- Apr 13, 2013
- 3,151
Or maybe Lin...or ditch windows for a Chromebook.
M$ should be able to at least do something about blocking executables from Unknown Publishers, but of course they haven't figured this out yet or they don't care to. Unless they've done so with SAC but I don't know about this.
UAC is an old idea from the beginning of the century,
An owner of personal device has no benefit, they will press “yes” and will enter the password.
This is especially and true. I've been guilty of, although not burned by it yet, this reaction to UAC prompts..
Comodo is indeed a strong solution. I found the usability has drastically improved, for unsigned programs too, when I recently tested beta 3. If you know Comodo, you can add signed vendors, trust or ignore programs, and configure settings and other advanced settings to further improve usability and protection. If I remember correctly, in the initial Comodo versions, the default internet security configuration trusted everything on the system installed before Comodo. This was also good for a new set-up or clean system. The internet security configuration was a balanced approach, with the AV and disabled HIPS working passively with modules.Comodo's Auto-containment alerts can indeed be a much better idea. But there are also some cons of using Comodo.
"User" means a techie.
UAC or any alert is just a "click yes/allow to win" game for most people. Vendors automate security solutions nowadays for a reason. Security is like a secret language that only a few bother to learn.
@Andy Ful What are some cons of using Comodo, according to you?
I can remember a time when installing CIS and restarting the system without it crashing was considered a milestone.It bricked my system a few times.
I think that Comodo's default configuration can be OK for most users. But, other AVs are OK on defaults, too.
The problems can appear when the user wants to improve the security. One can use @cruelsister settings based on Proactive configuration + no-HIPS - it avoids most bugs. However, such a restrictive setup is not popular among Comodo users.
Edit.
The solutions based on sandboxing are not popular, because many users are not sure what is sandboxed and what is not. Some application features can be sandboxed and others can run in the real system. Some files can be saved in the sandbox and some not. Yes, sandboxing can be sometimes more inconvenient and confusing than UAC.