Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Comodo
Comodo CIS Bug fix policy
Message
<blockquote data-quote="Decopi" data-source="post: 1101362" data-attributes="member: 67091"><p>You're right. However, please allow me some clarifications:</p><p></p><p>As you know, at Comodo one module is the Containment, and another module is the Firewall.</p><p></p><p>Containment is a dumb blocker, based on a "known"/"unknown" list. Since that list has not been updated for 15 years, Comodo tends to block tons of valid executables. Still, it has been proven many times that Containment is vulnerable and can be bypassed. Even in the past, Comodo itself labeled as "known" (valid) executables that were viruses/malware, and obviously bypassed Containment. But as you rightly say, at first you expect a blocker, no matter how dumb it is, to block all files that are "unknown". And in this context, making a video showing a fake svchost ("unknown") blocked by Containment... makes no sense.</p><p></p><p>Now, the Firewall module in Comodo by default considers hundreds of files as "safe"/"trusted", allowing free comms. As you rightly say, C:\Windows\System32\Svchost is one of those hundreds of files considered "safe"/"trusted", therefore at Comodo it has free comms. Therefore at Comodo, a virus/malware can hijack svchost, and the Firewall will be bypassed. This is not a bug, it is a design flaw, because Comodo Firewall does not allow customization of "safe"/"trusted" files, and "safe"/"trusted" is an arbitrary outdated list of hundreds of files. Therefore, Comodo Firewall is a placebo.</p><p></p><p>In this context, it is a fallacy to make a video showing that Containment blocked a virus/malware, for three reasons:</p><p></p><p>1. With Containment disabled, the Firewall would allow the virus/malware to hijack svchost, and worse, the Firewall would allow free comms. No honest video can hide Comodo Firewall's flaw;</p><p></p><p>2. If the fake argument here is "Firewall worked because comms were containerized/sandboxed", then you can eliminate the Firewall because this fake argument implies that everything can be done just with the Containment;</p><p></p><p>3. With Containment enabled, if the virus/malware is blocked, it proves nothing about the Firewall!</p><p>Containment cannot tell you anything about the Firewall, that's a fallacy!</p><p></p><p>And even if a video shows a blocked virus/malware by Containment, that's a manipulation, because for every virus/malware blocked by Containment there are other viruses/malwares that are NOT blocked. No software is perfect, none blocks 100%, just as no antivirus/antimalware is 100% efficient. It's an irresponsible dishonest selective manipulation to show whatever Comodo Containment blocks, when there are always viruses/malware that are not blocked and can bypass Comodo Containment.</p></blockquote><p></p>
[QUOTE="Decopi, post: 1101362, member: 67091"] You're right. However, please allow me some clarifications: As you know, at Comodo one module is the Containment, and another module is the Firewall. Containment is a dumb blocker, based on a "known"/"unknown" list. Since that list has not been updated for 15 years, Comodo tends to block tons of valid executables. Still, it has been proven many times that Containment is vulnerable and can be bypassed. Even in the past, Comodo itself labeled as "known" (valid) executables that were viruses/malware, and obviously bypassed Containment. But as you rightly say, at first you expect a blocker, no matter how dumb it is, to block all files that are "unknown". And in this context, making a video showing a fake svchost ("unknown") blocked by Containment... makes no sense. Now, the Firewall module in Comodo by default considers hundreds of files as "safe"/"trusted", allowing free comms. As you rightly say, C:\Windows\System32\Svchost is one of those hundreds of files considered "safe"/"trusted", therefore at Comodo it has free comms. Therefore at Comodo, a virus/malware can hijack svchost, and the Firewall will be bypassed. This is not a bug, it is a design flaw, because Comodo Firewall does not allow customization of "safe"/"trusted" files, and "safe"/"trusted" is an arbitrary outdated list of hundreds of files. Therefore, Comodo Firewall is a placebo. In this context, it is a fallacy to make a video showing that Containment blocked a virus/malware, for three reasons: 1. With Containment disabled, the Firewall would allow the virus/malware to hijack svchost, and worse, the Firewall would allow free comms. No honest video can hide Comodo Firewall's flaw; 2. If the fake argument here is "Firewall worked because comms were containerized/sandboxed", then you can eliminate the Firewall because this fake argument implies that everything can be done just with the Containment; 3. With Containment enabled, if the virus/malware is blocked, it proves nothing about the Firewall! Containment cannot tell you anything about the Firewall, that's a fallacy! And even if a video shows a blocked virus/malware by Containment, that's a manipulation, because for every virus/malware blocked by Containment there are other viruses/malwares that are NOT blocked. No software is perfect, none blocks 100%, just as no antivirus/antimalware is 100% efficient. It's an irresponsible dishonest selective manipulation to show whatever Comodo Containment blocks, when there are always viruses/malware that are not blocked and can bypass Comodo Containment. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
