Advice Request COMODO - Chrome not fully virtualized

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

ctrlz

Level 2
Thread author
Verified
Mar 20, 2017
54
Hi,
today I run Chrome in the comodo sandbox and I removed ublock origin extension, while in the sandboxed session.
Then I closed the virtualized chrome and opened the normal Chrome (unsandboxed)... and I found that ublock was removed :confused::confused:

Is it normal?
Does it happen to you too?

I already created a thread in the comodo forums (link)

EDIT: well.. probably the problem is that the Google Account is notified, and reflects the extension edit to other sessions :(
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Chrome syncs your customizations to the cloud, and shares them with all your Chrome installations. One of the categories it syncs is your extensions. You can change that setting in Chrome, if you wish, and set it to not sync your extensions.
 

ctrlz

Level 2
Thread author
Verified
Mar 20, 2017
54
@shmu26 thank you, I just realized it, my fault.

Anyway, I didn't think about the fact that if a google account gets infected it will affect the real browser too.
 
  • Like
Reactions: shmu26 and frogboy

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
@shmu26 thank you, I just realized it, my fault.

Anyway, I didn't think about the fact that if a google account gets infected it will affect the real browser too.
Well, it won't actually sync an infection, unless the extension itself is malware.
 
  • Like
Reactions: Sunshine-boy

ctrlz

Level 2
Thread author
Verified
Mar 20, 2017
54
What can be an infection? I don't know.
Everything that changes Chrome settings, such as homepages, popups, extensions/apps that one wants just to try in a sandbox etc. At the end, everything that is synced is exposed and can be compromised into the clean browser too
 

ctrlz

Level 2
Thread author
Verified
Mar 20, 2017
54
So a malware that replaces my homepage with a fake page (in the google settings) would not sync it to the clean browser?
Or, in the sandbox I try a software that auto-installs an extension, and it is synced
 
  • Like
Reactions: shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
What can be an infection? I don't know.
Everything that changes Chrome settings, such as homepages, popups, extensions/apps that one wants just to try in a sandbox etc. At the end, everything that is synced is exposed and can be compromised into the clean browser too
The truth is, I was a little surprised that when you ran Chrome unsandboxed, it remembered your sandboxed settings. It usually doesn't work that way for me. For me, it usually runs at the original settings. Maybe Google changed something.
 
  • Like
Reactions: Sunshine-boy

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
So a malware that replaces my homepage with a fake page (in the google settings) would not sync it to the clean browser?
Or, I try a software that auto-install an extension and it is synced
If the software installed the extension by forcing its installation from registry or group policy, then it is not a Chrome setting, and it will not sync.
If it installed the extension the regular way, then it cannot install in the first place, unless you click "okay" when you get the Chrome pop-up that warns you about a new extension.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top