Hi.
Currently, Comodo develops firewall and antivirus. But these are old-generation security products. Why not bring next-generation security to desktop PCs? The mobile platform is already using this model.
What’s Next-Generation Security?
The next-generation security software fully compartmentalizes all apps in separate containers. The system behaves like this:
- Each app, when run, sees nothing but its own files and a totally empty file system, which is its own container. So, if a virus (or other malware kind) runs on the system, it runs in its own container and the only thing it can infect or spy upon is an empty container. Not only that, but also apps run without interfering with each other.
- User data are stored outside containers and apps don’t see them unless the user mounts them to the container. An app can read but not directly modify mounted folders; instead, any change the app makes is stored on a copy within the container. When the app stops, the user can decide whether to commit the change.
How does it work?
[ol]- The user installs Windows
- The user installs the next-generation security software. The operating system is inventoried.
- The user runs an EXE or MSI that is not part of the OS. Instead of the app or installer running, the next-generation security software’s installer launches. It asks for a name for the container (maybe suggests one based on the file metadata) and ask the user to confirm which files to be moved inside the container, and which file to be run as the starting point. Then, those files go into the container and run there. If it is a portable app, it starts right there. If it is an installer, it installs there, like installing in an empty system.
- After everything that was launch in the container ends, the next-gen installer confirms that starting point (which is an executable file that got installed) and creates a shortcut for the app in the Start menu.[/ol]
Competitors
Actually, there are already competitors in the market that do this, but none of them are good. So, Comodo’s chance of winning the competition is great. For example:
- Windows 10 does it but only for Windows Store apps. (I’m sorry; I’m used to saying “Windows Store”. I know it is called “Microsoft Store” now.) There is no way to get an app from outside Windows Store and run it inside a container.
- Docker does it. But that’s for Linux only. (Its Windows version is utterly ridiculous.)
- Turbo does it. But its offerings split between to conflicting products (Turbo.net client and Turbo Studio) and there are lot of bugs and command-line stuff one has to know. It is too busy with selling PaaS offerings to think about security and user convenience.
- Comodo Internet Security itself already has a sandboxing solution, but it is one sandbox per system.
I guess that would be the limitation of the Windows itself, also, HDD would get filled reasonably quickly.
Some programs don’t react to well to empty spaces [That’s why VM/real system is filled with doc and jpeg files as far as viruses are concerned]. Same goes for virtualization restrictions.
Having each container take necessary windows system files to run things, each container would grow over time. Temp and log files come to mind.
Otherwise, an exceptionally a very good idea [Qubes or something linux-like comes to mind].
Your objections are certainly not without merit. This is a bold idea and certainly takes a lot of modification and trial-and-tribulation to succeed. But as the saying goes, “fortune favors the bold”. (Audentes fortuna iuvat.) People who stick to the safe and tried ways are never celebrated. Seeing what Docker, Turbo.net, Microsoft Store and VMware are doing, it is certainly possible. Just imagine how much Comodo’s business grows if it succeeds: It dominates the market that currently belongs to 47 different eminent antivirus vendors. And as for end-users? Their lives suddenly becomes much better.
Your most important objection is the HDD getting full. Turbo.net has already solved this problem by layering: Containerized apps are granted access to OS files on a copy-on-write basis. Most apps don’t modify Windows files anyway. (They don’t have the necessary NTFS permissions anyway.) They add files to Windows folder though, which is not a barrier. But if they do, they don’t end up ruining Windows. I even like the idea of using a pre-boot setup program that fully containerizes the OS itself. Already, it is possible to run Windows from a VHD or WIM, and existing Microsoft software can do the containerization task. So, this next-gen security layer can do the same. Software signed with certain digital certificates (e.g. Windows component certificate or WHQL certificate) run inside the OS container, so .NET Framework and Microsoft Visual C++ run-times always update the base image and are not installed in each container once.
Logs and temp files cannot make more trouble than they are already making. In fact, when apps run inside a container, you see a lot less files in each container, so logs and temp files are much easier to find. Even better: Make containers two-stage. Stage one is the base container; stage two is a differencing image. (Like differencing VHD.) When the app misbehaves, reset the second stage. It’s like reinstalling but much faster.
It sounds intersting, but …
… well, I have to say I am by no means an expert, but this are my thought on this:
A lot of apps won’t do what they are supposed to do in an empty container. Nowadays, apps are no isolated programs like most programs in earlier (DOS) times; they have to interact with other data/programs. In this case you would have to mirror the required data. This will lead to a complete chaos after a certain time in my opinion. In many cases you want the app to manipulate other files. So, you have to give permissions. I think, you will very quick lose track of these permissions … or you don’t know, wheather the app really needs this or that permission or not. An informed and interested user may keep track of that all, but the ususal user won’t spend that much time to think about all these permissions. Eventually you just click on “OK” because you want this app now!
You can observe this with Android-Apps.
… but, most probably I just didn’t get your point and am talking nonsense.
In general the approach is interesting … and I agree: “fortune favors the bold”
You are not wrong. Well, perhaps not totally up to date on what’s happening in the containerization front, but you did mention so good points. What you mentioned were the fears of developers in 2006, when they wanted to implement this model for the first time. Microsoft, which is also out of touch with the containerization world, and is one of the last to join this party, have established the following restrictions on traditional apps that are to be converted to UWP apps: Prepare to package a desktop application (MSIX) - MSIX | Microsoft Learn
You can see that some of these restrictions are quite problematic. But also, Comodo Sandbox is already so flexible it can accommodate many of them.
12 years passes since then. Containerization has come a long way. Docker can nowadays run Visual Studio too, even though it is not created with Windows in mind! (Although, it is an arduous task.) For cross-app communications, it turns out, you don’t need permissions at all; you’d need what is nowadays know as export points. Microsoft calls it “Contracts”. These are the points used for apps to communicate with one another.
Also, I am not saying “start with a fully compartmentalized OS!” Surely, this next-gen security software can start as a multi-container derivation of Comodo Sandbox. We start by compartmentalizing application software, like Microsoft Office, Adobe Acrobat, the whole Adobe Creative Cloud, Steam, and video games. I mean, video games usually don’t interoperate with any other app, so why not? When developers got their hands dirty, they can ■■■■■ down on tougher problems, like “how to containerize Daemon Tools?” Until then, Daemon Tools can run outside the container.
;D Yes, I am actually not totally up to date … to be honest, I have no idea of what I’m talking about. I have no experience in programming, no real knowlegde of the mechanisms behind operating systems and security solutions and so on. But nevertheless I had the urge to share my (spontaneous) thoughts on this topic.
But what you write sounds very encouraging and interessting. In fact, I have to admit, the Comodo Sandbox is working very well - and yes, why not take this as the starting point for further refinement (i.d. multi-container compatmentalizing). It sounds promising!
Comodo is a pioneer in preventing infections with sophisticated mechanism instead of just chasing the viruses etc. … always one step behind. These are interesing times for programmers, I guess.
Well, that makes you a subject enthusiast! 
Well, to put it briefly, evidences tell me doing such a thing is possible. Comodo can implement it step by step.