100% apps trusted, still sandboxing stuff

RejZoR · Jan 4, 2017

I just don't get it what's Comodo doing. Testing CIS10 again, File Rating scan says 100% of apps is trusted. Then I run ASUS RealBench and bam, it sandboxes it. Are you dumb Comodo? Seems like yet another part of it is broken...

Deleted member 2913 · Jan 4, 2017

The main installer is sandboxed or files during install?

RejZoR · Jan 4, 2017

The files that were already on drive BEFORE I've even installed CIS10. Usually File Rating Scan showed anything that wasn't yet trusted, but now it just says 100% trusted, but still sandboxes this stuff. Makes no sense.

shmu26 · Jan 4, 2017

I find that COMODO doesn't automatically read all the apps on the system. It misses a lot of them, until you run them. If you want to whitelist everything in your various program folders, you have to do exactly that.

Deleted member 2913 · Jan 4, 2017

RejZoR said:
The files that were already on drive BEFORE I've even installed CIS10. Usually File Rating Scan showed anything that wasn't yet trusted, but now it just says 100% trusted, but still sandboxes this stuff. Makes no sense.

I think & as shmu26 mentioned, "Rating Scan" is not for each & every files on your system.

And files already on system before CIS install is treated as "Trusted" with "Internet Security" config only, are you running IS config?

RejZoR · Jan 4, 2017

Clearly it is NOT trusted, but it was on the drive before I installed CIS10. Also, what's the point of rating scan if it doesn't check every EXE file on disk like old CIS versions did?

AtlBo · Jan 4, 2017

Somewhat off topic, but I was wondering who if anyone could say how Comodo handles purging in the files list. o/c manual purge is there, but does Comodo auto-purge ever. List grows in size very quickly it seems.

shmu26 · Jan 4, 2017

RejZoR said:
Clearly it is NOT trusted, but it was on the drive before I installed CIS10. Also, what's the point of rating scan if it doesn't check every EXE file on disk like old CIS versions did?

I found that CIS 8 also missed a lot of exe files on the disk, and only noticed them when I ran them.

vivid · Jan 4, 2017

Rating scan never did that.
With default configuration, you should consider File Age. Less than 3 days + Installed before CIS + Unknown rating = Sandboxed.

Deleted member 2913 · Jan 4, 2017

AtlBo said:
Somewhat off topic, but I was wondering who if anyone could say how Comodo handles purging in the files list. o/c manual purge is there, but does Comodo auto-purge ever. List grows in size very quickly it seems.

No auto-purge.

Deleted member 2913 · Jan 4, 2017

shmu26 said:
I found that CIS 8 also missed a lot of exe files on the disk, and only noticed them when I ran them.

I too think Rating Scan never scanned each & every files on the system.

509322 · Jan 4, 2017

RejZoR said:
I just don't get it what's Comodo doing. Testing CIS10 again, File Rating scan says 100% of apps is trusted. Then I run ASUS RealBench and bam, it sandboxes it. Are you dumb Comodo? Seems like yet another part of it is broken...

Rating Scan checks the same directories as the antivirus Quick Scan + modules loaded into active memory at the time of the Rating Scan.

A user, if they so choose, can manually whitelist the entire system by adding C:\ to the File Rating list and changing the rating of any files rated as Unrecognized to Trusted. Doing this is not recommended both in terms of security and a known issue. The more you add to the local config database, the more unstable the GUI becomes and it will open more slowly and\or mis-behave.

Someone had reported a potential conflict between AppGuard and CIS. As it turns out it wasn't AppGuard, but instead due to the known issue above which Haibo Zhang - Director of Comodo Engineering confirmed last year.

shmu26 · Jan 4, 2017

Jeff_T - Testing Group said:
Rating Scan checks the same directories as the antivirus Quick Scan + modules loaded into active memory at the time of the Rating Scan.

A user, if they so choose, can manually whitelist the entire system by adding C:\ to the File Rating list and changing the rating of any files rated as Unrecognized to Trusted. Doing this is not recommended both in terms of security and a known issue. The more you add to the local config database, the more unstable the GUI becomes and it will open more slowly and\or mis-behave.

Someone had reported a potential conflict between AppGuard and CIS. As it turns out it wasn't AppGuard, but instead due to the known issue above which Haibo Zhang - Director of Comodo Engineering confirmed last year.

thanks for clearing that up!

cruelsister · Jan 4, 2017

ReJor- You do realize that ASUS did not digitally sign Realbench, didn't you?

RejZoR · Jan 4, 2017

It doesn't need a digital signature to be whitelisted. And the change they made to only whitelist limited spectrum of EXE files is idiotic. It basically makes rating tool useless. And I thought they just improved their whitelist database so much that they managed to whitelist all my apps. Why do I want to like Comodo so much and they keep f**king things up with such moronic design decisions which they of course always miraculously forget to document, but they are always sure to mention they fixed 30 billion bugs... *sigh*

AtlBo · Jan 4, 2017

RejZoR said:
And the change they made to only whitelist limited spectrum of EXE file

Is this new to this version? I mean, what kind of security program would have a hole punched in its side by its devs before it's even launched who then expect it to float? I really just want to know more about this and what they must be thinking or if I am just wrong about the issue.

RejZoR · Jan 4, 2017

I'm certain CIS 8.4 scanned all EXE files on ALL partitions. CIS 10 apparently only scans Windows folder and memory and that's it. I just knew something was wrong with the speed of the files rating scan...

AtlBo · Jan 4, 2017

Apologies, I had it backwards. I was thinking in terms of protected files, not trusted or unknown. In File Rating->File Groups, CF list of Executables (and in HIPS Protected Objects) doesn't include ps1 files, and I don't see anything java. I'm confused on this issue unfortunately. Can't tell if CF blanket allows the missing executable file types or if it's just not possible to protect them. I guess I wouldn't hate that so much.

Brahman · Jan 6, 2017

RejZoR said:
It doesn't need a digital signature to be whitelisted. And the change they made to only whitelist limited spectrum of EXE files is idiotic. It basically makes rating tool useless. And I thought they just improved their whitelist database so much that they managed to whitelist all my apps. Why do I want to like Comodo so much and they keep f**king things up with such moronic design decisions which they of course always miraculously forget to document, but they are always sure to mention they fixed 30 billion bugs... *sigh*

If we start to complain there will be no end to any thing. No program is error free, that is why we are getting updates and bear in mind comodo is free and that leave little room for such harsh words.

RejZoR · Jan 6, 2017

Excuses, excuses and more excuses. It feels almost like I've come to official Comodo forum... There are many free programs which don't have such design nonsense...

Search

100% apps trusted, still sandboxing stuff

RejZoR

Level 15

Deleted member 2913

RejZoR

Level 15

shmu26

Level 85

Deleted member 2913

RejZoR

Level 15

AtlBo

Level 28

shmu26

Level 85

vivid

Level 5

Deleted member 2913

Deleted member 2913

509322

shmu26

Level 85

cruelsister

Level 42

RejZoR

Level 15

AtlBo

Level 28

RejZoR

Level 15

AtlBo

Level 28

Brahman

Level 17

RejZoR

Level 15

Similar threads