App Review Comodo Firewall vs Ransomwares

[Fel Grossi]

Nice job from COMODO.

Thanks.

 

[Faybert]

Comodo it is the best current protection against 0 day ransomware and malware.

 

[AlanOstaszewski]

I don't understand why you are so afraid of ramsonware. It is incohomprensible for me because you are experts and be not prone to these infections., I have never seen one of them in my life, nor do I fear viruses. a long time ago, that I have not seen any. even though I download keygens and cracks. Perhaps if i can understand them, the Concern by protecting the equipment of their families and customers, they are prone, Although it is not bad to learn the terms and types of infections and see how they attack in video training..

@Claudiano said that Comodo is good against zero-day malware. He doesn't said that he is afraid of ransomware.

 

[TairikuOkami]

I speak of all those who install protection and do not need it, those who watching a million manuals and live scared knowing that it is impossible to infect their computers. LOL

It is a vicious circle. Software like Comodo or VoodooShield are used by people, who do not need it. People, who could take advantage of them, will never use them.
I do not even bother with AV or firewalls, because it is impossible to get infected, like by clicking on a link or whatever, I would actually had to install it by myself.

 

[Faybert]

I speak of all those who install protection and do not need it, those who watching a million manuals and live scared knowing that it is impossible to infect their computers. LOL

If you think that nobody needs protection, that is wasted time and etc., and that it is impossible to be infected, what are you doing then in a security forum?
And since it says you are not afraid, why then use a security product? (Emsisoft)

 

[TairikuOkami]

Security forums are great sort of informations about new threats, how to mitigate them and about, how malware works.
TV news usually say: Users click on the link and magically get infected. Update your OS and AV, but does not really help.

 

[Andy Ful]

What happens, is that many people in this website, have impeccable habits to manage their systems to the thousand wonders, have prevention -flash-java, lists of malicious ips and remote sites for hosts and firewall rules to deny the connectivity before the infection tries to enter.. They know how to make their own hard rules in windows with Local group policy, gpedit.msc, user basic or limited accounts, they know how to create antiexes techniques, anti.powershell, anti.cmd, anti.msi, antiDcom for vulnerable ports&protocols, LLMNR, netbios. That is the reason, many in here have their systems prepared with all saved configuration to distribute to all user profiles through reg files.
then, Why do they install so much protection despite their impressive rules?
If they do not even get to see the malware in their host pc at all. It's an osgi to test software, a security paranoia the same who live in a nuclear atmosphere, and vicious circle as you said.

There is a simple answer. Many MalwareTips members are a little paranoid about security. It is OK, and sometimes can be cured when people get older.

 

[bribon77]

To all of us who like safety issues, we are a bit paranoid ... for that reason we have learned something ... over time we realize that it does not take much to be protected ...
(I hope you understand)

 

[The paranoid one]

I think you're calling me. No, seriously, I think I'm doing the reverse way, before I was much more paranoid, but now I'm learning from many MT members and I'm a little more relaxed
I'm very happy with this test because I'm a CF user and I love to be informed

 

[509322]

It is a vicious circle. Software like Comodo or VoodooShield are used by people, who do not need it. People, who could take advantage of them, will never use them.

Security forums are great sort of informations about new threats, how to mitigate them and about, how malware works.
TV news usually say: Users click on the link and magically get infected. Update your OS and AV, but does not really help.

These will never change. Even with digital devices being more and more a part of everyday life and increasing knowledge, these still will not change. And when I say never, I mean never. They will never change - ever.

 

[Andy Ful]

These will never change. Even with digital devices being more and more a part of everyday life and increasing knowledge, these still will not change. And when I say never, I mean never. They will never change - ever.

Never say Never.

Will we be frogs or apes, in the end?

 

[danb]

It is a vicious circle. Software like Comodo or VoodooShield are used by people, who do not need it. People, who could take advantage of them, will never use them.
I do not even bother with AV or firewalls, because it is impossible to get infected, like by clicking on a link or whatever, I would actually had to install it by myself.

You bring up some great points, but please understand that users have always assumed that if they had AV installed, they would not be infected. Trust me, things are changing.

So how do I know this? Well, I cannot count the number of times in the last (almost) 20 years that a client of mine looked me dead in the eye and asked "I have AV software, how did I get a virus?"

So then how do you fix this? Well, you cannot lockdown a computer all of the time... this has been rejected by end users, SMB and the enterprise for 10+ years now.

Quite simply, you lock the computer when it is at risk. I mean, in all fairness, you do not wear a condom throughout the day, right? That would be rather inconvenient... you wear one when you are at risk.

We have 3 choices.

1. Do not lock the computer at all... obviously not an option.
2. Lock the computer all of the time... proven time and time again to not be an option.
3. Lock the computer when it is at risk, and build the tiny, customized whitelist automatically for the user when the computer is not at risk.

It always cracks me up when people say "our deny by default software is so simple to use, my grandma can use it"... when I seriously am unable to use the software.

People are locking their computers when they are at risk now... it will just take a little more time to let everyone know.

 

[danb]

BTW, if anyone comes up with a forth option... you will be a billionaire, so just remember me .

 

[509322]

I was at a hospital today that got smacked by EB\DB\WannaCry. WannaCry killed their patient information system, the phone system, the medication tracking & dispensing system, internet connected medical equipment, along with all their servers & workstations. The younger staff members who only know digital, and not pencil-and-paper, did not know how to cope when it happened. Since the phone system was borked, they could not make any "Code Blue" calls over the PA system and the staff had to physically run downstairs to the Intensive Care department to locate a response team member. Information required to perform safe surgeries was inaccessible. There is no longer a paper-based backup system in-place.

After systems clean-up the hospital was offered multiple solutions - because no single solution could protect the full range and complexity of a hospital's digital protection needs.

The hospital administration refused every single solution offered.

Explanation ? None given, but you can pretty much guess a single word explains it - money.

 

[danb]

Yeah, I have talked with a lot of companies the last 6+ years, so I understand your frustration.

Ultimately, most companies are reluctant to change their security software simply because they realize that the change would be extremely daunting (and potentially costly), and in the end, decide it is probably not worth it, simply because they believe that they will probably not be any more protected than they currently are.

This is true for all security solutions, and especially true for deny-by-default / non-traditional solutions.

Luckily for VS, we do not have to convince them to change their security software… we simply have to make them realize that their endpoints need to be locked when they are at risk, which is quite easy to do.