Comodo CIS Bug fix policy

[simmerskool]

But that’s been reported as well to be quite problematic, specifically with updates that haven’t been signed. Which shouldn’t even be released, but unfortunately, they still are. Isolated malware in the sandbox could also be blocked from connecting, which could as well be in the CS setup (probably is).
This would be the most sensible way to run it.

But this whole containment thing has absolutely no benefit over Avast in Hardened mode let’s say, or Webroot under similar settings. It has very little benefit even over MS Smart Screen Filter.
You end up with heavily restricted apps.
Games and similar software will not work properly and this is clearly mentioned in Comodo’s documentation.

The only difference is that Avast has much better knowledge of what’s safe (and unsafe). Even the Avast Firewall prompt is much better designed, adding context to the prompt, such as the executable reputation (something they inherited from Norton).

It also has no benefit over Trend Micro’s new programme warning or over Norton Insight’s warnings of new files (similar tactic).

So you see, this “innovation” has many different implementation and others are doing better job.

updates problematic, perhaps, Chuck57 seems not to have that problem, and I did not experience it when I ran CF w/CS config. But no benefit over Avast in hardened mode, you are probably right, I have unresolved issues with Avast and have not run Webroot in 10 - 12 year range. Agree with most of your comments above, although CF is free and Trend Micro & Norton are not free, with free you risk getting what you pay for...

 

[Trident]

with free you risk getting what you pay for...

More often than not, this is the case. In this case you are getting a neglected product, as mentioned earlier, the company CEO is openly telling users that it’s a take it or leave it sort of situation.
Expecting any improvements and bug fixes is unrealistic, Comodo charges people for “malware warranty” (insurance sort of product) and nothing from this revenue is actually invested in the product.

So yeah, this is what you are getting, when you can go online, pay 5-10 bucks literally and download a product that will get the job done, without all this mess and without the need to layer.

 

[simmerskool]

Everything that is not digitally signed and not wbitelisted by their Anti-Malware Network will be quarantined. Zen Browser, Catsxp, Wonder share PDFelement, Joplin, and many other software got detected and I had to contact support to fix the FPs

well I do admit to running less software than when I was a youngin' -- the software you mentioned, were they signed? Did vendors contact all AV vendors to get them cleared in advance. Just because something was blocked because it isn't signed or does not have a "reputation" does not mean it's a false+. I suppose we can differ on what is a false+. I'd rather error on the side of caution have an app blocked, then I can test it further. gets into area of distinctions between malicious, PUP PUA,
PS I just went to zen browser website or tried to but it was blocked by a browser extension not Emsisoft extension, so sounds like an issue with Zen and not Emsisoft...

 

[simmerskool]

Yes I am not using CF. I tried it years ago. I prefer other solutions and I am not fond of running multiple products to get layered protection.

fair enough. Lately I am preferring MS Defender hardened...

 

[simmerskool]

And how the verdict is decided? When an "unknown" application is contained, why happens next?

I flush the sandbox. If I really want the unknown app, I'd probably run it in an online sandbox, eg, hybrid-analysis, and others. Kaspersky threat portal...

 

[Divine_Barakah]

well I do admit to running less software than when I was a youngin' -- the software you mentioned, were they signed? Did vendors contact all AV vendors to get them cleared in advance. Just because something was blocked because it isn't signed or does not have a "reputation" does not mean it's a false+. I suppose we can differ on what is a false+. I'd rather error on the side of caution have an app blocked, then I can test it further. gets into area of distinctions between malicious, PUP PUA,
PS I just went to zen browser website or tried to but it was blocked by a browser extension not Emsisoft extension, so sounds like an issue with Zen and not Emsisoft...

Yes some of the blocked were digitally signed, but on Emsisoft management console it showed that the digital signature was invalid. That was the case with Wondershare PDFelement. I know what a FPs is and how Emsisoft reacts. The problem with how Emsisoft whitelist software is by whitelisting the file hash and then it will be ignored by BB. The next time you try to install an update for the previously blocked app, it will be blocked again.

 

[Trident]

.all the other AV out there have been bypassed. Not just a few times but hundreds of times, if not thousands.

There are not that many tests done over the years. AV-comparatives does 4-5 tests a year, and there are 3-4 other labs that do the same. Over the course of 10 years, there are no more than 100-200 tests, most of the times Norton misses 1-2 samples. So thousands of samples is very over-exaggerated. On many test, it doesn’t miss anything.
Don’t exaggerate

There is also no guarantee that it’s not the same sample missed on 2-3 labs tests. They do not supply any additional information to non-paying consumers, it’s all just for the paying vendors.
That perfect 6 is actually 5.something and there are differences, but they don’t even wanna reveal that. But also, Comodo does not participate on these tests. On the one that’s been referenced, nobody apart from Eset missed anything

Rubenking missed the golden opportunity to embarrass Melih by not video-documenting his tests.

That’s his protocol, he doesn’t document them. The AV labs don’t document anything either, it is a trust me, I’m an engineer sort of situation.
A lot of the so-called “documented” tests that I’ve seen have been bad as well, many of these channels are in it for the quick buck and nothing more than that.

 

[Pico]

I used it for years virtually at default settings. I didn't know what proactive was. Regardless, I never had any problems with malware of any kind.

More or less same here. Only made some tweaks to one of the default configs that came with CIS. Never ever used CS settings as I wish to let CIS control and monitor what apps (good and bad) plan to do on my system. I never ever even used Comodo containment feature only used Sandboxie every now and then for the things I didn't trust.

 

[rashmi]

Yes correct, but the CS config puts that button upfront so it's easier to flush. But yeah that IS one reason I'm not running CF

If my memory serves me right, CF resets the containment when the system restarts. In Auto-Containment Settings, you can choose "Block" from the "Action" drop-down for the Unrecognized Applications Rule. The rule blocks, not contains, both unrecognized files and programs.

 

[Chuck57]

All I can tell anybody, me not being a techie by any stretch, is that Comodo Firewall works and works well. The antivirus - better than nothing but only barely.

I ran it for years as it was downloaded, changing or setting nothing, because I didn't know anything about settings. Mostly, I still don't and I don't want to. I want software to work out of the box, saving me from having to fiddle with with it. Comodo firewall has done just that.

Has it protected me? Yes, at least 3 or 4 times over the years, mostly from myself when I went through a period of downloading and trying all sorts of software from pirate websites, all of whom I suspect are long gone today. That's what I'd do for hours every day, download on a dialup network and check out this or that piece of software. Anyway, in the last many years, I don't think I've encountered a virus or any other malware. of any kind.

Still, Comodo firewall is there, now and for the past few years with Cruelsister settings. And it will remain until it fails. Because, so far it works.

 

[simmerskool]

I ran it for years as it was downloaded, changing or setting nothing, because I didn't know anything about settings. Mostly, I still don't and I don't want to. I want software to work out of the box,

@Chuck57 we disagree on this point, ie, some years ago when I initially tried CF, I found it difficult and overwhelming -- quickly uninstalled it. Then found cruelsister settings, aka cruelcomodo, and ran it for few years with little or no problems. I have the current 2025 w/CS config on a VM, but do not run it that often, as I prefer other options.

 

[bazang]

There are not that many tests done over the years. AV-comparatives does 4-5 tests a year, and there are 3-4 other labs that do the same. Over the course of 10 years, there are no more than 100-200 tests, most of the times Norton misses 1-2 samples. So thousands of samples is very over-exaggerated. On many test, it doesn’t miss anything.
Don’t exaggerate

The total number of bypasses or security failures observed by antivirus lab tests (all of them, including ones that no longer exist such as Matousec and Antimalware Test Lab) going back to when Comodo was released. The total number bypasses or FUD observed in those AV lab tests is in the hundreds for all the leading "brand name" or 1st, 2nd, and 3rd tier solutions that currently exist. For some it totals more than 1000.

The AV labs don’t document anything either, it is a trust me, I’m an engineer sort of situation.

The labs document everything, just not for public release except when required to do so under AMSTO and other industry accreditation and contractual agreements.

 

[Behold Eck]

All I can tell anybody, me not being a techie by any stretch, is that Comodo Firewall works and works well. The antivirus - better than nothing but only barely.

I ran it for years as it was downloaded, changing or setting nothing, because I didn't know anything about settings. Mostly, I still don't and I don't want to. I want software to work out of the box, saving me from having to fiddle with with it. Comodo firewall has done just that.

Has it protected me? Yes, at least 3 or 4 times over the years, mostly from myself when I went through a period of downloading and trying all sorts of software from pirate websites, all of whom I suspect are long gone today. That's what I'd do for hours every day, download on a dialup network and check out this or that piece of software. Anyway, in the last many years, I don't think I've encountered a virus or any other malware. of any kind.

Still, Comodo firewall is there, now and for the past few years with Cruelsister settings. And it will remain until it fails. Because, so far it works.

Nothing much that I can add here except to mention how light on resources Comodo is and compatable with other software .

Regards Eck

 

[Chuck57]

@Chuck57 we disagree on this point, ie, some years ago when I initially tried CF, I found it difficult and overwhelming -- quickly uninstalled it. Then found cruelsister settings, aka cruelcomodo, and ran it for few years with little or no problems. I have the current 2025 w/CS config on a VM, but do not run it that often, as I prefer other options.

I don't remember it being overwhelming. I recall a lot of pop ups, either HIPS or firewall initially. I've got 2025 on this laptop and not a problem in Lycia theme. I don't care for the new UI. As always, no troubles to report, but I'm not paranoid and don't fiddle with settings, thinking I can make it better.

 

[Pico]

Using CFW with default settings isn't a good idea, CFW doesn't check IPv6 per default so you leave that door wide open.

 

[Pico]

Nothing much that I can add here except to mention how light on resouces Comodo is

If you don't encounter those cmddata and high cpu bugs...

 

[Behold Eck]

I don't remember it being overwhelming. I recall a lot of pop ups, either HIPS or firewall initially. I've got 2025 on this laptop and not a problem in Lycia theme. I don't care for the new UI. As always, no troubles to report, but I'm not paranoid and don't fiddle with settings, thinking I can make it better.

Could be the Custom Ruleset setting which can be a bit chatty initially but that`s to be expected ? After a few days the alerts are fewer of course.

Regards Eck

 

[Chuck57]

Could be the Custom Ruleset setting which can be a bit chatty initially but that`s to be expected ? After a few days the alerts are fewer of course.

Regards Eck

This new version, which I'm not sure is all that new inside other than the GUI, is very quiet. Install, go through the 4 or 5 things Cruelsister suggests and like always, leave it alone. I couldn't ask for anything better. Solid and non intrusive protection with minimal involvement.

 

[Behold Eck]

This new version, which I'm not sure is all that new inside other than the GUI, is very quiet. Install, go through the 4 or 5 things Cruelsister suggests and like always, leave it alone. I couldn't ask for anything better. Solid and non intrusive protection with minimal involvement.

I think CS now recommends Safe Mode but I enable the Custom Ruleset just to keep an eye on what`s phoning home, but the alerts are few and far between.

Regards Eck

 

[Pico]

This new version, which I'm not sure is all that new inside other than the GUI, is very quiet. Install, go through the 4 or 5 things Cruelsister suggests and like always, leave it alone. I couldn't ask for anything better. Solid and non intrusive protection with minimal involvement.

CS Solid and Non intrusive protection? CS setting leaves that IPv6 door wide open...