本帖最后由 Candygu 于 2012-9-10 11:08 编辑
http://forums.comodo.com/news-an ... 60-t80683.1590.html
CIS 6提供三种方式达到入沙虚拟化的效果:
1. 不虚拟化自动入沙的程序,而是将浏览器自动入沙虚拟化,阻止 >90%的威胁;
2. 提供虚拟桌面Virtual Kiosk;
3. 强化behavior blocker,与现有的自动入沙(限制性沙盘)配合进行防御以及恢复未知程序所造成的危害,并为下一版本的behavior blocker打基础。
Hey Guys,
I am seeing many people to talk about virtualizaiton with autosandboxing. LEt me explain why we dont need it and how practically a user can achieve the same in CIS 6 here.
Case 1: Automatic virtulization has been a case when this ransomware viruses started to atttack users computer. CIS auto-sandbox indeed failed to protect, by default, against modification of photos etc.
So if we had auto-virtualization this would not happen.
Case 2: When certain amlware is executed, CIS protected the infection. However there were still nonsignificnat entires such as temp files, temp registry keys etc. So this created cleaning problem i.e. remnants of malware could be cleaned easily.
if we had auto-virtualization, this would not again be a case.
How does CIS 6 address these issues?
Simple. We provide virtualization where it is relevant to use it. Instead of running every unknown application virtualized(remember we are talking about millions of applications installed in millions of people when we talk about unknown app base), we simply virtualize web browsers where 90+% of the threats come from.
If we virtualize web browsers, we are automatically securing against all drive by download threats, from ransomware to keeping the PC intact and clean.
All we needed to achieve was to provide consumers an accessible and usable virtual internet experience.
CIS 6 achieved this by first of all implementing a completely new sandbox,
Then by providing virtual shortcuts, virtual protocols, we made it accessible transparently to the consumers. To be honest, all my mother needs is to double click on web browser icon as before. No new experience.
We also put some new experiences as well like Virtual Kiosk. Virtual Kiosk is an apple Ipad/iphone shell, for those who love style. The virtualizaiton experience that come with a style. I have successfully installed Microsoft office in my Kiosk and used it in kiosk only!!!
For the rest of the unknown apps, we thought we better focus on behavior blocker which monitors the behavior and reverses the harmful activity. This would successfully solve the cleaning problem, as well as improving dynamic detection. So current autosandbox would fit conceptually better to a behavior blocker and form the basis for the next behavior blocker which tracks and reverse activity of the apps.
|
[复制链接]
发表于 2012-9-10 11:02:26
楼主
不错,我看好你哦,貌似易用性又提高了不少,赶紧公测,让我这菜鸟也看看毛豆的功力,5.X版是真的不会用啊,貌似6.X迎来全民啃毛豆的时代?
http://bbs.kafan.cn/thread-1369952-1-1.html
