Advice Request COMODO - Chrome not fully virtualized

[ctrlz]

Hi,
today I run Chrome in the comodo sandbox and I removed ublock origin extension, while in the sandboxed session.
Then I closed the virtualized chrome and opened the normal Chrome (unsandboxed)... and I found that ublock was removed

Is it normal?
Does it happen to you too?

I already created a thread in the comodo forums (link)

EDIT: well.. probably the problem is that the Google Account is notified, and reflects the extension edit to other sessions

 

[shmu26]

Chrome syncs your customizations to the cloud, and shares them with all your Chrome installations. One of the categories it syncs is your extensions. You can change that setting in Chrome, if you wish, and set it to not sync your extensions.

 

[ctrlz]

@shmu26 thank you, I just realized it, my fault.

Anyway, I didn't think about the fact that if a google account gets infected it will affect the real browser too.

 

[shmu26]

@shmu26 thank you, I just realized it, my fault.

Anyway, I didn't think about the fact that if a google account gets infected it will affect the real browser too.

Well, it won't actually sync an infection, unless the extension itself is malware.

 

[ctrlz]

What can be an infection? I don't know.
Everything that changes Chrome settings, such as homepages, popups, extensions/apps that one wants just to try in a sandbox etc. At the end, everything that is synced is exposed and can be compromised into the clean browser too

 

[Deleted member 178]

You can't infect settings, but as @shmu26 pinpointed an suspicious/infected extension will be synchronized.

 

[ctrlz]

So a malware that replaces my homepage with a fake page (in the google settings) would not sync it to the clean browser?
Or, in the sandbox I try a software that auto-installs an extension, and it is synced

 

[shmu26]

What can be an infection? I don't know.
Everything that changes Chrome settings, such as homepages, popups, extensions/apps that one wants just to try in a sandbox etc. At the end, everything that is synced is exposed and can be compromised into the clean browser too

The truth is, I was a little surprised that when you ran Chrome unsandboxed, it remembered your sandboxed settings. It usually doesn't work that way for me. For me, it usually runs at the original settings. Maybe Google changed something.

 

[shmu26]

So a malware that replaces my homepage with a fake page (in the google settings) would not sync it to the clean browser?
Or, I try a software that auto-install an extension and it is synced

If the software installed the extension by forcing its installation from registry or group policy, then it is not a Chrome setting, and it will not sync.
If it installed the extension the regular way, then it cannot install in the first place, unless you click "okay" when you get the Chrome pop-up that warns you about a new extension.