In fact, lot of virus are get by security vulnerability of browser, Flash Player, Acrobat reader plugin…
So it’s a very good idea to include for example Firefox in the sandbox.
By consequent, if you get a virus by Firefox, your system is safe…
But… But your sandbox become not safe and dangerouse.
And in your sandbox, you have your browser… firefox.
So if you will go to bank website, it s very dangerous because your virus is present in firefox and can catch your data.
Lot of software (with an option), clear automatically the sandbox after close.
So the sandbox is always new and so safe.
Comodo haven’t this option, so your sandboxe can be “a nest” of virus.
So I think you should add just this small option for improve the security of the sandbox.
Can malware within virtualized auto-sandbox still read user files on system (outside sandbox) and submit them to the internet from within the sandbox? While auto-sandbox does fantastic job containing destructive malware that can “physically” harm the system, I’ve always worried about data stealing malware that doesn’t really modify system, it just steals data and sends it of the computer. How is with that?
Virtualized applications can still read from outside the sandbox however you can add folders to Protected Data Folders and applications within the sandbox can’t read from those folders anymore.
Applications within the sandbox still generates firewall alerts, however there is an issue where a malware could potentially piggyback on a browser to bypass the firewall, but so far I’ve only seen that as proof of concept and haven’t seen malware actually use it.
But if I do that, then those folders can’t be accessed in normal sandbox either. Meaning if I want to protect browser folders (so malware can’t steal locally stored password storage files), those same browsers also won’t work virtualized. Which is a bit annoying.