Sandbox designed by kindergartners

Kimodo · July 1, 2010, 9:36pm

The implementation and roll-out of the SANDBOX feature in CIS is probably fantastic for machines with a fresh install – the kind of machines that coders and computer scientists use that have only two or three apps on top of the operating system, and virtually no accumulated data files. However, for an existing system which has an abundance of previously installed applications, and a superabundance of accumulated user files, it sucks!

The Sandbox has grabbed my machine by the you-know-what, and is squeezing it hard. It is interfering with things that constitute routine tasks for me, such as printing the screen to a .pdf-creating printer driver, and then really printing to a real printer Users should be introduced to the Sandbox with some explanation that printer drivers may become dysfunctional, and some examples of the kinds of problems that commonly exhibit themselves when sandboxed apps cannot communicate with non-sandboxed applications.

Tasks which have never given me any problems are suddenly failing to perform, and without any error message or anything to alert me to the failure. Programs which automatically are put into the Sandbox and are supposedly being checked by Comodo for safeness, just sit there in the line to be checked. And this is happening with programs on my machine which have been on the market for years. Clearly, Comodo’s whitlelist was developed by a kindergartner, and the company is using its customers as guinea pigs to build its whitelist for it. If they are actually checking applications to determine their “safeness,” I see no evidence of it.

There should be a knowledge base with KNOWN ISSUES on display. When CIS and Sandbox are installed onto a machine with applications in place, users should be shown a list of applications on their machine with explanatory details such as KNOWN SAFE, UNKNOWN, KNOWN HAZARD, etc., so that users can get some sense of how harshly their computer experience is going to be handled by COMODO’S SANDBOX, and some advisories about how to best manage the transition to having the Sandbox squeeze less harshly.
I could keep on with suggestions, but if this rollout had not been handled by persons who are clearly indifferent to existing customers with mature, fully built-out systems, it would be unnecessary for me to be forced to waste my time holding their hands.

Their management is clearly not up to the task of handling a rollout as complicated as what the Sandbox is.

The same is also true of the Comodo AntiVirus. Simple things – like self-extracting zip files which I have created and stored – are all, each and every one, being identified as potential problems when a scan is done by the Anti-virus checker. Absurd to identify a self-extracting zip file as a virus, without letting the user specify that such a class of files should be skipped and presumed to be desirable, at least when they are located in certain folders. Major things, like invisible system restore points, are being identified as infected with no clue as the crucial significance of those files being cleaned" or “quarantined.”

A user who is doing an upgrade of Comodo needs to be warned that CIS is going to take control of their machine and possible refuse to let it perform productively in ways that have become routine for the user, and safely so.

languy99 · July 1, 2010, 9:53pm

I’m sorry you are having problems but I think you don’t have enough experience with comodo.

First off, go to defense + → trusted vendors list, are they listed there. For some reason it has been disappearing, if it is gone, to to misc at the top → run diagnostics, reboot. That should get the list back.

And there are exclusions for the AV, go to antivirus a the top, scanner settings, exclusions tab. You can exclude what you want there.

Chiron494 · July 2, 2010, 12:46am

I’ve described how to go through your computer and make sure all safe files will not produce popups, or be sandboxed, at the bottom of this guide:
https://forums.comodo.com/install-setup-configuration-help-cis/how-to-install-and-configure-comodo-firewall-v41-for-maximum-protection-t57944.0.html

Hopefully this helps.

I like this idea.
Maybe CIS could scan the computer and list all unknown executables and therefore give the user a chance to define some of them as safe before they ever have a chance to be sandboxed.

Just be sure to check out the programs that you’re not sure about before you give them full access to your computer. Here’s my guide on How To Tell If A File Is Malicious.

Please let me know if you have any other good ideas. Please post them here:

languy99 · July 2, 2010, 12:47am

not needed chiron, trust me something is in the works so that no more safe files are sandboxed anymore.

Chiron494 · July 2, 2010, 12:52am

Just as a clarifier. By safe files do you mean the files verified safe by Comodo or the files that are still unknown to Comodo but are safe?

I ask because if it’s the second then I won’t post the wish that I was working on.

pszwarc · July 5, 2010, 9:56am

I have been working with computers for a very long time, and with personal computer users for quite some time. I think Comodo should add one person to their design board: a very average computer user who doesn’t know anything about how a computer, a network, or a firewall, works, but who uses a computer for day-to-day work – and play.

In its current state, CIS is not appropriate for non technical-savvy users nor for people who’re not technical-minded. A “naive” user could tell you where and why CIS’s GUI is wrong and allow you to correct it before you inflict it on the rest on the world.

This is in no way a reflection on the actual quality of CIS, just on its acceptance by “normal” users.

Tech · July 5, 2010, 11:25am

I think like pszwarc…
User-friendly attitudes are needed for non savvy users. Maybe scenarios, first on-demand scanning and programs classification, who knows…

rhgtyink · July 5, 2010, 11:38am

It would have been very nice indeed for the average user to “inform” them in what ever form what the sandbox is going to do, and how they should handle certain programs if they trust them.

If you don’t have a clue and a load of apps that are unknown, I can imagine it feels like you computer is taken hostage by the program…

Whoop-dee-doo · July 5, 2010, 2:10pm

Agreed.

I fit this description (well, not exactly naive, but more like a novice that has firm understanding of interfaces, design, and usability). I am a volunteer moderator and do not work for Comodo. I have already provided the developers with a long list of improvements (along with the suggestions of many other forum members). I have also suggested that many of these issues get fixed before the public release of a new version. However, there are still many issues (some of which I had suggested over a year ago) that have yet to be addressed. Progress is extremely slow with regard to improving usability and clarity of CIS. Hopefully Comodo will make this a priority in the near future.

Tech · July 5, 2010, 3:07pm

For the time the firewall is up and running, yes, we should have some user-friendly movements already.
The slowness of the development of other products could make the users upset, specially the ones which are beta testing the products (COB, CPM, CTM, CCS…).

pszwarc · July 6, 2010, 5:26pm

One can always dream… 88)

Dch48 · July 6, 2010, 8:27pm

+10 :-TU Not only in reference to the GUI but in the whole approach. Most notably using automatic sandboxing and HIPS without a sufficient whitelisting capability and with a seeming disregard for the gaming community.

Melih · July 6, 2010, 8:52pm

There will be a game mode in CIS 2011…and Sandbox has been improved greatly…no further details for now…

Melih

Graham1 · July 6, 2010, 10:05pm

If you can’t post details, how about a few screenshots then ;D.