- Feb 7, 2014
- 1,540
Comodo Internet Security Test
- Thread starter Terry Ganzi
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- Feb 7, 2014
- 1,540
Here is an interesting quote by Melih=
Melih
Re: CIS Certifications, Test Results & Reviews
« Reply #1741 on: January 23, 2015, 09:01:49 AM »
Why should we have to `detect` the malware if we already protect you from it using some other mechanism?
https://forums.comodo.com/news-anno...sults-reviews-t61263.0.html;new;topicseen#new
Melih- CEO - Comodo
- Administrator
- Comodo's Hero
-
-
Re: CIS Certifications, Test Results & Reviews
« Reply #1741 on: January 23, 2015, 09:01:49 AM »
Why should we have to `detect` the malware if we already protect you from it using some other mechanism?
https://forums.comodo.com/news-anno...sults-reviews-t61263.0.html;new;topicseen#new
- Apr 13, 2013
- 3,224
A number of issues with this video-
1). The tester should understand that a keylogger has to have a transmitter as well as a data collector. A simple Firewall tweak stops the transmitter by preventing it from connecting out.
2). What exactly are "Advanced Settings"?
3). Notice that none of the undetected malware was run, so the Sandbox (the most effective module in Comodo) was never tested.
Also- "Why should we have to `detect` the malware if we already protect you from it using some other mechanism?"
This is exactly the Philosophy used by products currently being offered in the Enterprise mspace. With the advent of advanced scripting worms and targeted attacks, most realize that traditional methods of malware detection are totally inadequate.
1). The tester should understand that a keylogger has to have a transmitter as well as a data collector. A simple Firewall tweak stops the transmitter by preventing it from connecting out.
2). What exactly are "Advanced Settings"?
3). Notice that none of the undetected malware was run, so the Sandbox (the most effective module in Comodo) was never tested.
Also- "Why should we have to `detect` the malware if we already protect you from it using some other mechanism?"
This is exactly the Philosophy used by products currently being offered in the Enterprise mspace. With the advent of advanced scripting worms and targeted attacks, most realize that traditional methods of malware detection are totally inadequate.
- Apr 13, 2013
- 3,224
No, they weren't. Isn't that odd? The first part of the test was at default settings (sandbox off). In the second part (with whatever "advanced settings" means) the SB was enabled, but only scans were done on the malware directory with Comodo, MB, and HMP.
- Apr 13, 2013
- 3,224
The person that uploaded the video never showed what settings were used.
Here is an interesting quote by Melih=
- CEO - Comodo
- Administrator
- Comodo's Hero
Re: CIS Certifications, Test Results & Reviews
« Reply #1741 on: January 23, 2015, 09:01:49 AM »
Why should we have to `detect` the malware if we already protect you from it using some other mechanism?
https://forums.comodo.com/news-anno...sults-reviews-t61263.0.html;new;topicseen#new
Melih means the virtual sandbox - which does nothing to prevent data theft using CIS' default settings. Tweak the sandbox and firewall settings and it does indeed protect system.
It is precisely because of this that Comodo will not improve AV. I wouldn't be surprised if it is eventually removed altogether.
The real issue is that typical user will not know what a file is doing while sandboxed... they won't know if it is safe or malicious... even with HIPS enabled and alerts.
Light virtualization is not a complete security solution.
In the comments box
Code:
I've been asked what is the advanced settings for the Comodo, here it is.
1. Configuration settings are set to "Proactive Security".
2. Under "Realtime scan" menu, "Use heuristics scanning" is set to "Medium".
3. In both (quick and full) scan settings, the "Use heuristics Scanning" are set to "Medium". I personally find the default setting of "Low" to be useless, while the "High" setting does and will find false positives.
4. "Use cloud while scanning" is selected in both scan settings.
5. Under "Automatically clean threats", "Quarantine threats" is selected for both.
6. "Detect potentially unwanted applications" is selected for both, the quick and full scan settings. Under previous versions these weren't selected by default.
7. Firewall settings, all are selected under the "Advanced" category, Filter IPv6, Filter loopback traffic, and etc.
8. Under the "Firewall Tasks" menu, "Block Incoming Connections" is selected for the "Stealth Ports" category.The kind of modules CIS has & AV being mediocre & they too say that AV is there for known detection, other modules are for protection, I think they should go for smart local databases i.e critical, circulating & latest malware & full databases in the cloud.
Does changing the configuration i.e from Internet Security to Proactive Security needs system restart?
I wouldn't hold your breath on any of it...
Main issues with Comodo Cloud - it is unreliable and file verdicts are very slow...
Oh, I'm sure Comodo is aware of the issues... what exactly they will fix is an entirely different matter...
Comodo Cloud is not a real Cloud AV.
They should make it a real Cloud AV.
For ex- Panda Cloud AV - The maximum default time is 30 secs to return file verdict. Guess normally its quick but for some reason if there is delay, Panda will wait for 30 secs for file verdict & not allow the file to run, right?
Guess after 30 secs, the file is allowed to run?
Similar threads
