- Dec 30, 2012
- 4,809
COMODO Internet Security 10 BETA (Techie vs User)
- Thread starter Venustus
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- Aug 30, 2012
- 6,598
Educational and funny at the same time. They are hilarious 
- Dec 8, 2014
- 206
Really nice review. The only review I liked so far. Keep it up.
- Nov 18, 2015
- 104
- Jan 17, 2014
- 487
Really don't like how the notifications are through windows messages
Other then that seems like it acts pretty close to the last few versions (Unblock apps looks like a step in a ease of use direction)
I really don't think I will ever use the full product unless they put some serious effort into their AV as a first line of defense and since comodo seems unable and lacks drive in that direction well....ill probably never use the product again.
course' i could be wrong.
Other then that seems like it acts pretty close to the last few versions (Unblock apps looks like a step in a ease of use direction)
I really don't think I will ever use the full product unless they put some serious effort into their AV as a first line of defense and since comodo seems unable and lacks drive in that direction well....ill probably never use the product again.
course' i could be wrong.
- Apr 13, 2013
- 3,147
AV's should never ever be considered the first line of defense (the term zero-day comes to mind). Instead look at the AV as a cute but otherwise unnecessary addon to Comodo.
- Nov 18, 2015
- 104
thats why comodo is not for all users........
- Jan 17, 2014
- 487
Then Comodo should discontinue the farce that their AV has proven to be IMO
I mean the way I look at it is a layered approach but comodo has it backwards which is good as in its different but as nikos pointed out it really isn't for all users because of it.
for me its:
Web protection- very first line stops web threats (exploits malvertising, malicious URL's ect.)
AV- Second line (speaks for itself hopefully takes out 90%+ of threats)
Behavior blocker/Sandbox/HIPS- Takes out the leftovers.
Backups- IF something somehow bypasses detection then behavior blockers you have backups.
with comodo doing it backwards the AV really is redundant...why even develop one?
- Nov 18, 2015
- 104
- Apr 13, 2013
- 3,147
The most perfect comment I've read in quite some time! Sadly the answer is simple- ask any Home computer user the first thing that comes to mind when they think of computer security and the answer is invariably "AntiVirus". For the most part a non-uberGeek will totally disregard any security solution that lacks an AV for the simple reason of that lack. Look at the highly regarded Sandboxie and something like AppGuard- properly used (which in the case of an anti-exe is a stretch), the protection of either is excellent; if they now added a sub-optimal AV to their product would the base protection be in any way diminished? Of course not! But that's just what is happening to Comodo- by pandering to the masses and highlighting whatever jive-time AV protection methodology that they implement diminishes people from fully understanding the superior protection that the auto-sandbox gives them.
Remember that a sandbox is totally oblivious to whether malware is a few months or a few seconds old (unlike the AV), and also could care less from where that malware is executed from (Internet, Email, Local Hard drive) unlike an anti-exploit app. And as long as a person doesn't try to get cute by checking every option (as SOOOOOO often occurs) superior protection can be achieved without effort or confusion.
- Nov 18, 2015
- 104
comodo is not for everyone!!!!....for exaple..i download one video player..but its not its a virus but i dont know it.i run it and boom autosandbox because their av is bad...comodo protect me!!!!but i still believe that i downloaded its a video player...ofc installation fail because of sandbox.so i click at dont sandbox again....and boom!!!! infection!!!comodo will do nothing about it!!!(thats my experience ofc and keeps me away from comodo...sorry for my bad english!!!)
- Jan 17, 2014
- 487
I completely agree with everything your saying. I just from a personal standpoint wish they would ramp up their AV b ecause although its a slim chance maybe even a 1 in 100,000 chance that something could bypass the sandbox or "break out" of it. There is always that chance. So I personally believe that putting what seems to be 100% faith in the sandbox and non on the AV is what equates to (although very small chance remember!) a fools gambit. Just my two cents. You did hit the nail right on the head with what you said above so +1 from me
- May 11, 2014
- 1,639
So cruelsister, a sandbox will be able to stop brand new absolute zero-day malware, similar to AppGuard?
- Apr 13, 2013
- 3,147
Tony- The best explanation that I can give about a CF vs AppGuard difference is what happened to me last week. I was checking out some ransomware (either an Apocalypse or CryptVault- I forget which); and this malware will immediately encrypt files- and it was truly zero-day. Being distracted I ran it on my production system instead of on the VM! immediately I got the ransom screen popping up, but as I use CF on my system all I did was clear the box and all was well. With AppGuard (or any anti-exe) I would have gotten a "Do you want to run this" message; and if I was similarly distracted and answered Yes I would have been lost, totally and completely.
Now if you are the sort that never ever gets distracted and has perfect concentration at all times AppGuard would have been more than sufficient to protect you. But if you are actually Human I feel that CF is the better bet.
AM18- I perfectly understand that many are just a great deal more comfortable with an AV on board. easy enough to add a good one to a CF system. The majot point is that just because the Comodo AV is inferior should not detract from the excellence of the other modules, and much too often this is the case.
Now if you are the sort that never ever gets distracted and has perfect concentration at all times AppGuard would have been more than sufficient to protect you. But if you are actually Human I feel that CF is the better bet.
AM18- I perfectly understand that many are just a great deal more comfortable with an AV on board. easy enough to add a good one to a CF system. The majot point is that just because the Comodo AV is inferior should not detract from the excellence of the other modules, and much too often this is the case.
- Mar 1, 2014
- 1,708
There's no "Do you want to run this?" message with AppGuard. It just blocks. But I get what you're trying to say. Without file insights as to the legitimacy of the file, blocking or asking the user to run or not run is useless or even dangerous.
As to the new CIS, I'm not currently planning on trying it out. Maybe, I'll try it in the future, as I still have interest in Comodo's products.
- Apr 13, 2013
- 3,147
I will also wait until the product is released. Even though I continually use Comodo I feel that ANY beta product used as a primary defense on a production system is not acceptable.
Totally false, with Appguard, you will not have any prompts, just got an alert that notify the ransomware was blocked. You don't have to even be in front of the computer.
Appguard default principle is to block everything (not whitelisted) legit or not, launched from user-space.
If tighten via its setting you can even do more.
Please, don't gives wrong informations, many people watch your comments & videos and take them as true. Before stating something, verify you are correct.
This example of yours is pure amateurism, and clearly shows you didn't play with Appguard longer than to make a video ; You just lost credibility on this one.
I will add: any anti-executable is supposed to be used in Lockdown Mode (obviously on a clean installed system) then left at it is. If the user want install/launch a program (from user-space), he has to lower the protection himself and be sure the program is clean.
Anti-exes just blocks (hence the name), that is it; they are not supposed to analyze behaviors or give choices to the users.
If choices are what the user want, HIPS or BB are what they should look after.
Last edited by a moderator:
- Apr 13, 2013
- 3,147
Umbra, Umbra- a tad aggressive tonight aren't we (and I thought we were friends)? Yes you are indeed correct- on Lockdown mode things, including unsigned applications, will be prevented from running without user input. However how does an AppGuard user deal with an unsigned (and not whilelisted) application that is totally blocked? If that person will listen to AG and leave it blocked, then fine- they will indeed be protected; but if they consider it a FP, run it anyway outside of AG and it turns out to be malicious, then...
My point was just that virtualization technology gives the opportunity to see what will happen when an unknown program is run instead of just doing it. I wasn't in any way saying that AG is crap, but I hope you will agree that it takes a knowlegable hand to use it to its full potential.
My point was just that virtualization technology gives the opportunity to see what will happen when an unknown program is run instead of just doing it. I wasn't in any way saying that AG is crap, but I hope you will agree that it takes a knowlegable hand to use it to its full potential.
Last edited:
- Jul 3, 2015
- 8,153
some malware is sandbox-sensitive, so at the end of the day, the user still has to make a value-judgment, and decide on his own whether to trust an unknown program and allow it to run outside of sandbox.
yes maybe a bit
, had a bad sleep last night, we are still friend don't worry; maybe it is why i went harder on you than if you were a simple bystander. I highlighted the most interesting point of your sentence, "consider" is the keyword ; with an anti-exe (AG especially) there is nothing to consider, either the user let it blocked or he takes a risk by lowering AG's protection level.
An Anti-exe in my point of view, is not made for dynamic systems (aka user trying dozen of softwares, etc...) , you set a machine in one way and keep it like this ; if you really need to change something, so you have to cross-check the wannabe installed/launched program's legitimacy beforehand. You have many way to do that (hash comparison, reputation, etc...).
I don't know for other people but for me , there is no way i install a new program without first be sure it is clean even if it took me days to verify it.
I know what you meant , i just heavily pinpointed a misunderstanding you did.
I agree , virtualization/isolation let you play with the program first and let you see the result. it is also why i use them too.
However as you surely know it well, some modern malwares recognize sandboxes/virtualization environments and stop behaving maliciously so they gives a false sense of security to the classic user, which may run it un-isolated believing it is clean; or if the malicious program stop working in the sandbox, the user will think "the sandbox broke my apps, i should try it in real system instead"
In both case above, unless the user has the tools and skills to observe the whole run sequence and pinpoint that the malware just shut it down itself, he will believe the apps is clean.
About AG, it was never really intended for basic home users, it is a corporate-grade application used by admins and some security enthousiasts. A good knowledge of the system is required.
Last edited by a moderator:
Similar threads
