App Review A Comodo Firewall Beta 2 Quick Dance

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
cruelsister
F

ForgottenSeer 103564

I'll bite, default Deny is great for malware no doubt, what happens to the average user though when comodo smacks down a system file or legit application they are trying to use. I see the interface looks snappy compared to the last time I used it, but I also know comodo well and no matter how much they polish it, underneath will be those same advanced settings not intended for average users. I have seen more systems crippled with this tool than any other in the last decade from false positives, to bugs ect,ect.

So while it is great at stopping malware which I absolutely agree with in the right hands, it's that latter part that should be stated for average users or at least mentioned it's not always automatic sunshine with this suite.

Great test btw
 

simmerskool

Level 30
Verified
Top Poster
Well-known
Apr 16, 2017
1,993
what happens to the average user though when comodo smacks down a system file or legit application they are trying to use...I have seen more systems crippled with this tool than any other in the last decade from false positives, to bugs ect,ect.
interesting take, I used CF@cs settings for several years and CF never borked system on me, fwiw, but yours is a valid point imo. more & more I find I use windows OS solutions.
 
F

ForgottenSeer 103564

interesting take, I used CF@cs settings for several years and CF never borked system on me, fwiw, but yours is a valid point imo. more & more I find I use windows OS solutions.
I cut my teeth on CIS and CF back in the day, if i had a dollar for every time my system ended up borked from messing with settings to its own actual bugs i would be a rich man. While it is an excellent tool in the right hands with knowledge, and will definitely teach a user alot about the windows system itself, it is by no means really for average users. Windows has enough built in tools if utilized with knowledge to keep users safe. There is a windows machine here, not mine, nothing but built in windows security enabled, and ublock in the browser, been that way for quite some time, no issues.
 

ErzCrz

Level 20
Verified
Top Poster
Well-known
Aug 19, 2019
951
I cut my teeth on CIS and CF back in the day, if i had a dollar for every time my system ended up borked from messing with settings to its own actual bugs i would be a rich man. While it is an excellent tool in the right hands with knowledge, and will definitely teach a user alot about the windows system itself, it is by no means really for average users. Windows has enough built in tools if utilized with knowledge to keep users safe. There is a windows machine here, not mine, nothing but built in windows security enabled, and ublock in the browser, been that way for quite some time, no issues.
Simplicity has always been the best approach to CIS/CF. I've been using it since CFW 2.0 CAV 1.0 off and on but agreed, has messed things up when I've played around with locking down the system. I've found @Andy Ful 's Hard_Configurator/SWH/WHH/FWH/CD a safe and good default deny approach when I'm not using CIS/CF. it makes the best of windows built-in features and hardens the system. Having said that, the sandboxing approach of CIS/CF s a super effective one. Just stick with @cruelsister 's settings and avoid tweaking HIPS or disabling it will keep a lot of issues at bay.
 

simmerskool

Level 30
Verified
Top Poster
Well-known
Apr 16, 2017
1,993
I cut my teeth on CIS and CF back in the day, if i had a dollar for every time my system ended up borked from messing with settings to its own actual bugs i would be a rich man. While it is an excellent tool in the right hands with knowledge, and will definitely teach a user alot about the windows system itself, it is by no means really for average users. Windows has enough built in tools if utilized with knowledge to keep users safe. There is a windows machine here, not mine, nothing but built in windows security enabled, and ublock in the browser, been that way for quite some time, no issues.
yeah! until cruelsister posted her suggested settings, I did not (could not?) use CF.
 

cruelsister

Level 42
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,127
Personally I've never seen system files being blocked by Comodo UNLESS one plays with HIPS settings, which is never a good idea. Actually the use of HIPS in CF is of dubious value as it will in no way enhance protection as long as Containment is enabled (for CF, although counter-intuitive, less is more).

As to some legitimate applications being blocked, yes, this will occur because Comodo must vet an unknown application prior to plopping it into the Unknown category. Personally I fee that the upside will outweigh any downside, as although a SeaMonkey nightly may be contained, also contained would be things like the (formerly) legitimately signed and countersigned EFile and Chrome Update data stealers which initially bypassed all others.

As to the thousands and thousands of supposed bugs, sadly this is more of a trollish urban legend than actual reality.
 
F

ForgottenSeer 103564

Personally I've never seen system files being blocked by Comodo UNLESS one plays with HIPS settings, which is never a good idea. Actually the use of HIPS in CF is of dubious value as it will in no way enhance protection as long as Containment is enabled (for CF, although counter-intuitive, less is more).

As to some legitimate applications being blocked, yes, this will occur because Comodo must vet an unknown application prior to plopping it into the Unknown category. Personally I fee that the upside will outweigh any downside, as although a SeaMonkey nightly may be contained, also contained would be things like the (formerly) legitimately signed and countersigned EFile and Chrome Update data stealers which initially bypassed all others.

As to the thousands and thousands of supposed bugs, sadly this is more of a trollish urban legend than actual reality.
It's been a few years since I used it, but I tried telling my system every time it crashed from those urban legends that it was all in its mind, didn't seem to stop it 🤔. I played with CF before it came CIS so been around it a minute or so. The forum at comodo is full of those urban legends and bug reports. No matter how you slice it though, the tool was designed for above average users.
 
Last edited by a moderator:
F

ForgottenSeer 100397

The quick dance blocked all unwanted moves!

Comodo has never blocked Windows updates or system files here. While Comodo has made significant improvements in usability, a default-deny setup can affect usability.

I agree with @Ultimate Vision. Comodo is best suited for above-average users or those who will learn the basics to use it effectively. It is an excellent security measure for static or managed systems.
 

wat0114

Level 11
Verified
Top Poster
Well-known
Apr 5, 2021
514
I agree with @Ultimate Vision. Comodo is best suited for above-average users or those who will learn the basics to use it effectively. It is an excellent security measure for static or managed systems.

Actually, if it's set up the way @cruelsister had it for the test, then I think anyone could use it that way, including novice users; no above average skills required. OTOH, if it's setup using HIPS, especially in Paranoid or similar mode, then yes one better posses above average skills.
 

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,153
The quick dance blocked all unwanted moves!

Comodo has never blocked Windows updates or system files here. While Comodo has made significant improvements in usability, a default-deny setup can affect usability.

I agree with @Ultimate Vision. Comodo is best suited for above-average users or those who will learn the basics to use it effectively. It is an excellent security measure for static or managed systems.
If there would be more users more flase positives should get reported
so small user base and super aggressive behavior does cause false positives but some could run it for years without an issue and some could install something unknown to comodo hours after and would get contained
Personally I find it a really good then other more extreme default deny for basic users as it doesn't break from false positives as often over other consumer level products and it's freeware
 

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,153
Actually, if it's set up the way @cruelsister had it for the test, then I think anyone could use it that way, including novice users; no above average skills required. OTOH, if it's setup using HIPS, especially in Paranoid or similar mode, then yes one better posses above average skills.
Its a perfect protection for grandma all their software office web etc never gets contained for no reason and even then she could still browse
 
F

ForgottenSeer 100397

Actually, if it's set up the way @cruelsister had it for the test, then I think anyone could use it that way, including novice users; no above average skills required. OTOH, if it's setup using HIPS, especially in Paranoid or similar mode, then yes one better posses above average skills.
Her setup only suspends alerts; it doesn't help with program installation or update usability. While it strengthens security, it doesn't improve user friendliness.
 
F

ForgottenSeer 103564

Its a perfect protection for grandma all their software office web etc never gets contained for no reason and even then she could still browse
Might be a reason CIS is never in the "set n forget" crowd line up, i dunno, maybe its just me.

Her setup only suspends alerts; it doesn't help with program installation or update usability. While it strengthens security, it doesn't improve user friendliness.
Exactly the point i was trying to make, thank you.

As it seems you are aware, for everyone else, im not bashing the product or CS test above, im simply pointing out this software is by no means average user made.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top