, just delete the virtual environment it’s in. Though, an export option would be needed like with my Word example to export all Word Documents created so they don’t get deleted with the virtual environment. This would be the “uninstaller” that was requested by someone in the “What should Comodo develop next” thread. Also, it should be made possible to transfer files from one virtual environment to another, not just to the real file system. Running the whole system in virtual environments is kinda where VIsta headed with UAC and the separate memory allocations, but it’s not there yet. It still has a ways to go before the whole system is virtual.
Also, making some already installed apps, like Internet Explorer, transfer to a virual environment should be made possible as well. All this would be close to the functionality of SVS, but with Comodo’s touch. This would be awesome to have in CFP, then CFP could monitor each virtual environment easily and use it’s HIPS to figure out what is going on.
Melih, you should play around with Altaris SVS if you haven’t done so already, that is largely what I am basing this post on – those type features, but without the ability to move to another PC, I don’t need that. It should be made easier to install apps into the environment as well, SVS was kinda hard to use the first time I played with it.
Cheers.
one thing to note that… everything gets quarantined during that period not just that specific app.
Melih