Playing in the sandbox does mean sacrificing some computing power, but OTOH the basic idea is a great comfort if/when your AV or ASW product fails you. The problem the sandbox doesn’t answer of course is that while you are playing in the sandbox, you can still get hurt, with malignant software stealing your privacy and any data you are currently using.
The sandbox may prevent permanent compromise, but I am not sure how to do the best job INSIDE the sandbox to prevent what can be prevented. It is not enough comfort to me that the underlying host OS is not infected, if every time I boot into the VM I may be infected by some nasty that is part of my regular setup inside the VM?
I am better off, it is true, than when I forego the VM and get the Host permanently infected, but isn’t it better to operate inside the sandbox AND to have it a very secure Guest OS? And how do I know WHICH things I have played with in VM are OK for the host environment?
How is it best I use the Comodo solutions in combination with a VM? Anyone have a good setup to accomplish that?
The problem the sandbox doesn't answer of course is that while you are playing in the sandbox, you can still get hurt, with malignant software stealing your privacy and any data you are currently using.
Really. If you are infected with some type of malware while browsing the internet inside the sandbox, and access your bank, for example, you will suffer the same damage that would be out of the sandbox.
As I mentioned in another post; A Peerguardian 2 style plug-in for Comodo Personal Firewall 3 would be f’in sweet. I guess that would also mean that you would have to have a plug-in interface which would be cool as it would open up the doors for other developers to add stuff as well.
How about a real good ‘tracks’ eraser, something that removes all the personal stuff really really well.
Right now I use a mixture of ccleaner, for the basic ■■■■ cleaning, eraser for secure deletion and free space wiping then follow that up with restoration to remove stuff they both leave behind.
It should make sure that files are wiped completely and also completely removed from the disk, after wiping. It should also clean in all those nasty, hard to get to places, like the MFT and ntfs.log. It should also do ADS.
I apologize for taking a thread off topic. Thank you for moving it and letting me know about the move. Have been busy working on other problems with my system. Could not get back on the web in Normal mode am using SafeMode/w Networking for now.
Mr. CEO,
Thank you for the reply and other information provided by another poster, I move with the thread, have a HAPPY NEWYEAR and a very prosperous one as well.
I would like to see a vulnerability scanner with the ability to download updates and patches when they occur and a secure method for logging on to a PC that also gives you the ability to encrypt the hard drive for security.
What about an anti-virus rescue CD when CAVS v3 is out?
So if you need to help someone with an infected PC, you start by booting the rescue CD with CAVS v3 on it. It should be able to update via the internet from the rescue CD to get the latest definitions. Of course it needs NTFS read/write support, too.
After you cleaned the PC you should be able to install CAVS, BOClean and CPF (and perhaps CMF) from that rescue CD (I think there should be enough space left to hold the setup files). OK, you won’t be able to cure a PC that has damaged system files but anyway it will help when it is clean again. You can do a Win repair install afterwards.
That would be a quite convenient way to convert an insecure PC into a PC you can trust again.
I hope you remeber this idea when bringing CAVS v3 to the table.
A reliable program that will monitor the registry, prevent any unauthorized changes, backup and restore the registry, and repair the registry when it gets ■■■■■■■ up.
There are so many programs it is impossible to know which are good and which will crash your OS. The vast majority want you to pay before you have any idea of their effectiveness.
My opinion is that you develop 2 of your products only:
your legendary Firewall
restricted version of CAVS (see below)
I propose that every new not vital feature of CFP would be added on plugin basis or at least would have a “disable” switch. For example, heuristics part of HIPS’ code, tracing new and modified files on system (“my pending files”) etc.
CAVS. I guess it would be better if it was only on-demand scanner. The reason is simple: with HIPS, limited user account, web browser not IE, many people can do without realtime anti-virus monitor.
Bending every effort to improve Comodo Firewall and CAVS instead of many software products will lead to much more outstanding result. I guess this will also free up the time for your main work (thanks to wich Comodo makes money).
Mr. CEO, dev team and other Comodo staff, all above said is my subjective opinion.
Thanks to all of you for CFP (L)
I reckon justin is on the right track, products are great but maybe a real “marketing hook” / unique feature would be if all the COMODO products recognized one another and on the users PC and then worked together as a unit. a used might have just one product which operated on its own but as soon as he downloaded another they “teamed up” so to say.
This integration is the uintended aim og Comodo. The next version of CAVS will co-operatively utilise the HIPS component of the firewall if its installed on the same system. If its installed on its own, it will uses its own HIPs module.
Further down the track, an ideal add-on would be a LAN module that recognised all Comodo products across a LAN and manage and co-ordinate updates, alerts and logs for all apps on all workstations. Wouldn’t that be one out of the box!
New operating system, if it would be so good like the new firewall comodo 3 is, there would be no competition at all!
Thanks for the first high quality free firewall available!
(L)
