The PC Security Channel showed a video (which I’ve only just seen):
Where he stated it was clear Comodo was moving towards virtualization and away from intrusion detection and prevention, running all unknown programs etc., in the sandbox. The question I have is does this mean when browsing websites and a hijacked website is trying to steal your bank details Kaspersky, Norton……… Would block the site, Comodo does not. So, is virtualization the way forward and not to block, detect and prevent?
Sandboxing has become more important but the default action for the automatic sandboxing (now called Behaviour Blocker) is not virtualisation. Virtualisation has been improved and Comodo even added a nice looking tablet like environment with Kiosk creating a virtualised environment to work in.
What do you mean with hijacked website? Are you talking about a phishing attack or other? Comodo DNS may block it when the site is blacklisted. According to the review you are referring to Secure DNS seems to have improved with blocking links to malware. I don’t know how Secure DNS scores with regard to compromised websites.
Yes I meant a phishing website (not Comodo DNS) I refer to Kaspersky or Norton URL filter something Comodo does not have. He Mentioned at the start of the video it was clear that Comodo was moving away from detection/prevention as HIP’s comes disabled and towards running everything inside a sandbox.
The sandbox is a proactive approach but a different strategy than using a HIPS. Detection is stronger than ever; Comodo is not steering away from that either.
The problem of dealing with phishing websites is a different animal that depends on url blacklisting. This is a different strategy that is in no way or form related to the protecting the integrity of the local computer (which is Comodo’s traditional stronghold). Comodo has Secure DNS and keeps on working on that. I don’t know how it rates when compared to black listing by Kaspersky or Norton.
On a sidenote about phishing sites. A simple way of dealing with them is to bookmark the official login page of your bank and only use that. Also bank will never ask you to fill in your credentials other than on the login page. With these two things in mind the user will be secure.