Hey guys,
I would like to clear the trusted vendors list, would it have any conflict with my system stability?
I would like to clear the trusted vendors list, would it have any conflict with my system stability?
Last edited:
Question regarding Trusted Vendors List (TVL)
- Thread starter Ryushi
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Status
- Mar 23, 2015
- 555
Theoretically, I think it would be fine if you enable Cloud Lookup and "Trust files installed by trusted installers".
However, "theory" can be different from "practice". So, I think reserving Microsoft and vendors of the drivers in your TVL could be a good practice.
Please note that, when the Cloud Lookup is enabled and you execute a signed file that is recognized as "Trusted" by Comodo Cloud, then the digital sign will be automatically added to TVL.
However, "theory" can be different from "practice". So, I think reserving Microsoft and vendors of the drivers in your TVL could be a good practice.
Please note that, when the Cloud Lookup is enabled and you execute a signed file that is recognized as "Trusted" by Comodo Cloud, then the digital sign will be automatically added to TVL.
The method you use might cause CIS to treat some files as Unrecognized.
In that case, all you have to do is change rating from Unrecognized to Trusted.
In that case, all you have to do is change rating from Unrecognized to Trusted.
If there is any Unrecognized file that is executed, CIS will treat it according to your settings. At default, it will auto-sandbox. It has happened to me rarely, and never caused an issue on Intel systems. On AMD systems it caused problems with graphics drivers.
All you have to do is change the file rating from Unrecognized to Trusted. This should fix almost all problems.
As files are loaded into memory, CIS will perform a cloud query and rebuild the local TVL - specific to what is on your system. This is the recommended practice as it eliminates all unneeded vendors from the list. It is the most secure method.
COMODO updates do not restore the TVL.
Are Local & Cloud TVL different? I know Cloud TVL is like full TVL or huge TVL.
I mean whatever Vendors are in Local TVL, are not in Cloud TVL?
I mean whatever Vendors are in Local TVL, are not in Cloud TVL?
- CIS scans files on your system and obtains digital certificate infos.
- Then it compares those signatures to all the signatures in the TVL.
- If there is a match between the local and cloud digital certificates, then CIS will treat as Trusted and add vendor to local TVL.
So, in a nutshell, whatever is on local TVL is in cloud TVL - UNLESS you manually add a vendor to the local TVL that is not in the cloud TVL.
User can manually add vendors to their local TVL and this will not be added to the cloud TVL. One must submit a digitally signed file to COMODO for the vendor to be added to the TVL. The vendor is not added to the cloud TVL until the file(s) are manually analyzed by a COMODO technician. It is done this way for maximum possible security.
The huge local TVL when you first install CIS is for convenience.
So if whatever is on local TVL is on cloud TVL, then whats the benefit of removing vendors from local TVL?
I mean suppose you are removing vendors that you think shouldn't be there for some reasons but if the cloud TVL has all the local TVL vendors too then wont the product from those vendors still be trusted with cloud checkup?
I mean suppose you are removing vendors that you think shouldn't be there for some reasons but if the cloud TVL has all the local TVL vendors too then wont the product from those vendors still be trusted with cloud checkup?
Of course. They will be trusted with cloud checkup.
You remove vendors on local TVL because you intend to never install applications from those vendors.
CIS will check the local TVL 1st, then the cloud TVL 2nd. CIS also detects installers and compares digital signature to cloud. The CIS algorithm to detect installers doesn't always recognize installers - so sometimes they are not treated as trusted even if they are in cloud TVL.
At least that is my understanding and the way it has always worked on my system.
Last edited by a moderator:
Why the file will be autosandboxed for the removed vendors?
Wont the file be checked with cloud on run & vendor be found on cloud TVL?
I personally think customizing the local TVL is a waste of time since there is no clear infos on how it works under all circumstances.
Not always, do you mean sometimes file is correctly trusted as found in cloud TVL? I say correctly trusted coz this is the way it should work if cloud has full TVL i.e local TVL too, right?
Sometimes digitally signed files by a vendor in cloud TVL are not treated as Trusted and vendor is not added to local TVL.
It has been reported for a long while by now.
For example, some Windows files will not be treated as Trusted, even though digitally signed by Microsoft (even with Microsoft in local TVL).
There are various bugs that affect TVL.
- Status
