I really don’t know if Comodo Internet Security’s sandbox utilizes the hard disk drive (HDD) and/or RAM.
I think, but I might be wrong, the sandbox “operates” on an assigned portion of the HDD. This sandboxing system is pagefile-like.
A RAMDisk, or other means of using RAM instead of the HDD would, first and foremost, offer the ultimate combination of security and speed. If the sandbox is assigned to RAM, then once it is reset all data will vanish - irretrievably and permanently.
“The most common use of a RAM disk in consumer systems is it in conjunction with an internet browser. Browsers such as Firefox and Opera allow you define the drive that will be used for temporary internet files, the cache directory, and the browsing history. This not only significantly speeds up your browsing sessions, it can prevent malware from making it to your hard drive if set up accordingly. This is a great security benefit.”
Apply this principle to the entire sandbox and you got a real winner.
Thanks,
hjlbx
PS - Thanks for your CisTray.exe hotfix for CIS 7.
There is another issue actually.
The mentioned principle is indeed ‘good’. Once you think about it, the level of complexity raises due to solutions that could prevent possible data theft.
As for example, Open.Decrypt > Run application(s) in $Memory > Save.Encrypt. Perhaps each time the application closes you save it (from memory) directly in encrypted form (to disk). That’s a (naive) solution.
We’ve already addressed secure deletion (multi-pass randomized wipe of the data) as another wish request.
Anyway, just another step forward.
In the meantime, I will move your wish request to the “Added/Rejected Wishes” section.