Can one use Comodo Firewall with the Defense+ disabled, yet still have the Sandbox fully functioning?
So it’s Comodo Firewall with Sandbox only.
It’s just a query, I myself do not use Comodo since v4 was released.
its better to use for example sandboxIE (a standalone FULL sandbox) together with comodo firewall (and defense+).
as the comodo sandbox is not a full sandbox, its a bad decision to disable defense+ and thinking the comodo sandbox would be an expected plus of security.
basically the comodo sandbox is a mix of userfriendly easyness and adding a bit security (just reducing some rights). for unexperienced users it might be a help, but it is not a standalone sandbox.
Why not?
Even enabling file/registry virtualization?
Even running a program in the “Untrust” level?
[attachment deleted by admin]
its easy to say, why not: (this tells about the difference, it is no critic about quality… it depends just on what you want to have)
if you close the program that was sandboxed by comodo, is it then as if nothing has happened on your pc? Are any changes erased, any “produced” data erased?
Can you decide exact which of the data should be “rescued” among all the things that will be erased, IF they are erased?
If you make changes for example in sandboxed firefox, any change… is it restored to the status which it had before it was sandboxed running? (per design i am sure its not the case, because comodo sandbox runs “default”, so it cant be a real sandbox, because you have to do all as if it was the first time that you use a program, no settings, no saves, WHEN it was a real one, and running by default).
Can i run everything in the comodo sandbox, even if i have to choose the highest security level there to have “most given effect”?
As you see, there are settings to reduce the rights of a program. That is one big hint, that the comodo sandbox works with restrictions, rather than “turning back what happened”.
To point out the “embedded-in-a-suite-character” of the comodo sandbox:
When you browse with “comodo sandboxed” firefox, and it would autodownload a file (maybe with a common name), it would stay on the drive. One day you could click this “known name program” that was stored without your intention… and it was a virus. THEN you have the antivirus of the suite, that would protect you, right?
But if you would browse with a real sandbox, and download only trusted things (which you decide to be rescued of erasing), then you could live long without ever need an antivirus.
Read the screen you posted Tech. It says if D+ is deactivated permanently, this option will have no effect.
So if i get it right it means that no defense + - no sandbox
Got it.
But, with Defense+, the sandbox should work like a real sandbox.
read my post again. even with defense+, the comodo sandbox is different to a “real” sandbox, when you find aspects in my description which arent in the comodo sandbox.
just for interest. try the sandboxIE from tzuk. make the right settings. you will immediately see the difference.
a real sandbox can not be enabled by default for every program,
BECAUSE
all settings would be reset if they were changed while in sandbox.
comodo sandbox is made to “sandbox” everything. so it cant be a real (“returning all changes”) sandbox.