Comodo CIS Bug fix policy

Decopi

Level 8
Verified
Oct 29, 2017
361
And then Comodo is light, but it’s easy to be light when you are not doing much. But the overall performance hit of Comodo + the other solution does not constitute for “lightness”. And the software is not maintained in a manner that is acceptable in this industry.

... just complementing, it is light until you open it and start using different functions or change settings. Due to years of hundreds of accumulated unfixed bugs, one of these bugs triggers the CPU usage, which freezes at 50%, and doesn't go down until the device is rebooted... which in the case of a laptop also boils the base of the device, and kills the battery. Another famous old bug creates files that in a few weeks exceed the size of hundreds of GBs, exterminating the capacity and use of the SSD.
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
But it won`t die and that is why you`re irked, it won`t die, It`s alive and well working well on win 10,11 so put up or shut up!

I challenege anyone to make such a video, CS settings of course. just to show:(

Regards Eck :)
Honestly I don't give a ****. Comodo is not for me and I'll never think about giving it a whirl. It is not worthy of my time.


And plz don't challenge me of anything. And remember your challenge is basically to run Comodo with CS settings. I hope you don't whine if some user shares a test for X product with Divine config and criticise it was not on default settings.

It became obvious that you, among other users, are nothing but fanboys and you enjoy it with templates of never-proven statements. And whenever anybody comes and rightfully criticise your Temple you whine even when they provide you with a list of acknowledged bugs. Moreover, you fail to deny the weakness of the noexistant web filter and the rediculours antivirus module that are just evidence that Comodo is not even interested in improving their product. Why? Bc it is invincible? NO but due to the fact if they do not innovate, introduce new features, nor fix bugs it won't make them lose money. And let's not forget that a bunch of fanatic fanboys are standing by it's side blindly.
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
And regarding the user-dependent prompts. Now what if a gamer downloaded a crack for their favourite game, and they were presented with a prompt? I believe the user is not capable of making that decision and if they do choose to allow execution? We can blame the user?
Other vendors who spent millions on R&D and developed a user-friendly product that uses multiple layers of protection provide decent protection requiring zero to minimal interactiona from the end user.

If one wants to use Comodo for fun or experiment with it then I get it, but it should never be recommended to users.
@Divine_Barakah (& perhaps others), your "understanding" of how CF w/CS works, is different than mine. IIRC cruelsister did provide her settings for the current version of CF. The user does NOT get user-dependent prompts. CF w/CS puts malware (files that are unknown or that it considers malware) directly into its sandbox without user interaction. I am not an ongoing user of CF, but I have used it and that is my recollection of CS settings. I am reading what seems like a lot of misinformation from folks who apparently never ran CF w/CS config. I do agree that absent CS config, CF is/can be "problematic" to use. This is perhaps a CF weakness.

@Trident your restatement of AV Lab test is consistent with mine. No disagreement there.
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
@Divine_Barakah (& perhaps others), your "understanding" of how CF w/CS works, is different than mine. IIRC cruelsister did provide her settings for the current version of CF. The user does NOT get user-dependent prompts. CF w/CS puts malware (files that are unknown or that it considers malware) directly into its sandbox without user interaction. I am not an ongoing user of CF, but I have used it and that is my recollection of CS settings. I am reading what seems like a lot of misinformation from folks who apparently never ran CF w/CS config. I do agree that absent CS config, CF is/can be "problematic" to use. This is perhaps a CF weakness.

@Trident your restatement of AV Lab test is consistent with mine. No disagreement there.
And how the verdict is decided? When an "unknown" application is contained, why happens next?
 

Behold Eck

Level 18
Verified
Top Poster
Well-known
Jun 22, 2014
878
... just complementing, it is light until you open it and start using different functions or change settings. Due to years of hundreds of accumulated unfixed bugs, one of these bugs triggers the CPU usage, which freezes at 50%, and doesn't go down until the device is rebooted... which in the case of a laptop also boils the base of the device, and kills the battery. Another famous old bug creates files that in a few weeks exceed the size of hundreds of GBs, exterminating the capacity and use of the SSD.
Lightness does seem to be a stickng point some what ?

How heavy is your next gen extreme zen thing in comparison ? With a sub/par AV incuded

:D

Regards Eck:)
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
Regarding HIPS,

Personally, I need sth that works out of the box providing protection without the hassle of dealing with it.
CF w/CS config turns OFF HIPS. Yes there definitely IS a "hassle" with CF as user has to locate CS config, and do the tweaks. Out of the box, I had "problems" using CF. But a lot of software requires optimization. Dan coded DefenderUI, Andy Ful has his hardening apps, harlan4096 has tweaks for Kaspersky, Trident has recommendations for Harmony. etc etc etc. Mostly I use software that blocks malware from running.
 

bazang

Level 8
Jul 3, 2024
365
Your exact words were

Nobody has ever supplied an in-the-wild malware that bypasses Comodo's containment whereas thousands of malware have bypassed Avast, Bitdefender, Kaspersky, Norton, etc.
Because this is fact. There is nothing untrue or incorrect about the statement.

I am not saying that "Comodo cannot be bypassed." Of course it can. There has to be a way - or more accurately, multiple ways, but no one has collected a real, valid in-the-wild malware and demonstrated that it bypasses Comodo containment.

Meanwhile there is 10+ years of AV Comparatives tests that show all the other AV out there have been bypassed. Not just a few times but hundreds of times, if not thousands.

If anyone can supply a legitimately harvested in-the-wild malware that bypasses Comodo, and performs a valid, credible demonstration of the bypass, then everyone here that uses Comodo will stop using it and shut up forever. Until then, we will all wait...

Rubenking missed the golden opportunity to embarrass Melih by not video-documenting his tests.
 
  • Sad
  • +Reputation
Reactions: rashmi and kylprq

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
@simmerskool there are better ways to do the job than containing unknown executables, for example, Avast and Webroot can deny execution. The whole initiative is great, but the execution requires more telemetry and resources than Comodo’s got on their hands. Yes, through settings, one can configure “automatically contain applications less than X days old” or one can disable execution completely.
How heavy is your next gen extreme zen thing in comparison ? With a sub/par AV:D
The Sophos engine is one of the leading engines out there. There is nothing subpar about it, the engine, like Kaspersky, is predominantly based on heuristics (known for many years as Behavioural Genotype). Additional protection, just like Kaspersky with their UDS is delivered through Sophos Live Protection.
That subpar AV also includes emulation that can block scripts, pdf documents, including ones that contain phishing, dll sideloading, unknown executables and many others nasties that frequently cause hiccups. And that’s before you open them.
Emulation is improved on monthly basis.

It also includes business-grade behavioural blocking that works for all apps (Comodo by default analyses only the contained ones).

Comodo’s Valkyrie is a poor attempt to recreate Check Point’s emulation, unfortunately, just as unsuccessful as everything else that they do.

How heavy it is, the CPU usage rarely exceeds 5-6% for all processes combines, on 11th Gen Intel Core i5 (from the more mediocre models).

But we all know that the market is not just Comodo and ZoneAlarm, right?
 

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
CF w/CS config puts malware in containment without user alerts.
But that’s been reported as well to be quite problematic, specifically with updates that haven’t been signed. Which shouldn’t even be released, but unfortunately, they still are. Isolated malware in the sandbox could also be blocked from connecting, which could as well be in the CS setup (probably is).
This would be the most sensible way to run it.

But this whole containment thing has absolutely no benefit over Avast in Hardened mode let’s say, or Webroot under similar settings. It has very little benefit even over MS Smart Screen Filter.
You end up with heavily restricted apps.
Games and similar software will not work properly and this is clearly mentioned in Comodo’s documentation.

The only difference is that Avast has much better knowledge of what’s safe (and unsafe). Even the Avast Firewall prompt is much better designed, adding context to the prompt, such as the executable reputation (something they inherited from Norton).

It also has no benefit over Trend Micro’s new programme warning or over Norton Insight’s warnings of new files (similar tactic).

So you see, this “innovation” has many different implementation and others are doing better job.
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
In Comodo, both the pre-execution and post-execution protections are abysmal, you are left just with the alert/prompt.
This is the reason why others don’t by default bother you with these prompts, because they’ve got other cards up their sleeve.
IIRC CF w/CS config dispenses with alert/prompts and puts malware and unknown files directly into containment. Then flush the sandbox.
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
I have NOT been getting false+ with Emsisoft and very few alerts.
Everything that is not digitally signed and not wbitelisted by their Anti-Malware Network will be quarantined. Zen Browser, Catsxp, Wonder share PDFelement, Joplin, and many other software got detected and I had to contact support to fix the FPs
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
And this is done automatically without any user interaction, right? The security products is taking the heavy-lifting for you which should always be the case.

I am sorry to say this, but Comodo approach is just dumb. Whether it is effective or not is heavily dependant on user, which should never be the case.
I think either you have not run CF w/CS settings or if you did, you missed a few, as it is not user-dependent. Also CF is just a firewall, so you can run it with MS Defender or a 3d-party AV. Kaspersky, eg, is a full internet suite. Cruelsister does not recommend running Comodo Internet Security. She runs CF with her settings.
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
I think either you have not run CF w/CS settings or if you did, you missed a few, as it is not user-dependent. Also CF is just a firewall, so you can run it with MS Defender or a 3d-party AV. Kaspersky, eg, is a full internet suite. Cruelsister does not recommend running Comodo Internet Security. She runs CF with her settings.
Yes I am not using CF. I tried it years ago. I prefer other solutions and I am not fond of running multiple products to get layered protection.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top