Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Comodo Firewall 10 Setup
Message
<blockquote data-quote="AtlBo" data-source="post: 640791" data-attributes="member: 32547"><p>Looked at this extensively this AM. Definitely, Comodo should split unblocking into three parts and place it all in the "Unblock Applications" area. Also, this means to me that the option to "Unblock this application" on the Containment alert should be replaced with standard text "Unblock using 'Unblock Applications' on the widget". It's a long story, but there is too much pressure on users to answer to this alert at the exact time they want to see what a program will do. A couple of other little caveats about "Unblock this application" on the Containment alert. As things are, this also leads to even a completely unknown file/app being classified as "Trusted". This should never happen, and it's absolutely not in the first sense necessary. Even if the link on the alert were a good idea, it could easily create a Containment allow rule that doesn't require the File/App to carry the "Trusted" rating. This is what this type of rule should look like in the first place: Appname->rating "Unrecognized"->Ignore. Literally there is not one reason for it to be any other way. On the plus side only one rule, the Containment rule, is created by using the alert link to unblock in comparison to the full security off for a file/app effect of "Unblock Applications" from the widget. Not that it matters though, because the same damage is done with when the alert unblock issues the "Trusted" rating to the file/app.</p><p></p><p>After really looking it over with a fine tooth comb, I think Comodo need to do this, although I don't feel like pressing them about anything right now. I do want users here to know, that they will have to manually make changes if they use the Comodo unblock dialogs anywhere. The way things are is hurting the value of Firewall and HIPs imo...<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p></p><p>EDIT: If you are an orthodox user of [USER=7463]@cruelsister[/USER]'s settings, you can handle this her way. She believes in HIPs off anyway, so the file rating of "Trusted" isn't going to affect them for you. The only time you may run into an issue is if you decide to run an application outside of Containment that is Auto-contained. With cs' settings, you won't have HIPs to tell you what the app/file wants to do outside of the container. For sure, HIPs isn't perfect anyway. One or two HIPs allows can alone allow the full damage of a malicious program. You also won't get Firewall alerts for "Trusted" applications if you like to control those. Anyway, you are probably still well protected running a self-trusted app outside containment from many/most malwares, assuming you are using Advanced->Miscellaneous->Do heuristic command-line analysis. As far as I know, cs leaves this enabled which I recommend to the highest degree at this point. I take it one step further and recommend enabling all of the protections available via that dialog in the "certain applications" area. I haven't run into any hassles doing this for about 3 months now.</p><p></p><p>Above the EDIT is for those who really want the full layered protection capability of Comodo (CIS/Firewall) basically.</p></blockquote><p></p>
[QUOTE="AtlBo, post: 640791, member: 32547"] Looked at this extensively this AM. Definitely, Comodo should split unblocking into three parts and place it all in the "Unblock Applications" area. Also, this means to me that the option to "Unblock this application" on the Containment alert should be replaced with standard text "Unblock using 'Unblock Applications' on the widget". It's a long story, but there is too much pressure on users to answer to this alert at the exact time they want to see what a program will do. A couple of other little caveats about "Unblock this application" on the Containment alert. As things are, this also leads to even a completely unknown file/app being classified as "Trusted". This should never happen, and it's absolutely not in the first sense necessary. Even if the link on the alert were a good idea, it could easily create a Containment allow rule that doesn't require the File/App to carry the "Trusted" rating. This is what this type of rule should look like in the first place: Appname->rating "Unrecognized"->Ignore. Literally there is not one reason for it to be any other way. On the plus side only one rule, the Containment rule, is created by using the alert link to unblock in comparison to the full security off for a file/app effect of "Unblock Applications" from the widget. Not that it matters though, because the same damage is done with when the alert unblock issues the "Trusted" rating to the file/app. After really looking it over with a fine tooth comb, I think Comodo need to do this, although I don't feel like pressing them about anything right now. I do want users here to know, that they will have to manually make changes if they use the Comodo unblock dialogs anywhere. The way things are is hurting the value of Firewall and HIPs imo...:) EDIT: If you are an orthodox user of [USER=7463]@cruelsister[/USER]'s settings, you can handle this her way. She believes in HIPs off anyway, so the file rating of "Trusted" isn't going to affect them for you. The only time you may run into an issue is if you decide to run an application outside of Containment that is Auto-contained. With cs' settings, you won't have HIPs to tell you what the app/file wants to do outside of the container. For sure, HIPs isn't perfect anyway. One or two HIPs allows can alone allow the full damage of a malicious program. You also won't get Firewall alerts for "Trusted" applications if you like to control those. Anyway, you are probably still well protected running a self-trusted app outside containment from many/most malwares, assuming you are using Advanced->Miscellaneous->Do heuristic command-line analysis. As far as I know, cs leaves this enabled which I recommend to the highest degree at this point. I take it one step further and recommend enabling all of the protections available via that dialog in the "certain applications" area. I haven't run into any hassles doing this for about 3 months now. Above the EDIT is for those who really want the full layered protection capability of Comodo (CIS/Firewall) basically. [/QUOTE]
Insert quotes…
Verification
Post reply
Top