Example of unsigned is a program called mb-ruler. This is a very nice tool that puts a protractor on the desktop at the highest level of the screen. It can be used to measure angles and distances on the screen in pixels, inches, mm, etc. It will overlay picture editors, so it's a nice tool. With this type of little known software Comodo is not on the record and there are thousands of similar applications that could be whitelisted on the cloud. Don't know if Comodo whitelists some Nir Sofer apps, but perhaps isolated Nir Sofer apps like FullEventLogView could be evaluated and judged safe and whitelisted. I know it is auto-sandboxed normally even though it is signed (possibly by the dev himself idk). Again, these tests feed pressure into this area of software evaluation-:devil: This improves usability.
It's not malware signature detection what I am discussing (classically I suppose "reduction of FPs), but I would like to see Comodo specifically moreso known for taking marginal applications more seriously for evaluation. It's a perception I have I guess that Comodo doesn't do as much as they could from the cloud to whitelist. Also, user should know when the cloud is referenced, but that's probably a separate ticket with the Comodo forum (by 2025 maybe there will be a reply). Yet, I am imagining an alert explaining the whitelisting and then giving the user the option to sandbox the whitelisted app...
Comodo simply blocks, so it's not even submitted for testing. It's hard to know how seriously they take software evaluation. At any rate, the detection tests do seem to me valuable to see in this one sense, even while running Comodo, because there is healthy pressure placed on a company like Comodo to do better job of allowing unsigned applications that are safe. The fact that this one company doesn't study harder software for the tests and present their work in the tests means the protection could be viewed as inflexible and/or brickish, especially if it seems to be so in real world use. Sadly, this shows with Comodo during usage when compared to say Avast or other a-vs. Again simply a perception on my part. I know what to expect when I install Comodo...just hate having to decide whether to unbox with some unsigned applications, especially without knowing how the other companies handle the software (other than Forticlient). In the end, virustotal is too oftenly the friend here (not to mention perhaps VoodooShield if I could whitelist the script I run from time to time). Otherwise, it's hold the breath and unbox and restart the application without much information, except that Forticlient does/does not block the app.
BTW, signatures do not explain the relationship of possible malware with the internet. I wish this was a greater focus. Comodo gets a thumbs up from me for the presence of the firewall. It's easy to block an app from net contact with Comodo. Test results won't explain something like this, since most of the applications don't firewall as aggresively or thoroughly as Comodo. I do feel this is very important. OK, no false positive, but what does the installed application do that might be somewhat sketchy even if generally safe. Still, the tests help see who is working hard to evaluate software...
