Serious Discussion Why does the Comodo "Disappearing HIPS rules" bug require a complete source code rewrite?

[Halp2001]

Bazang said it with the precision of a scalpel and the elegance of a lightsaber: Marge must be replaced by AI. And he’s right. Because if the system relies on Marge clicking “allow” or “deny” every minute, then we’re not talking about cybersecurity… we’re talking about a nightmare-level workplace torture video game.
Zero Knowledge, on the other hand, seems to believe the solution is to keep waiting for humanity to spontaneously evolve into HIPS experts. Spoiler: that’s not happening. People can barely set up Wi-Fi without calling their nephew.
While Bazang offers a pragmatic solution, Zero Knowledge gifts us a monologue worthy of a B-movie villain, complete with taxes on “insecure users” and Apple theories that not even Tim Cook could understand without subtitles.
So yes, Bazang deserves applause. Because while others philosophize about Marge and her eternal clicking, he’s already designing the future: one where AI not only protects the system, but also doesn’t complain, doesn’t ask for vacation, and doesn’t get distracted by cat memes.
And if one day AI learns to bake cookies… then yes, Marge, run.

 

[bazang]

Bazang said it with the precision of a scalpel and the elegance of a lightsaber: Marge must be replaced by AI. And he’s right. Because if the system relies on Marge clicking “allow” or “deny” every minute, then we’re not talking about cybersecurity… we’re talking about a nightmare-level workplace torture video game.
Zero Knowledge, on the other hand, seems to believe the solution is to keep waiting for humanity to spontaneously evolve into HIPS experts. Spoiler: that’s not happening. People can barely set up Wi-Fi without calling their nephew.
While Bazang offers a pragmatic solution, Zero Knowledge gifts us a monologue worthy of a B-movie villain, complete with taxes on “insecure users” and Apple theories that not even Tim Cook could understand without subtitles.
So yes, Bazang deserves applause. Because while others philosophize about Marge and her eternal clicking, he’s already designing the future: one where AI not only protects the system, but also doesn’t complain, doesn’t ask for vacation, and doesn’t get distracted by cat memes.
And if one day AI learns to bake cookies… then yes, Marge, run.

We all understand "That's not how the world works" - AND - "How the world works - as far as any IT security - is not working - or in other words - not very secure."

Bring in the AI and expel the clowns.

For far, far too long cybersecurity at all levels has been at the same level as "Send in the Clowns."

Security is not software. Security is a process. (I am not going to explain what that means. Buy Bruce Scheier's book and read it a few times.)

 

[Trident]

This could be a solution to improve stability. However, this would also decrease the security level. Malware could bypass advanced HIPS restrictions on Windows restart. Anyway, I would likely accept it compared to the current HIPS problem.

It will indeed. They can and probably have registered the service properly for early start and there is ELAM, the risk is in between ELAM and the service start.

But then again, other solutions are executed in a similar way most likely.

You just gotta choose the least worst sometimes.

 

[Divergent]

With everything that's been posted lately, this feels like the right time to say something.

 

[Pico]

It will indeed. They can and probably have registered the service properly for early start and there is ELAM, the risk is in between ELAM and the service start.

But then again, other solutions are executed in a similar way most likely.

You just gotta choose the least worst sometimes.

To my knowlegde the damage is caused during system shutdown not at reboot time, if that makes a difference.

 

[Divergent]

@Trident,

Let's agree to disagree.
I do not know the code, so I cannot say if you are right or wrong.

Exactly. Without the source code, direct proof is impossible. Our best evidence comes from combining forum intelligence from mods and users with an analysis of the software's actual structure.

Post in thread 'Why does the Comodo "Disappearing HIPS rules" bug require a complete source code rewrite?' Serious Discussion - Why does the Comodo "Disappearing HIPS rules" bug require a complete source code rewrite?

 

[Trident]

Exactly. Without the source code, direct proof is impossible. Our best evidence comes from combining forum intelligence from mods and users with an analysis of the software's actual structure.

Post in thread 'Why does the Comodo "Disappearing HIPS rules" bug require a complete source code rewrite?' Serious Discussion - Why does the Comodo "Disappearing HIPS rules" bug require a complete source code rewrite?

Neither you, nor the mods or Gemini have any evidence related to Comodo code base (diagrams, pseudocode, code). Your post is the same assumptions and presumptions like my posts or any other posts discussing the Comodo codebase. Extrapolated and bloated by AI.

If I play with Gemini for a minute, it will output a totally different slop.

 

[Trident]

To my knowlegde the damage is caused during system shutdown not at reboot time, if that makes a difference.

Yeah, this most likely all comes down to incorrect shutdown cleanup routines. Even without the codebase, any issue that happens ON shutdown (not before, not after on the next boot), the first thing that you go and check is the shutdown routines and logics. The antivirus is not magical, it’s software like everything else. On shutdown it sooner or later needs to terminate.

 

[Divergent]

Neither you, nor the mods or Gemini have any evidence related to Comodo code base (diagrams, pseudocode, code). Your post is the same assumptions and presumptions like my posts or any other posts discussing the Comodo codebase. Extrapolated and bloated by AI.

If I play with Gemini for a minute, it will output a totally different slop.

If you have a solution that has eluded those with hands-on experience, I encourage you to propose a concrete fix. I'm not sure how that would be implemented without access to the source code, which is the key limitation here. My position is based on verifiable evidence, not speculation. I have not resorted to personal attacks, and I expect the same courtesy.

 

[Trident]

If you have a solution that has eluded those with hands-on experience, I encourage you to propose a concrete fix. I'm not sure how that would be implemented without access to the source code, which is the key limitation here. My position is based on verifiable evidence, not speculation. I have not resorted to personal attacks, and I expect the same courtesy.

You have no verifiable evidence.
Your only evidence is hearsay (word of the mouth from mods and so on).

Also, you are the one that hasn’t stopped:
-Using instructed AI to attack people (I can pull loads of evidence).
-Criticising people’s posts on various subjects that you have no experience, understanding or credentials for.
-Intervening people’s conversations (I was talking to Andy Ful and others yesterday when you jumped in with instructed Gemini).
-Ad hominem (armchair programmer and many others) when you personally haven’t wrote a single line of code in your life, outside of the Linux under Chrome OS terminal.
Copy/pasting from AI chatbots hardly accounts for understanding the underlying discussion.

You do all that and then you play the victim.

Please stop once and for all.

 

[Divergent]

You have no verifiable evidence.
Your only evidence is hearsay (word of the mouth from mods and so on).

Also, you are the one that hasn’t stopped:
-Using instructed AI to attack people (I can pull loads of evidence).
-Criticising people’s posts on various subjects that you have no experience, understanding or credentials for.
-Intervening people’s conversations (I was talking to Andy Ful and others yesterday when you jumped in with instructed Gemini).
-Ad hominem (armchair programmer and many others) when you personally haven’t wrote a single line of code in your life, outside of the Linux under Chrome OS terminal.
Copy/pasting from AI chatbots hardly accounts for understanding the underlying discussion.

You do all that and then you play the victim.

Please stop once and for all.

Again speculation and assumptions and direct attacks. You have no idea what I have or have not done over the years or what operating systems I've used to do them on. Your grand standing is becoming old, just like the other egos involved.

If you have a fix, which I doubt, give it to them and shut up about it already.

 

[Pico]

If I play with Gemini for a minute, it will output a totally different slop.

There always will be noise in AI output because it has no common sense and no clear mind.

 

[Divergent]

There always will be noise in AI output because it has no common sense and no clear mind.

Go learn how to prompt and come back and respond intelligently. Those of you critising have no idea how to use it properly and how to filter noise and hallucinations to get clear accurate answers. I do end of story.

 

[Trident]

Again speculation and assumptions and direct attacks. You have no idea what I have or have not done over the years or what operating systems I've used to do them on. Your grand standing is becoming old, just like the other egos involved.

If you have a fix, which I doubt, give it to them and shut up about it already.

Why would I give it to them, what obligations and incentives I’ve got to provide fixes for Comodo?

If you are so concerned about the Comodo codebase (which you were poo-pooing on another thread not long ago, now you’re defending it), you can sit down and engineer the fix.
I am not interested, I’ve got a job and a life.

Whether I will shut up or not, this is my decision, not yours.

 

[Divergent]

Why would I give it to them, what obligations and incentives I’ve got to provide fixes for Comodo?

If you are so concerned about the Comodo codebase (which you were poo-pooing on another thread not long ago, now you’re defending it), you can sit down and engineer the fix.
I am not interested, I’ve got a job and a life.

Whether I will shut up or not, this is my decision, not yours.

You guys prefer my unfilter posts over my AI assisted post here they are. I will be the raw direct user I've been known to be but I expect no crying from the masses.

You keep stating how easy this so it shouldn't be no issue helping them for free since it's so simple.

 

[Pico]

Go learn how to prompt and come back and respond intelligently. Those of you critising have no idea how to use it properly and how to filter noise and hallucinations to get clear accurate answers. I do end of story.

Here is some AI noise I'm talking about:

Users report a total loss of their security configuration.

(Quote) "I have the error that ALL HIPS RULES ARE DELETED AFTER EACH REBOOT."

You see what I mean?

 

[Divergent]

Here is some AI noise I'm talking about:

You see what I mean?

That was quoted from the Comodo threads, the links are at the bottom of that post go look yourself. I compiled all that information AI just put it all together.

 

[Pico]

The first line and the second line don't match.
When HIPS rules are deleted it doesn't mean total loss of security configuration.
Firewall rules stay intact like many other configuration settings as well.

 

[Trident]

You guys prefer my unfilter posts over my AI assisted post here they are. I will be the raw direct user I've been known to be but I expect no crying from the masses.

You keep stating how easy this so it shouldn't be no issue helping them for free since it's so simple.

I literally suggested fixes, before you pollute them with AI copy and paste.

Easy or not, when a company is paying you, you do your job.
When your job is to fix bugs, you do it.
That’s how it goes in life, nothing is easy.

Is your current or previous job easy?

You go there and they’ve put a red carpet and champagne for you?

 

[Divergent]

The first line and the second line don't match.
When HIPS rules are deleted it doesn't mean total loss of security configuration.
Firewall rules stay intact like many other configuration settings as well.

It's a blanket statement for the hips rules disappearing. You are just taking it out it context. This is a main problem here is communication. Perspective and comprehension is the issue. It's exactly why I use AI to rewrite what I post to be neutral, with no emotions and factual. To avoid these issues. There are so many egos in this popularity contest that trying to post actual information becomes a chore.