Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Comodo Internet Security 11 Review | Test vs Malware
Message
<blockquote data-quote="AtlBo" data-source="post: 760315" data-attributes="member: 32547"><p>If I may. So in the Leo video, the activity is sandboxed version of the file spawning and then running to run its twin outside the box? The twin then asks for permissions it would not have been able to request in the sandbox (game over when this is able to execute). I feel like straight up this is a bypass now that [USER=37647]@shmu26[/USER] brings this into view and the facts on the file status have been revealed. It would take HIPS to catch this and then on Paranoid Mode.</p><p></p><p>If this a bypass, should it be classified another instance of the Comodo Cloud assigning incorrect trust to the file?</p><p></p><p>Reading all of the posts, I am struck by the data that is available to Comodo for keeping file statuses updated. They are doing the reputation work, but it seems that changes that could easily be autiomated (and happen very quickly) are languishing for ages (2010 or 2014). Wondering out loud here, but I wonder if something in the Comodo Cloud data crunching datasets sort of made the determination to care less about this file...maybe based on a low harmfulness rating or something? This is all I can come up with. Still, had this been a serious thing, it would have been a big problem if I understand the situation correctly.</p><p></p><p>One thing this video and discussion maybe can do is help highlight the differences between the versions. There are serious differences in the way the programs affect or issue trust to a file. CF is I feel less a reputation service than CIS or CCAV, because it doesn't (seems to me at least) rely heavily on the cloud. It's the simplest of the 3. I hear the other differences too, for example, the alerts from CCAV each with an opportunity to bork the sacred trust rating and wreck the system. All this brings me back to the simple settings for Comodo that do work for getting unvalidated (by proper digital signature) into a sandbox. This is further limited some by the TVL. It's actually pretty good even if long. Also, HIPS can help identify what the application wants to do if a user cares to know. CF is at least good for this, if maybe prone to a cloud mistake here or there->DEFINITELY a BIG problem if so that must be addressed. Just not sure I have all the pieces put together yet to say that this is 100% sorriness. I mean it could be at least a significant portion of "try hard with a little bit of cunning mixed in" (translated "ignore pulling together our facts on older and non-serious threats until we get caught up").</p><p></p><p>Anyway, CF is free and simple and it rarely takes a hit. Interesting it did here and in Leo's video of all things...</p></blockquote><p></p>
[QUOTE="AtlBo, post: 760315, member: 32547"] If I may. So in the Leo video, the activity is sandboxed version of the file spawning and then running to run its twin outside the box? The twin then asks for permissions it would not have been able to request in the sandbox (game over when this is able to execute). I feel like straight up this is a bypass now that [USER=37647]@shmu26[/USER] brings this into view and the facts on the file status have been revealed. It would take HIPS to catch this and then on Paranoid Mode. If this a bypass, should it be classified another instance of the Comodo Cloud assigning incorrect trust to the file? Reading all of the posts, I am struck by the data that is available to Comodo for keeping file statuses updated. They are doing the reputation work, but it seems that changes that could easily be autiomated (and happen very quickly) are languishing for ages (2010 or 2014). Wondering out loud here, but I wonder if something in the Comodo Cloud data crunching datasets sort of made the determination to care less about this file...maybe based on a low harmfulness rating or something? This is all I can come up with. Still, had this been a serious thing, it would have been a big problem if I understand the situation correctly. One thing this video and discussion maybe can do is help highlight the differences between the versions. There are serious differences in the way the programs affect or issue trust to a file. CF is I feel less a reputation service than CIS or CCAV, because it doesn't (seems to me at least) rely heavily on the cloud. It's the simplest of the 3. I hear the other differences too, for example, the alerts from CCAV each with an opportunity to bork the sacred trust rating and wreck the system. All this brings me back to the simple settings for Comodo that do work for getting unvalidated (by proper digital signature) into a sandbox. This is further limited some by the TVL. It's actually pretty good even if long. Also, HIPS can help identify what the application wants to do if a user cares to know. CF is at least good for this, if maybe prone to a cloud mistake here or there->DEFINITELY a BIG problem if so that must be addressed. Just not sure I have all the pieces put together yet to say that this is 100% sorriness. I mean it could be at least a significant portion of "try hard with a little bit of cunning mixed in" (translated "ignore pulling together our facts on older and non-serious threats until we get caught up"). Anyway, CF is free and simple and it rarely takes a hit. Interesting it did here and in Leo's video of all things... [/QUOTE]
Insert quotes…
Verification
Post reply
Top
